This is a working document, major changes can be expected at any time.


Document structure




Registration and modification of federation information


information typeregistration levelsecurity level

federation delegate to eduGAIN SG

eduGAIN

S

federation delegate deputy to eduGAIN SGeduGAINS
federation page URLeduGAIN1
federation mail contacteduGAIN2
federation SAML policy URLSAML1

registration practice statement URL

SAML1

federation SAML metadata aggregate access URL

SAML3

federation metadata signing key

SAML4
registrationAuthority attribute valueSAML3


Federation delegate and deputy are the only federation representatives authorized to submit information, therefore their identity needs to be established in a trusted way, this is however part of the global eduGAIN trust model, not specific to the SAML prifile.

Security levels
security leveldescription
Sspecial - delegating representatives requires contact with the federation management
1informational, not requiring special vetting
2important contact information
3information of eduGAIN operational relevance, requires special care
4crucial for eduGAIN trust, requires utmost care


Technical details

eduGAIN database

The eduGAIN database is central to all eduGAIN core services. The database stores:

The database is placed on a host separated from the external network, accessible only trough a limited numbers of secure hosts. Database access is realised via dedicated user accounts with access right crafted to minimize the possibility of unauthorized changes.

The database is managed mostly via a web interface secured with access passwords. Modification of data on security levels S, 1, 2 can be done without any additional protection. Management of data with security level 3 is protected with on-time passwords mailed to an external mail account of the managing administrator. Management of data with security level 4 requires direct access to the database host.


eduGAIN services

Core Services


Supplementary services


System maintenance

Operating system and general software components

All eduGAIN core service hosts are 

Custom eduGAIN software


Security considerations

The security of the eduGAIN SAML services is essentially the security of the eduGAIN aggregate. This in turn depends on:

  1. validation of federation metadata input data - their originality and integrity - this depends on the safety of federation certificates (stored in the database) and the safety of the signature verification process itself
  2. aggregation process - it is crucial that the resulting aggregate contains exactly the data provided by participating federations (after modifications described in the [aggregation])
  3. aggregation signature - the eduGAIN signing key and the signing process are the key factors here


Risk analysis

The most likely event