eduPersonAffiliation semantics – a spin-off of eduGAIN policy

Slides:

Advertisements

Similar presentations

Innovation through participation eduGAIN as a service (T3) in Multi-Domain User Applications (SA3) Valter Nordh, NORDUnet / GU NORDUnet conference, Köpenhamn,

Advertisements

Orphan works and the cultural sector. A governmental organisation perspective Rossella Caffo Ministero per i Beni e le Attività Culturali – Italy Coordinator.

All About Attributes (in federated identity) Nate Klingenstein 30 January 2007 OGF 19 Chapel Hill.

Building metadata components Dieter Van Uytvanck Max Planck Institute for Psycholinguistics CLARIN-NL Info Session Nijmegen

Innovation through participation Data Protection Code of Conduct (DP CoC) REFEDS Helsinki Mikael Linden, CSC – IT Center for Science

CLARIN AAI, Web Services Security Requirements

Innovation through participation GÉANT Data Protection Code of Conduct (DP CoC) FIM for research collaboration workshop Mikael Linden,

EduPerson and Federated K-12 Activities InCommon/Quilts Pilot Group February 27, 2014 Keith Hazelton UW-Madison, InCommon/I2.

Innovation through participation Attributes Release Working Group European data protection directive REFEDS meeting 22th Apr, 2012

CLARIN and the DSA Paul Trilsbeek The Language Archive Max Planck Institute for Psycholinguistics.

Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI TF, AAI workshop 19 Sep 2012.

Kalmar Union Mikael Linden CSC, the Finnish IT Center for Science.

Innovation through participation eduGAIN federation operator training eduGAIN policy eduGAIN training in Vienna Oct 2011

EduGAIN Code of Conduct Workshop, , Brussels GEANT eduGAIN Data Protection "Code of Conduct" Workshop Dieter Van Uytvanck

CASE: Haka federation EuroCAMP, 3-5 April, 2006 CSC, the Finnish IT Center for Science

The Language Archive – Max Planck Institute for Psycholinguistics Nijmegen, The Netherlands Increasing the usage of endangered language archives in the.

Innovation through participation Interfederation through eduGAIN - steps and challenges eduGAIN interfederation service Federated Identity Systems.

The ReFEDS/GÉANT Code of Conduct (CoC) An Approach to Compliance with the EU Data Protection Directive Steve Carmody April 23, 2012.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

CMDI Component Registry Patrick Duin Max Planck Institute for Psycholinguistics 2011.

CLARIN Infrastructure Vision (and some real needs) Daan Broeder CLARIN EU/NL Max-Planck Institute for Psycholinguistics.

Copyright JNT Association TNC2010, 1 st June Attribute Harmonisation: Is it Possible? Andrew Cormack Chief Regulatory Adviser, JANET(UK)

FIM, , Nijmegen CLARIN: status of FIM Dieter Van Uytvanck 1.

Authentication and Authorization Overview Kimmo Koskenniemi, Antti Arppe, Mikael Lindén University of Helsinki, CSC – IT Centre for Science Consortium.

Kalmar Union, a Conferedation of Nordic Identity Federations TNC2009 Mikael Linden, CSC Andreas Solberg, UNINETT.

Towards Interconnecting the Nordic Identity Federations TNC2007 Walter M Tveter, UiO Mikael Linden, CSC/HAKA Ingrid Melve, Uninett/Feide.

Campus Identity Management Requirements (=IAP) REFEDs meeting Mikael Linden,

19 May 2003, TERENA, Zagreb Civilizing eduPerson Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Chair, MACE-Dir Working Group Keith Hazelton,

Schac attributes and common vocabularies TF-EMC Mikael Linden CSC, the Finnish IT Center for Science.

Kalmar Union lessons: Findings in federation harmonisation REFEDS Mikael Linden, CSC.

Federations round table Haka federation of Finland EuroCAMP Mikael Linden CSC, the Finnish IT Center for Science.

INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.

Innovation through participation eduGAIN interfederation service for research and education Cern FedID workshop in RAL, UK 2-3 Nov 2011 Mikael Linden,

Innovation through participation eduGAIN policy: A worm report TF-EMC2 Vienna Mikael Linden, CSC The worm farmer.

AuEduPerson Schema Schema Derived from: - eduPerson - person [RFC 4517, RFC 4519] - organizationalPerson [RFC 4517, RFC 4519] - inetOrgPerson [RFC 2798]

Federations, the Data Protection Directive and WP29 TF-EMC2 Mikael Linden, CSC, the Finnish IT Center for Science.

Networks ∙ Services ∙ People Nicole Harris, GÉANT GN4 Project Update “SA5”, or Identity Stuff Internet2 Technology Exchange 2015.

Authentication and Authorisation for Research and Collaboration Mikael Linden AARC all hands Milan Authentication and Authorisation.

