Work Description
This work item will collaborate with JRA3, E-INFRA-7 and via REFEDs to address a subset of issues with regard to Levels of Assurance in identity federations and ultimately in eduGAIN from a service perspective.
The goal is to understand the service delivery implications of existing levels of assurance approaches to provide an extensible framework that suits the needs of research collaborations and users from different fields, and identify those that are achievable within a reasonable time frame within GÉANT.
The work will include:
Work Area Leader
Daniela Pöhn
Work Area Participants
Tangui Colouarn, Nicole Harris, Mikael Linden.
Background
We know that research organisations want to achieve a higher level of assurance for their users and want campuses (IdPs) to adopt LOA frameworks, however implementing assurance is a significant cost burden for the campuses and the ROI for the number of users involved is low creating an adoption barrier.
We can make the following assumptions:
Work Items:
REF | Work Item | Description | Responsible | Due Date | Status |
---|---|---|---|---|---|
1.4a | IdP / Federation surveys on assurance | Daniela | 01/09/15 | ||
1.4b | Liaison with AARC on SP aspects of assurance | Working well, regular liaison calls. | Daniela | ONGOING | |
1.4c | Paper on service aspects of assurance | Paper is available in draft: https://docs.google.com/document/d/13Ru2_eRIpJoRl_9Phm6FyLg2eVgnzFCKn4kat50c-uw/edit. Mikael started work on one of the deliverables for specification for self-assessment tool: https://docs.google.com/document/d/1SnJ3hpYuf3_tcuDTE0lT9QeKL3qAm5A90oCRrFM1qRI/edit#heading=h.p2sxezpw3sf5. | Daniela | 31/12/15 |
Work Area Actions / Ideas
Lack of Identity Management Practice Statements (IMPS) could be a problem. Most federations claim require them from IdPs but do not enforce them. Should this be addressed? Have a look at the REFEDS work on this.
Federations such as InCommon, SWAMID, HAKA and WAYF may have existing information on the cost of implementing assurance, we should ask them to contribute. Also ask out on the REFEDS list if anyone has any information on cost of implementation. Kantara?
End goal is some sort of cost-analysis – is it cost effective for campuses to adopt assurance practices? We’d like to compare this to AARC proposals but it is unlikely that will develop quickly enough so we can use the Kantara profiles as a starting point.
Deliverables
Issues / Risks
Risk | Mitigation |
---|---|
Difficulty in getting to speak to the right campus people | Work closely with the FOG / REFEDS groups to get contacts required. |
Reliance on developments in AARC project | Build close working relationship, use Kantara models as a support process. |