Within the Identity Federation SWAMID is trust that universities, university colleges and other members manage users and logins good enough the foundation for Service Providers to be confident that it is the right user that is accessing the system. To define what is good enough SWAMID has decided on two Assurance Profiles for Identity Providers and their users.
The Assurance Profile SWAMID AL1 means three things:
- The user is very likely a human and not a robot or piece of software, this is also known as an unconfirmed user.
- The information associated with the account are usually self-asserted and the user is responsible for it.
- The organisation’s Identity Management Systems meet the requirements of SWAMID AL1.
Current Assurance Profile SWAMID AL1:
When applying for SWAMID AL1, the Member Organisation must supply with the application:
- Assurance Declaration for SWAMID AL1 through an Identity Management Practice Statement describing how the Member Organisation fulfils the Assurance Profile.
- All documents, or link to the publicly published documents, referred to in the Assurance Declaration.
- Self Audit reported via a Self-audit declaration for SWAMID AL1.