Authorization and Authentication Infrastructure Daan Broeder & Dieter Van Uytvanck Max Planck Institute for Psycholinguistics

Authentication and Authorisation for Research and Collaboration Milan, Italy Training and Outreach Authentication and Authorisation.

Clain update TF-EMC Mikael Linden, CSC.

Networks ∙ Services ∙ People Daniela Pöhn REFEDS EWTI, Vienna IdPs and Federations Service Aspects of Assurance SA5T1.

Innovation through participation EduGAIN policy (working draft) Status update REFEDs 30th May 2010

Growth. Interfederation PKI is globally scalable Unfortunately, its not locally deployable… Federation is locally deployable Can it.

Innovation through participation Expectations on eduGAIN and next steps Valter Nordh, NORDUnet / GU 1.

May I introduce you to eduPerson? Keith Hazelton Sr. IT Architect, UW-Madison TNC 2001, Antalya, Turkey, 15-May-2001.

AAI needs of the Distributed Computing Infrastructures - CLARIN Dieter Van Uytvanck Max Planck Institute for Psycholinguistics

A symbol of trust CLOVER 4-H THE. LET’S BE HONEST We Lo e the 4-H Clover.

Designing Identity Federation Policy, the right way Marina Vermezović, Academic Network of Serbia TNC2013 conference 4 May 2013.

Innovation through participation Data Protection Code of Conduct (DP CoC) TNC2013 conference, 4 June 2013 Mikael Linden, CSC – IT Center for Science

Obtain and review client feedback. Creating evaluation or feedback tools Importance of client feedback  The use of client feedback is very useful to.

Releasing Attributes for Science!

Cross-sector and user-centric AAI

Chief Regulatory Adviser, JANET(UK)

GÉANT Data Protection Code of Conduct (CoCo)

TF-EMC2 - eduGAIN update

AAI Alignment Nicolas Liampotis (based on the work of Mikael Linden)

e-Infrastructure Workshop 28th March 2006, University of Leeds

GÉANT 4-2 JRA3 T1 Something with Federations and Campus VC

CLARIN Federated Identity Vision

Harvard ManageMentor®

GakuNin: Federated Identity Management Activities in Japan

AARC2 JRA1 Nicolas Liampotis

Minimal Level of Assurance (LoA)

The French federation Eurocamp 2007 Helsinki

University Computing Centre - Srce

Federated Identity and Data Protection Law

GEANT Data protection Code of Conduct 2.0 REFEDS meeting 16 June 2019

REFEDS Assurance Suite

Presentation transcript:

eduPersonAffiliation semantics – a spin-off of eduGAIN policy REFEDs 30.5.2010 Mikael Linden

The problem (or is it one?) eduPerson spec is not very specific on eduPerson(Scoped)Affiliation semantics Federations have made (some) incompatible interpretations Especially ”employee” and ”staff” presented in REFEDs in Rome another by Andrew on Tuesday @2 pm

Do we need ePA at all? Case CLARIN From: Dieter Van Uytvanck [mailto:dieter.vanuytvanck@mpi.nl] Sent: 28. May 2010 18:22 To: Mikael Linden We discussed this extensively, also with the CLARIN WP7 (legal issues, licenses). It turned out that unless at certain point we have full certainty about the reliability and availability of the eduPersonAffiliation (or a variant of that) attribute it does not make sense to use it within CLARIN. So if eduGAIN could ensure the existance and the correctness of such an attribute in all IdPs we would like to use it. best regards, -- Dieter Van Uytvanck Max Planck Institute for Psycholinguistics, Nijmegen, the Netherlands

Could the semantics vary federation-by-federation? SP admin would need to adopt to the semantics that depend on the federation/IdP SP admin needs to learn the different interpretations But SP admin is not necessarily a federation geek interested in studying the differences of (European) federations => makes threshold higher for SPs to get confederated We should try to make eduGAIN easy for SPs

So, what is our plan? http://doodle.com/me2xgh4ctgrypbg7 Don't harmonise (Leaves burden on SP side) Don't harmonise, but obligate federations to document their ePA semantics on web (burden on SP side) Publish RECOMMENDED ePA semantics and obligate federations to document in web how they differ from it (burden on SP side) Introduce a new attribute with well-defined semantics and make it RECOMMENDED (burden on IdP side) Introduce well-defined semantics for ePA and ask IdPs to migrate to it (burden on IdP side) As the previous one, but declare "staff" and "employee" to be unreliable and discourage their use 1 7 19 8

Summary Q A 1. Is this a problem? Seems it is (CLARIN) 2. Do we need to fix it? If we do, we should do it now when eduGAIN is to be rolled out. 3. Can semantics vary fed-by-fed? Maybe, but makes eduGAIN difficult for SPs 4. What to do, then? Introduce a new attribute (doodle poll) 5. To which schema? Good question. Schac? Or is MACE-dir willing to change eduPerson? 6. What is the new well-defined semantics, then? Probably need to go the long way and ask at first what values we need. For instance, is it necessary do make a difference between staff and faculty?