10/25/2015 AEB/Yleisesittely Organising Federated Identity in Finnish Higher Education TNC2005 Mikael Linden June 8th, 2005.

Slides:



Advertisements
Similar presentations
Federation management A mess? Nordunet Conference Mikael Linden CSC, the Finnish IT Center for Science.
Advertisements

DATA PROTECTION and Research University Research Ethics Committee – David Cauchi David Cauchi Office of the Commissioner for Data Protection.
Reshaping Digital Library Services at National Level – Why, How, When? Kristiina Hormia-Poutanen, Director of Library Network Services, Finland Liber annual.
CLARIN AAI, Web Services Security Requirements
Protection of privacy for all Students!
Innovation through participation Attributes Release Working Group European data protection directive REFEDS meeting 22th Apr, 2012
Resource Entitlement Management System Manne Miettinen Mikael Linden Janne Lauros CSC – IT Center for Science.
Data Protection.
Copyright JNT Association Federated Identity and Data Protection Law Andrew Cormack, Eva Kassenaar, Mikael Linden, Walter Martin Tveter.
DATA PROTECTION and Research University Research Ethics Committee – David Cauchi Office of the Data Protection Commissioner.
What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.
5/25/2015 AEB/Yleisesittely Roaming network access using Shibboleth in University of Helsinki Fall 2004 Internet2 Member Meeting 29th of September, 2004.
New organisational perspectives in 'library business' in the future – case study Finland Kristiina Hormia-Poutanen National Library of Finland.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
Kalmar Union Mikael Linden CSC, the Finnish IT Center for Science.
UCLA’s Shibboleth Plan Shibboleth is an integral part of UCLA’s Enterprise Directory & Identity Management Infrastructure (EDIMI) Project Integrate with.
Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.
FERPA 2008 New regulations enact updates from over a decade of interpretations.
1 FERPA and Student Privacy in Records of University Research ECURE March 1, 2005 Richard Rainsberger, Ph.D. Consultant, Education Records Law and Privacy.
REFEDS RESEARCH AND EDUCATION (R&S) ENTITY CATEGORY NICOLE HARRIS.
Data Protection Overview
SWITCHaai Team Federated Identity Management.
AAI with simpleSAMLphp
Australian Access Federation Robert Hazeltine Identity and Access Management Enterprise Systems Office.
CASE: Haka federation EuroCAMP, 3-5 April, 2006 CSC, the Finnish IT Center for Science
The ReFEDS/GÉANT Code of Conduct (CoC) An Approach to Compliance with the EU Data Protection Directive Steve Carmody April 23, 2012.
The Data Protection Act 1998 The Eight Principles.
CLARIN Infrastructure Vision (and some real needs) Daan Broeder CLARIN EU/NL Max-Planck Institute for Psycholinguistics.
FERPA: What you Need to Know The Family Educational Rights and Privacy Act & SEI.
Update Finland TF-EMC Mikael Linden CSC, the Finnish IT Center for Science.
HAKA project HAKA User administration inside Finnish Higher Education Institutes results from the KATO project Barbro Sjöblom EDS 2003 Uppsala.
Shibboleth in Finnish Higher Education Organisations E-ICOLC 2005 Poznan, Poland.
Supporting Are we ready? REFEDS, Oct 2013 Ann Harding
Kalmar Union, a Conferedation of Nordic Identity Federations TNC2009 Mikael Linden, CSC Andreas Solberg, UNINETT.
European Life Sciences Infrastructure for Biological Information Life science community update for the 7 th Federated Identity Management.
Towards Interconnecting the Nordic Identity Federations TNC2007 Walter M Tveter, UiO Mikael Linden, CSC/HAKA Ingrid Melve, Uninett/Feide.
