AARC/GN4 LoA co-operation vc

Friday, 3rd July 2015 at 9.30-10.00 CEST

Adobe Connect: https://connect.sunet.se/edugain

   Daniela Pöhn, GN4 SA5 Identity Harmonisation, Level of Assurance sub-task lead

   Nicole Harris, GN4 SA5 Identity harmonisation task lead

   Tangui Coulouarn, GN4 SA5 Identity harmonisation

   David Groep, AARC NA3 lead

   Mikael Linden, AARC NA3 LoA task lead, chair

Apologised

  Wolfgang Pempe, AARC NA3

   Martin Haase, AARC NA3

Notes

- introduction of GN4 SA5 Task 1.4: Service aspects of assurance (Daniela)

  • https://wiki.geant.org/display/gn41sa5/1.4+Service+Aspects+of+Assurance
  • End goal is some sort of cost-analysis – is it cost effective for campuses to adopt assurance practices? 
  •       -> speak with federation operators and IdPs
  • Deliverable: LoA service architecture options and capabilities analysis (report - November 2015)
  • Step 2: talking to some of the existing federations about what they are currently doing and if they have done any cost analysis for campuses.
  • Step 3: finding campus people to talk to and starting to draft out questions to ask them based on the FIM4R requirements, common LOA1 requirements.
  •      -> Road-test the idea of a step-up assurance service - separate vetting undertaken for small groups run as a separate service.
  •      -> Compare back results of the above with original FIM4RPaper requirements
  • Step 4: through REFEDS, see if we can find out more about current practice for requiring identity management practice statements.

 

- introduction of AARC NA3 T1: LoA (Mikael)

  • https://wiki.geant.org/display/AARC/AARC+Policy+Harmonisation
  • “The task will collect the current set of policies in use within the R&E federations” and “derive the main ‘effective’ assurance levels that are available today.” – clear overlap with GN4
  • “compare them to the assurance requirements of the initial set of resource providers and e-infrastructures”
  • “define the minimal assurance level which is still relevant for low-risk research use cases” (MILESTONE 11/2015)
  • “this will be developed into a limited set of differentiated assurance level recommendations” (MILESTONE 4/2017)

 

- decided a division of responsibility

  • SA5 to talk to federations and IdPs  on their LoA capabilities
  • NA3 to talk to SP communities, research infrastructures etc on their LoA needs
    • NA3 could also ask what they think of a GEANT-provided step-up service

 

- next steps

  • preparing a survey for federations (Daniels) and SP communities (Mikael)
    • can be on-line survey or interview
  • do the survey
  • compare the results

 

- next vc: Fri 4th Sep 10.00 CEST

 

  • No labels