| Table of Contents |
|---|
Description
This subtask has been addressing the need to elevate the authentication assurance within eduGAIN.
Develop profile(s) and minimum requirement documents for including two-factor support in eduGAIN. NOTE: not
Design and implement two-factor / MFA service itself.approach. Pilot in research communities.
Status
Started
Deliverables and Milestones
Official: None
Internal:
- Profile Recommendation in October/November 2016 (M7)
- MFA solutions - recommendations (M8) : Jule Ziegler
People
Documents
M7: Profile Recommendation
Possible follow up
MFA/ second factor only service for eduGAIN
Reference Materials
REFEDS MFA Profile Recommendation
REFEDS Assurance Framework
Incommon MFA Working group: https://spaces.internet2.edu/display/MIPWG/MFA+Interoperability+Profile+Working+Group+Home
InCommon MFA Final Report: https://docs.google.com/document/d/11n4eA7R5fFIPD5ehDAjlNms7eEvuOdhYFRki9qYzkoY/edit?pref=2&pli=1
| Status | ||||
|---|---|---|---|---|
|
Results
Profile Work, Liaison with REFEDS Assurance WG and AARC2
REFEDS Assurance Suite: Composed out of 3 REFEDS Specifications
- REFEDS Assurance Framework (RAF): https://refeds.org/assurance
- REFEDS Single Factor Authentication (SFA) Profile: https://refeds.org/profile/sfa
- REFEDS Multi Factor Authentication (MFA) Profile: https://refeds.org/profile/mfa
Step-up Authentication, Liaison with GN4-2 JRA3 T2 (RASP) and AARC2
Document: Evaluation of possible LS AAI pilot solutions for StepUp.pdf
SIRTIFI Self Assessment Tool
The tool contains the essential features for a Self Assesemt regarding SIRTIFI. , i.e. reading IdP entities from Haka metadata, importing them to the tool, and inviting them to fill the Sirtfi survey (at Limesurvey). It also offers API endpoint for Haka resource registry to fetch information about fulfilled surveys. Two organizations (CSC and University of Helsinki) have already successfully used the tool for filling up the Sirtfi survey.
Source code: https://github.com/GEANT/SAT-SurveyManagerOASIS SAML Assurance Profile: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-assurance-profile.html
Attachments
| Attachments |
|---|