1 / 7

List of Docs

The Policy Side of Federations Kenneth J. Klingenstein and David L. Wasley Tuesday, June 29, 2004 - CAMP Shibboleth Implementation Workshop. List of Docs. Membership guidelines and pricing Application to join federation, which, if approved, results in a

loissalazar
Download Presentation

List of Docs

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Policy Side of FederationsKenneth J. Klingenstein and David L. WasleyTuesday, June 29, 2004 - CAMP Shibboleth Implementation Workshop

  2. List of Docs • Membership guidelines and pricing • Application to join federation, which, if approved, results in a • Participation agreement, which the participant institution signs with the federation operator, based somewhat on the participant reading the • Federation operational practices statement, which describes for I/A/Metadata mgt of the federated operator • List of federated attributes • (List of common uses of various trust levels) • Participant operational practices statement • Privacy??

  3. Federation Operational Practices • Technical Aspects • How the CA is operated (InCommon CPS) • How the metadata is assembled and signed • How the identity proofing of the participant enterprise is done and credentials delivered • Policy Aspects • Dispute resolution

  4. Participant Operational Practices • Different for credential providers (origins) than for resource providers (targets?) • On-campus versus off-campus trust • Requirements for tight language, audit, etc. unknown • Actual use unknown • Scalability will require another approach…

  5. Participant Operational Practices • Participant community served and baseline “member” • Authentication Policies and Practices • Attribute Assertions • Privacy • Technical standards

  6. POP authentication details • Identification • Office of record • Method of identity proofing • Reuse of netids • Authentication technologies • WebISO key issues • Timeouts • Logouts – user initiated; global or local • Kiosks

  7. Privacy statements • Two cases: • Attributes associated with identity • Attributes unassociated with identity • “Three or less” rule of thumb • EU privacy laws • Attributes tagged with appropriate use

More Related