You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 19 Next »

List of datasets


eduroam user authentication and F-ticks

Dataset description:

Data needed for eduroam authentication for end users.

Usage log messages for each international and national authentication result.

Purpose of processing:

Enable eduroam users to use WiFi service when visit another organization or federation using their home identity.

Log data provides basic statistical information about service usage. It provides statistics about the number of logins for national and international roaming. The data is used for generation of usage statistics that are publicly available at https://monitor.eduroam.org and for reporting to EC and other stakeholders.

Data source:

NROs Federation top level Radius servers. IdPs and SPs can optionally send F-ticks data as well.

Data storage and access:

Authentication data are not stored.

F-ticks data are stored in the SQL database that is operated in the infrastructure provided by CARNet. The raw data is accessible only by the personnel of eduroam operations team.

Data transfer:

Authentication data are forwarded to appropriate Federation level RADIUS server in encrypted form.

F-ticks data are not transferred to any other party or system.

Data retention:F-ticks data are kept permanently.
Personal data processed:

Dataset content


Data itemIs personal data (DPO fills in)
1REALM - As in users EPPN used for the authentication (for example “@education.lu”) - contains the user’s country of origin and the institution of origin
2Calling-Station-Id - User’s device MAC address
3Viscountry - ISO country code of the NRO that generated the log message
4Visinst - Identifier of visited institution i.e. operator-name RADIUS attribute
5Result - Authentication outcome: OK / FAIL

eduroam Database - NRO information

Dataset description:National Roaming Operator information.
Purpose of processing:Data is used to feed the central data repository for eduroam service. It provides information about National Roaming Operators that participate in the eduroam service. The data is used for providing public available information about eduroam service, available at https://monitor.eduroam.org/.
Data source:The eduroam database has been build as a central database with the mechanism that enables automatic data collection from (National) Roaming Operators - (N)ROs. (N)ROs should provide general data in the defined XML or JSON format. The data should be available at the specific, predefined URLs: http://www.eduroam.<tld>/general/<dataset-name>.
Data storage and access:Data is stored in the SQL database that is operated in the infrastructure provided by CARNet. The raw data is accessible only by the personnel of eduroam operations team.
Data transfer:Data is not transferred to any other party or system.
Data retention:Data is kept permanently.

Dataset content


Data itemIs personal data (DPO fills in)
1ROid - Unique identifier provided by the database operator during the RO registration
2country - two letter country code
3stage - 0=preproduction/test, 1=active
4org_name - (N)RO corporate name
5address_street - (N)RO address
6address_city - (N)RO address
7coordinates - longitude, latitude, altitude
8contact_name - N)RO contact: name
9contact_email - (N)RO contact: e-mail
10contact_phone - (N)RO contact: phone no.
11contact_type - 0=person, 1=service/department
12contact_privacy - 0=private, 1=public
13info_URL - (N)RO web page URL
14policy_URL - (N)RO Policy URL
15ts - date: last changed

eduroam Database - Institution information

Dataset description:Institution information
Purpose of processing:Data is used to feed the central data repository for eduroam service. It provides information about Institutions that participate in the eduroam service as IdPs and SPs. The data is used for providing public available information about eduroam service, available at https://monitor.eduroam.org/.
Data source:The eduroam database has been build as a central database with the mechanism that enables automatic data collection from (National) Roaming Operators - (N)ROs. (N)ROs should provide general data in the defined XML or JSON format. The data should be available at the specific, predefined URLs: http://www.eduroam.<tld>/general/<dataset-name>
Data storage and access:Data is stored in the SQL database that is operated in the infrastructure provided by CARNet. The raw data is accessible only by the personnel of eduroam operations team.
Data transfer:Data is not transferred to any other party or system.
Data retention:Data is kept permanently.