WHOIS data The EU legal principles ICANN - GNSO meeting 2 March 2004 George Papapavlou, European Commission ICANN - GNSO meeting 2 March 2004 George Papapavlou,
The Data Protection Act What Data is Held on Individuals? By institutions: –Criminal information, –Educational information; –Medical Information;
The Framework for Privacy Policies in the UK: Is telling people what information is gathered about them part of the framework? Does it need to be? Emma.
Kristiina Hormia-Poutanen Head of National Electronic Library Services (FinELib) National Electronic Library programme and the digital research and study.
Campus Identity Management Requirements (=IAP) REFEDs meeting Mikael Linden,
Kalmar Union lessons: Findings in federation harmonisation REFEDS Mikael Linden, CSC.
Categorization Recommendations for Implementing the E-Gov Act of 2002 Richard Huffine U.S. Environmental Protection Agency Co-chair, Categorization Working.
11/9/2015 AEB/Yleisesittely Utilising City Card on the Campus TNC 2004, Rhodes 7th of June, 2004 Mikael Linden, Petteri Jekunen,
Library Network Services Twin cities Kristiina Hormia-Poutanen National Library of Finland.
Federations round table Haka federation of Finland EuroCAMP Mikael Linden CSC, the Finnish IT Center for Science.
PROTECTION OF PERSONAL DATA. OECD GUIDELINES: BASIC PRINCIPLES OF NATIONAL APPLICATION Collection Limitation Principle There should be limits to the collection.
Innovation through participation eduGAIN policy: A worm report TF-EMC2 Vienna Mikael Linden, CSC The worm farmer.
Federations, the Data Protection Directive and WP29 TF-EMC2 Mikael Linden, CSC, the Finnish IT Center for Science.
Refeds update TF-EMC2 Utrecht 3-Dec 2008 Mikael Linden CSC – the Finnish IT Center for Science.
Haka federation status  24 institutions and IdPs end users 96% coverage in universities, 41% in polytechnics  41 services Elearning Libraries.
/ 8 FEIDHE Electronic Identification in Finnish Higher Education Janne Kanner FEIDHE Electronic Identification in Finnish Higher Education.
Clain update TF-EMC Mikael Linden, CSC.
Licensing in a European Perspective - case Finnish National Consortium ELAG 2001, Prague Kristiina Hormia-Poutanen.
Innovation through participation EduGAIN policy (working draft) Status update REFEDs 30th May 2010
DATA PROTECTION ACT INTRODUCTION The Data Protection Act 1998 came into force on the 1 st March It is more far reaching than its predecessor,
Networks ∙ Services ∙ People Nicole Harris UK federation meeting eduGAIN, REFEDS and the UK 23 June 2015 Project Development Officer GÉANT.
Data protection—training materials [Name and details of speaker]
AAI needs of the Distributed Computing Infrastructures - CLARIN Dieter Van Uytvanck Max Planck Institute for Psycholinguistics
6/12/2016 AEB/Yleisesittely WLAN roaming experiences using Shibboleth TNC 2004, Rhodes 7th of June, 2004 Mikael Linden, Viljo Viitanen,
Clark Holt Limited (Co. No ), Hardwick House, Prospect Place, Swindon, SN1 3LJ Authorised and regulated by the Solicitors Regulation.
ORCID consortium in Finland Hanna-Mari Puuska orcid.org/ April 22nd, 2016.
Innovation through participation Data Protection Code of Conduct (DP CoC) TNC2013 conference, 4 June 2013 Mikael Linden, CSC – IT Center for Science
John O’Keefe Director of Academic Technology & Network Services
Obligations of Educational Agencies: Parents’ Bill of Rights
Data Protection The Current Regime
CSC, the Finnish IT Center for Science
Shibboleth in Switzerland
Federated Identity and Data Protection Law
GEANT Data protection Code of Conduct 2.0 REFEDS meeting 16 June 2019
Presentation transcript:

