This is a working document, major changes can be expected at any time.
Document structure
OT tasks
Management of core eduGAIN services
Supervision of eduGAIN joining process
Management or supervision of supplementary eduGAIN services
OT procedures
members registering or changing information
introduction of new eduGAIN metadata requirements
introduction of new good practices for metadata
handling of system alerts
system updates
software development, testing and production implementation
backup
monitoring
Core services
Suplementarny services
Service Order
Problem resolution
Configuration change
System update
Backup
Disaster recovery
Registration and modification of federation information
information type | registration level | security level |
---|---|---|
federation delegate to eduGAIN SG | eduGAIN | S |
federation delegate deputy to eduGAIN SG | eduGAIN | S |
federation page URL | eduGAIN | 1 |
federation mail contact | eduGAIN | 2 |
federation SAML policy URL | SAML | 1 |
registration practice statement URL | SAML | 1 |
federation SAML metadata aggregate access URL | SAML | 3 |
federation metadata signing key | SAML | 4 |
registrationAuthority attribute value | SAML | 3 |
Federation delegate and deputy are the only federation representatives authorized to submit information, therefore their identity needs to be established in a trusted way, this is however part of the global eduGAIN trust model, not specific to the SAML prifile.
Security levels
security level | description |
---|---|
S | special - delegating representatives requires contact with the federation management |
1 | informational, not requiring special vetting |
2 | important contact information |
3 | information of eduGAIN operational relevance, requires special care |
4 | crucial for eduGAIN trust, requires utmost care |
Technical details
eduGAIN database
The eduGAIN database is central to all eduGAIN core services. The database stores:
- general and contact information about participating and candidate federations
- operational information about participating and candidate federations like metadata URLs, signing keys, registrationAuthority values
- operational information about the metadata aggregation process including details about metadata acquiring form participating federations, results of metadata validation, cache timers for individual participant federations
- operational information about entities published through eduGAIN derived from the metadata
- statistics derived from metadata aggregation, like numbers of entities published by individual federations and much more
- information collected from supporting monitoring services like ECCS, CoCo
The database is placed on a host separated from the external network, accessible only trough a limited numbers of secure hosts. Database access is realised via dedicated user accounts with access right crafted to minimize the possibility of unauthorized changes.
The database is managed mostly via a web interface secured with access passwords. Modification of data on security levels S, 1, 2 can be done without any additional protection. Management of data with security level 3 is protected with on-time passwords mailed to an external mail account of the managing administrator. Management of data with security level 4 requires direct access to the database host.
eduGAIN services
Core Services
Supplementary services
System maintenance
Operating system and general software components
All eduGAIN core service hosts are
Custom eduGAIN software
Security considerations
The security of the eduGAIN SAML services is essentially the security of the eduGAIN aggregate. This in turn depends on:
- validation of federation metadata input data - their originality and integrity - this depends on the safety of federation certificates (stored in the database) and the safety of the signature verification process itself
- aggregation process - it is crucial that the resulting aggregate contains exactly the data provided by participating federations (after modifications described in the [aggregation])
- aggregation signature - the eduGAIN signing key and the signing process are the key factors here
Risk analysis
The most likely event