This document discusses eduGAIN, a federated access management service. It provides a quick review of how eduGAIN works and the entities involved. A proposed governance structure is outlined, with different groups handling various issues. Next steps for eduGAIN include finalizing the policy framework and constitution, addressing levels of assurance and data protection guidelines.
A Journey Into the Emotions of Software Developers
eduGAIN and next steps Status update
1. eduGAIN and next steps
Status update
REFEDs 15th May 2011
Valter Nordh, NORDUnet / GU
Mikael Linden, CSC
Innovation through participation
1
2. Quick review of eduGAIN service
! eduGAIN?
SP Service Provider (a Member)
SP
AP IdP
Participant
IdP
Home Organisation (a Member)
SP Participant
Federation
Federation
IdP
SP
eduGAIN
SP
IdP
Participant
service
SP
Entities
Federation
Participant
IdP
Federation
IdP
SP
SP
IdP
Innovation through participation
2
3. Proposed governance structure
Mandatory issues
NREN Very long term documents
PC (policy)
Recommendations and documents
TSG changing more frequently
(technical)
eduGAIN Daily issues and very changing
OT documents
Innovation through participation
3
4. Quick review of eduGAIN service
! eduGAIN is not trying to harmonize the meaning of student or employee
all over the globe... Always will be up to each federation/country
! An entity connects to eduGAIN through a federation, no direct
connection.
! All federations are welcome to make use of eduGAIN
Innovation through participation
4
5. Quick review of eduGAIN service
! Service timelines
! April 2010: pre-pilot service started
! October 2010: pilot service started
! Feb 2011: 13 federations involved in, out of a possible 19.
! April 2011: production service started
! July 2011: current MDS will be “cleaned” from federations who has
NOT signed the eduGAIN policy
Innovation through participation
5
6. Joining eduGAIN - HowTo
• Federation A signs the eduGAIN Policy Declaration and presents it
Federation to the eduGAIN Operations Team (OT)
A
• Federation A appoints members to the eduGAIN Technical Steering
Federation Group (TSG) and communicates these to the eduGAIN OT.
A
• The OT confirms that the applicant Federation fulfils the
OT requirements
• Upon approval, the OT takes the necessary technical steps to
Federation register Federation A to eduGAIN.
A + OT
Innovation through participation
6
8. eduGAIN policy ver 1.0 released
! eduGAIN Policy approved and released
! Policy framework consists of
! 7 policy documents and
! A non-normative introduction document
! Available in www.edugain.org > Resources
Innovation through participation
9. Policy structure and profiles
eduGAIN Constitution
(NREN PC approves/changes)
refers to
is supplemented by
Profiles, required
Policy Declaration
Policy Declaration
(signed by Federation 1)
Profiles, required
(NREN PC approves/changes)
(NREN PC approves/changes)
Policy Declaration
(signed by Federation 2)
(signed by Federation 3)
Profiles, recommended
Profiles, recommended
(TSG approves/changes)
(TSG approves/changes)
Profiles, optional
Profiles, optional
(TSG approves/changes)
(TSG approves/changes)
! Policy Declaration
Profiles:
! Constitution ! Metadata profile (MUST)
! Metadata Terms of Access ! WebSSO profile (MAY)
and Use ! Attribute profile (SHOULD)
! Data protection good practice profile (MAY)
Innovation through participation
10. Future policy work
! GN3 project asked eduGAIN task to prepare an updated Constitution
! To find a long-term solution to the governance model
! Level of Assurance issues
! Strong identity, strong authentication…?
! Data Protection issues
! Supporting eduGAIN Data Protection Good Practice Profile
Innovation through participation