1 / 8

What is the Point of PEER?

What is the Point of PEER?. Nicole Harris. What is an Identity Federation?. Burton Group: “ The agreements, standards, and technologies that make identity and entitlements portable across autonomous domains.” REFEDS:

lotte
Télécharger la présentation

What is the Point of PEER?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. What is the Point of PEER? Nicole Harris

  2. What is an Identity Federation? Burton Group: “The agreements, standards, and technologies that make identity and entitlements portable across autonomous domains.” REFEDS: “a group of institutions and organisations that sign up to an agreed set of policies for exchanging information about users and resources to enable access via authentication.  A policy in itself is not enough to make this access happen - federations provide and interact with a distributed set of software and infrastructure to make federated access happen by creating a circle of trust.”

  3. A Typical R&E Federation Policy Member Validation Metadata Aggregation Metadata Publication Entity Registrar Support

  4. We asked… Can parts of this job be done by someone other than the Federation Operator? What is the lowest bar for validation of metadata? Member Validation Entity Registrar

  5. Why? Key Concern: at the moment, services like the REFEDS wiki or the Shibboleth wiki are having to register and maintain their metadata in over 10 different locations, following different guidelines and processes. • Work intensive; • Encourages inconsistencies; • Leads to stale data. Also: there are lack of human readable interfaces for metadata registration. With some notable exceptions, this is done manually via email change requests.

  6. PEER • Is NOT a federation; • Provides a centralised function of a part of federation operations; • Can be used as a registry tool by individual federations; • REFEDS to create a service instance for entities involved in the R&E community.

  7. Key Elements • ‘Validation’ is done purely at a technical level – the registrant must prove they have some ownership of a domain: • Currently via hosted url; • Email to known org email address on the to do list. • Federated access to come but need other auth routes for SPs without an IdP etc. • Phase 1 near completion. Phase 2 to add functions and look at plugging in to some test federations.

  8. Questions? • Will entities still have to join multiple federations? • Most probably yes, but be able to tell the federation to collect their entity information from elsewhere. • Who is willing to consume data from such an aggregate? • SWAMID and the UK interested in this approach to lower barriers for SPs in particular. • OIX interested in the software for use elsewhere. • Could be a useful tool for developing countries interested in identity federations – i.e. the work that EIFL.net are doing. • What data to we need? Entity data up to richer description? (MET tool)

More Related