REFEDS Overview

549 views

Published on

Presentation to REFEDS Bof at APAN33 by Licia Florio

Published in: Technology
  • Be the first to comment

  • Be the first to like this

REFEDS Overview

  1. 1. The$(inter)Federa.on$Business$Licia Florio, TERENAflorio@terena.orgAPAN, Chang Mai16 Feb 2012
  2. 2. Background!  R&E community engaged in identity federations for years: "  Remote eLearning "  Access to publishers "  Sharing of resources!  Growth brings also issues: "  As you will see….
  3. 3. FederationsFEDERATIONS…WEREN’T THEY TALKING NAH HERE THEY MEAN AABOUT THIS ALREADY FORM OF GOVERNANCE !IN STAR TREK * ?*!h$p://en.wikipedia.org/wiki/United_Federa7on_of_Planets!
  4. 4. MAYBE WE SHOULDREVIEW SOME TERMSFIRST
  5. 5. Identity Federations Adobe$connect!ONE SET OF wiki@terena.org!CREDENTIALS TO Other$services!ACCESS MULTIPLESERVICES! Technology! SAML! Legal!agreements! Trust! licia@terena.org$ Federa7on!
  6. 6. Inter-federationsEnable users from federation A to accessservices offered by federation B;Requires integration of technology andpolicies;Requires agreements among theparticipating federations;
  7. 7. Inter-federation for Network Access!  "  (inter)federation technical infrastructure based on hierarchy of RADIUS Servers and 802.1X; "  Trust between members established via the eduroam policy; "  Global eduroam Governance Committee to ensure coordination among different continents •  Led by TERENA
  8. 8. Where is eduroam
  9. 9. Inter-federation for Web Applications Courtesy of euGAIN!  eduGAIN entities are a subset of national federations (via opt in) "  Entities have to ask to be included in eduGAIN!  Profiles and policies to harmonize environment
  10. 10. Who is in eduGAIN
  11. 11. WHAT’S REFEDS THEN?
  12. 12. Some Dates 2004 20102004
  13. 13. Why, What, Who Why:! "  To!give!a!‘voice’!to!the!R&E!community! "  Millions$of$users$across$thousands$of$ ins.tu.ons$in$$30$countries!$$$ What:! "  To!harmonise!best!prac7ses,!policies!&!technologies! "  To!make!federa7ons!more!userNfriendly!REFEDS$ "  To!ease!interNfedera7on!! "  To!influence!direc7ons!in!the!global!iden7ty!space! Who:! "  Experts!in!the!iden7ty!technologies! "  Iden7ty!Federa7ons!around!the!globe! "  UserNgroups! "  Service!providers!!!
  14. 14. Governance WHO$ REFEDs$Par.cipants$ N!h$ps://refeds.org/about_work.html!! REFEDs$SC$ ! WHAT$ N!Approves!yearly!plan! N!Monitors!execu7on! N!Advice!REFEDS! REFEDs$Workplan$ $Volunteer! Funded! work!!$ work!! REFEDs$Sponsors$ Funding!used!to!finance! the!workplan!! Workplan!2011N2012:!!h$ps://refeds.org/docs/refedsworkplan11N12FINAL.pdf!
  15. 15. Participating Identity Federations
  16. 16. Participating Identity Federations
  17. 17. EHM….YES….BUT….. LIFE IS STILL DIFFICULT FOR SERVICE PROVIDERS!SO FEDERATIONSREALLY WORK! !
  18. 18. The Issues!  Harmonisation of attributes!  Different data protection laws: "  Not easy within Europe "  And then US, Australia, Asia!  Different business models: "  To charge or not to charge that’s the problem! Liability insurances for some federations! Different legal contracts Just to give some examples
  19. 19. Now think about all this when inter-federating!
  20. 20. THEY TRY TO STANDARDISE FEDERATIONS PROCEDURESHOW DO REFEDS HELP?! AND POLICIES TO INCREASE USABILITY OF FEDERATIONS!
  21. 21. Some Work Items Barriers$for$Service$Providers$ (Nicole!Harris,!JISC!Advance)$$$ $ h$ps://refeds.terena.org/index.php/ Barriers_for_Service_Providers! $ ALribute$Release$WG$$ (Steven!Carmody,!Internet!2)! ! h$ps://refeds.terena.org/index.php/ REFEDS_A$ribute_release_wg!!!! !PEER$(Public$EndPoint$En..es$Registry)$(Leif!Johansson,!NORDUNET)$$$h$ps://refeds.terena.org/index.php/PEER!!
  22. 22. Barriers for Service Providers Mul.ple$legal$documents$ Common!clauses!but!presented!in! different!ways! Charging$Fees$ Different!federa7ons!=!different!business! model!! Data$Protec.on$ Different!legal!requirements!in!different! countries.!! And$there$is$more!$!h$ps://refeds.terena.org/index.php/Barriers_for_Service_Providers!
  23. 23. Attribute Release WG – Goals!  Find an approach to the data protection/privacy liability risks and exposures faced by IDPs and SPs in the worldwide Higher R&E environment!  Find a scalable way to managing attribute release policies!  Provide recommendations for GUIs and business practices to meet legal and regulatory requirements
  24. 24. The INFORM model!  The IdP is responsible for releasing users’ information!  Most of the attributes are about user personal information: "  Services should only require necessary attributes; "  Users should be informed on what attributes are released;! eduGAIN approach: ask SP to make a declaration to indicate compliance with privacy laws: INFORM CONSENT!
  25. 25. Next Steps!  Almost finalised recommendations online on the REFEDS wiki: " https://refeds.terena.org/index.php/ Technical_specifications_on_metadata_elements_and _IdP_attribute_release_GUI
  26. 26. Conclusions! REFEDS work is relevant not only to R&E community: "  But to all working in the identity space;! REFEDS monitor EU directives on data protection and all standard technologies: "  And tries to provide recommendations;!  REFEDS results can benefit you: "  Watch the www.refeds.org space! Let us know your use-cases and how you solve them!
  27. 27. Follow usVisits Website: http://www.refeds.org Wiki: https://refeds.terena.org Mailing list: https://www.terena.org/mail-archives/refeds/
  28. 28. TERENA Networking Conference 2012 Networking to ServicesKeynote speakers:Hilmar Veigar Pétursson, CCPGeoff Huston, APNICNicole Harris, JISC AdvanceJan-Martin Lowendahl, Gartner ResearchJacob Appelbaum, University of WashingtonLeslie Daigle, Internet Society (ISOC) 21 to 24 May 2012 Reykjavik, Iceland tnc2012.terena.org

×