Dataset content


Data itemIs personal data (DPO fills in)
1instid - provided by the NRO
2ROid - Unique identifier provided by the database operator during the RO registration
3type - IdP, SP, IdP+SP
4stage - 0=preproduction/test, 1=active
5inst_realm - (only for IdP or IdP+SP)
6inst_name - institution’s corporate name
7address_street - institution’s address
8address_city - institution’s address: city
9coordinates - longitude, latitude, altitude of institution’s location
10inst_type - IEEE 802.11-2012, clause 8.4.1.34 Venue Info
11contact_name - institution’s contact: name
12contact_email - institution’s contact: e-mail
13contact_phone - institution’s contact: phone no.
14contact_type - 0=person, 1=service/department
15contact_privacy - 0=private, 1=public
16info_URL - institution’s web page with the information related to the service
17policy_URL - institution’s Policy
18ts - date: last changed

eduroam Database - Service Location information

Dataset description:Service Location information
Purpose of processing:Data is used to feed the central data repository for eduroam service. It provides information about Service Locations that are provided in eduroam by participating SPs. The data is used for providing public available information about eduroam service, available at https://monitor.eduroam.org/.
Data source:The eduroam database has been build as a central database with the mechanism that enables automatic data collection from (National) Roaming Operators - (N)ROs.(N)ROs should provide general data in the defined XML or JSON format. The data should be available at the specific, predefined URLs: http://www.eduroam.<tld>/general/<dataset-name>.
Data storage and access:Data is stored in the SQL database that is operated in the infrastructure provided by CARNet. The raw data is accessible only by the personnel of eduroam operations team.
Data transfer:Data is not transferred to any other party or system.
Data retention:Data is kept permanently.

Dataset content


Data itemIs personal data (DPO fills in)
1instid - provided by the NRO
2ROid - Unique identifier provided by the database operator during the RO 
3locationid - provided by the NRO
4coordinates - longitude, latitude, altitude
5stage - 0=preproduction/test, 1=active
6type - 0=single spot; 1=area; 2=mobile
7loc_name - location’s name
8address_street - location’s address 
9address_city - location’s address: city
10location_type - IEEE 802.11-2012, clause 8.4.1.34 Venue Info
11contact_name - on site contact: name
12contact_email - on site contact: e-mail
13contact_phone - on site contact: phone no.
14contact_type - 0=person, 1=service/department
15contact_privacy - 0=private, 1=public
16SSID - SSID used
17enc_level - supported encryption levels
18AP_no - number of APs
19wired_no - number of enabled sockets for wired access
20tag - specific characteristic(s): port_restrict, transp_proxy, IPv6, NAT, HS2.0
21availability - 0=default, 1=physical access restrictions
22operation_hours - If service is not available 24 hours per day
23info_URL - info page with additional info in case of any restrictions 
24ts - date: last changed

eduroam CAT (todo)

Dataset description:
Purpose of processing:
Data source:
Data storage and access:
Data transfer:
Data retention:

Dataset content


Data itemIs personal data (DPO fills in)
1

2

3



Description of fields

The details of service related datasets (data collections) should be filled with a list of all kinds of data which is collected or processed by this service. The table should be filled by the Service Manager and afterwards reconciled with the GEANT Data Protection Officer in order to address GDPR requirements. One service often incorporates several datasets.

<dataset_name> - name of dataset (collection of data processed in similar way).

Dataset description: brief explanation of the kind of information or entities the dataset contains.

Purpose of processing: what is purpose of data collecting and processing.

Data source: what are source(s) of data - list of services, systems, applications, databases or similar source components, including user's input, from which data are being received. E.g. RIPE database, service ABC, organisation LDAP directory...

Data storage and access: describe where the data are stored, backup-ed etc. and who has access to the data.

Data transfer: list of other services, systems, applications, databases or similar destinations to which data are being sent. E.g. RIPE database, service ABC, GÉANT's database XYZ...

Data retention: describe data retention policy ie. for how long data are stored before being deleted. E.g. 1 year, 2 years after contract ending, forever...

Dataset content

  • Data item: a specific dataset item. It may be an attribute, component or structure within a dataset that can be clearly described in terms of content. If attribute, it is usually described with the formally assigned name and corresponding explanation of meaning, purpose, expected content or allowed values. Property values characterise all or some items (records, members...) within the dataset.
  • Is personal data (DPO fills in): whether this item is (a part of) personal data. Decided and entered by the GÉANT Data Protection Officer while analysing the GDPR requirements. Answer Yes of No.


Document ID


Version of document


Date of approval
Approved by
Status (draft, approved, obsolete)draft
Document owner (Service Manager?)
Contact person


Date of resubmission


Intervall of resubmission
Type of document (policy, procedure, Information)


  • No labels