10/25/2015 AEB/Yleisesittely Organising Federated Identity in Finnish Higher Education TNC2005 Mikael Linden June 8th, 2005

10/25/2015 AEB/Yleisesittely Outline Status of the Federation Organisation of the Federation Data protection directive and how it is followed in Haka Quality of institutional identity management

10/25/2015 AEB/Yleisesittely Background The Finnish higher education 20 universities, 29 polytechnics (all are public institutions) students, employees CSC, the Finnish IT Center for Science Non-profit company owned by the ministry of education Mission: centralised IT infrastructure for higher education –Funet network, high performance computing CSC and user administration –Users and services are in higher education institutions (HEI) –Role of CSC: coordinate and support HEIs

10/25/2015 AEB/Yleisesittely Status of the Haka Federation pilot federation operational 12/2003 –5 IdPs, 7 SPs production level federation 5/2005 –Federation agreement was drafted last winter –First five institutions have signed the federation agreement –Federation agreement in English:

10/25/2015 AEB/Yleisesittely Service Providers Libraries –national library portal Nelli (Ex Libris: Metalib) –under work: library management system (Endeavour: Voyager) –shown interest: content providers (Elsevier) eLearning –learning management systems (Moodle, WebCT, others…) –service for applying as a visiting student in another university National Services –under work: Academy of Finland: applying for research funding –shown interest: student health service foundation ASP in the administration of the universities –shown interest: Electronic circulation of invoices and travel expense reports

10/25/2015 AEB/Yleisesittely Outline Status of the Federation Organisation of the Federation Data protection directive and how it is followed in Haka Quality of institutional identity management

10/25/2015 AEB/Yleisesittely Federation Organisation of a federation Alternative 1: Federation as a consortium HEI1 HEI5 HEI2 HEI3 HEI7 HEI6 HEI4 A federation as a consortium that outsources operations of the AAI to some external organisation(s). CSC (operator) Outsourcing

10/25/2015 AEB/Yleisesittely Federation Organisation of a federation Alternative 2: Federation as a service HEI1 HEI5 HEI2 HEI7HEI3 HEI8 HEI6 HEI4 CSC (operator) A federation as a service provided by an operator. The way chosen by InCommon, SWITCHaai and Haka.

10/25/2015 AEB/Yleisesittely Organisation of the Haka infrastructure is similar to SWITCHaai Federation partners Operator Federation members CSC – scientific computing ltd Central AAI services IdPPalvelu IdPPalvelu IdPSP Advisory comm.Operations comm.

10/25/2015 AEB/Yleisesittely Outline Status of the Federation Organisation of the Federation Data protection directive and how it is followed in Haka Quality of institutional identity management

10/25/2015 AEB/Yleisesittely Data protection directive Definitions (Article 2) Personal data: any information relating to an identified or identifiable natural person Personal data: ”he is Bob Smith” Not personal data: ”he is a medicine student” Processing of personal data: any operation on personal data, such as collection, storage, retrieval, dissemination etc… for an Identity Provider, release of attributes is processing of personal data… for an Service Provider, collecting attributes can be processing of personal data…

10/25/2015 AEB/Yleisesittely Data protection directive Requirement 1: Which SPs may join the federation Article 6: Personal data must be collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes. Purpose for processing personal data in HEIs: roughly ”To support research and education” Release of personal data to a Service Provider shall not be incompatible with the purpose  IdPs may release personal data only to SPs who are processing data ”to support research and education” Haka: only Service Providers that are supporting research and education are accepted to the federation

10/25/2015 AEB/Yleisesittely Data protection directive Requirement 2: What attributes may be released Article 6: Personal data must be adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed. only relevant attributes may be released from IdP to SPs both IdP and SP have to consider, what are actually the relevant attributes from the service point of view Haka: administrational contact person of the federation member checks a new SP and the relevance of the attributes claimed before CSC adds the SP to the federation metadata. CSC maintains and distributes Site ARPs to IdPs.

10/25/2015 AEB/Yleisesittely Data protection directive Requirement 3: User consent Article 7: Personal data may be processed only if a) the data subject has unambiguously given his consent; or b) processing is necessary for the performance of a contract to which the data subject is party… etc… Article 11: Where the data have not been obtained from the data subject, … controller or his representative must at the time of undertaking the recording of personal data or if a disclosure to a third party is envisaged, no later than the time when the data are first disclosed provide the data subject with at least the following information... Haka: Finnish data protection ombudsman: – Always ask user consent before first attribute release (Article 7) – When you do that, the user will be informed (Article 11)

10/25/2015 AEB/Yleisesittely Outline Status of the Federation Organisation of the Federation Data protection directive and how it is followed in Haka Quality of institutional identity management

10/25/2015 AEB/Yleisesittely Institutional idenitity management as a requirement Can’t do inter-institutional identity management if intra-institutional IdM is not taken care of properly! –Many institutions have problems with data quality in the institutional enterprise directory –Reason: links between student registy, HR registry and the directory are missing SPs expect that the attributes released are of high quality Haka: having up-to-date data in the enterprise directory is a requirement for an IdP joining the federation –Self-audit for IdPs joining the federation –Based on the self-audit, operator makes the decision

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.