You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Questions for SP communities (e.g. research infrastructure projects or individual SP admins). (Interview or web based survey) 

How important it is for you that...

Identity concept

  • an account belongs to an individual person?
  • and s/he is traceable (i.e. the home organization knows and can reach him/her)?
  • and Home Organisation is willing to penalize him/her if s/he misbehaves?
  • that you (as an SP community) can block him/her from the service?
  • user identifiers are persistent i.e. not reassigned to another person?
  • user identifiers are shared by multiple SPs  (i.e. not pairwise/targeted)

Initial proof of identity

  • the home organization has a documented identity vetting process?
  • the identity vetting process is f2f or equivalent?

On-line authentication

  • passwords?
  • passwords with quality quarantees? (What kind of?)
  • two factor authentication?

Would you like to use step-up authentication as a service?

  • if it costs you money
  • if it costs you work (operating a registration authority)

Freshness of user data

  • accounts are closed as an individual departs? How promptly?
  • eduPersonAffiliation value is updated as an individual departs? How promptly?

Provenance of the identity and authentication

  • Is it enough that the Home Organisation self-asserts the above?
  • plus someone who has some enforcement rights (e.g. Home identity federation can remove “compliant” tag from the HO)?
  • also internal audits needed?
  • also external audits needed?

---

Do we want to mix these things here

  • attribute population; which attributes the Home Organisation populates for users
  • attribute release; which attributes the Home Organisation is willing to release

 

  • No labels