1 / 13

Baseline Expectations for Trust in Federation

Baseline Expectations for Trust in Federation. Nicole Harris, Brook Schofield, Tom Barton and all of you!. Outline. Background - Tom Why, what, when Sharpening the value of federation: FIM4Rv2 Collaboration-ready pyramid. Discussion topics - Nicole & Brook

wendybecker
Download Presentation

Baseline Expectations for Trust in Federation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Baseline Expectations for Trust in Federation Nicole Harris, Brook Schofield, Tom Barton and all of you!

  2. Outline Background - Tom • Why, what, when • Sharpening the value of federation: FIM4Rv2 • Collaboration-ready pyramid Discussion topics - Nicole & Brook • What should a global baseline be? • How close are the various federations to being there? • What federation-specific circumstances help or hinder achieving that baseline? • More, time permitting...

  3. Why a Baseline? What trust do we need to have in Federation? When we rely on Federation, we are partnering with other organizations to do something for us that we would otherwise do for ourselves or forgo altogether. And mostly the latter: Federation makes possible the integration of resources, services, and users across the globe into the myriad ways that the R&E mission is undertaken.1 The most needed things need to be ubiquitous. [1] Baseline Expectations for Trust in Federation

  4. Much input over 2015-16 to arrive at: For Identity Providers • The IdP is operated with organizational-level authority • The IdP is trusted enough to be used to access the organization’s own systems • Generally-accepted security practices are applied to the IdP • Federation metadata is accurate, complete, and includes site technical, admin, and security contacts, MDUI information, and privacy policy URL

  5. For Service Providers • Controls are in place to reasonably secure information and maintain user privacy • Information received from IdPs is not shared with third parties without permission and is stored only when necessary for SP’s purpose • Generally-accepted security practices are applied to the SP • Federation metadata is accurate, complete, and includes site technical, admin, and security contacts, MDUI information, and privacy policy URL • Unless governed by an applicable contract, attributes required to obtain service are appropriate and made known publicly

  6. and for Federation Operators • Focus on trustworthiness of their Federation as a primary objective and be transparent about such efforts • Generally-accepted security practices are applied to the Federation’s operational systems • Good practices are followed to ensure accuracy and authenticity of metadata to enable secure and trustworthy federated transactions • Frameworks that improve trustworthy use of Federation, such as entity categories, are implemented and adoption by Members is promoted • Work with relevant Federation Operators to promote realization of baseline expectations

  7. How federation enables academic collaboration Federated Identity Management for Research, version 21 40 authors, 20 research communities, 18 months [1] https://doi.org/10.5281/zenodo.1296031

  8. Get collaboration ready Service Providers implement Protect collaboration resources Reduce risk Support high value resources Standard MFA request/response Identity assurance info Identity Providers implement Release “Research & Scholarship” attributes Enable basic collaboration Basic security Accurate & complete metadata for good user experience Everybody implements

  9. Discussion #1 The Baseline concept is based on the belief that to improve and sustain the value of R&E Federation for academic collaboration, some of its characteristics must be ubiquitous. What do REFEDSians think that set of characteristics is, that over time all R&E Federations should aim to make ubiquitous? Does the collaboration ready pyramid represent the right level at which a global Baseline should ultimately be set?

  10. Discussion #2 How do each of the R&E Federations represented in the room compare with respect to each level in the pyramid? What federation-specific circumstances help or hinder achievement of the pyramid’s levels? What federation-specific approaches might be used to implement and maintain a baseline?

  11. Discussion #3 Some parts of the pyramid are only technically implementable on certain federating software, yet many federation members will need to operate different federating technologies. How can each federation, or all federations together, address this common need of their members?

  12. Discussion #4 Should a Baseline approach eventually become a requirement of participation in eduGAIN? For an entire federation? For each entity?

  13. Discussion #5 How can each entity be trusted to meet the baseline? How can we measure progress towards a global baseline?

More Related