You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

This is a set of entity-support-categories and entity-categories (http://macedir.org) for Identity Providers in use by SWAMID.

For a suggestion on how to consume and process this information in an Identity Provider look at the page Example of a standard attribute filter for Shibboleth IdP.

All entity categories (as well as other information) on services in SWAMID can be found at https://wiki.swamid.se/display/SWAMID/Service+Providers.

Entity Support Categories

An identity Provider marked with an entity support category for an explicit entity category is signaling that this IdP follows the intended use of the entity category.

REFEDS Research and Scholarship

entity-support-category URI

http://refeds.org/category/research-and-scholarship

Definition

The REFEDS Entity Category Research and Scholarship (R&S) supports research and scholarship interaction, collaboration or management as an essential Component with release of mostly harmless attributes. For more information please see REFEDS Entity Category Research and Scholarship.

R&S is used in the eduGAIN interfederation to make services available to users of the higher education institution around the world. The R&S makes it possible to automatically release mostly harmless attributes to Service Providers within the higher educational sector. The expected IdP behaviour is to release the Service Provider required subset of the R&S Category Attributes (eptid, eppn, email, displayName, surname, given name and scoped affiliation). The requested subset of attributes for a specific service is defined in metadata. There is furthermore an identity provider entity support category that should be registered for all IdP that supports the R&S Category that can be used for filter purpose in a discovery service.

Example of services that uses the entity category includes (but are not limited to) collaborative tools and services such as wikis, blogs, project and grant management tools that require some personal information about users to work effectively.  This Entity Category should not be used for access to licensed content such as e-journals.

Process for applying for tagging an identity provider with entity support category for REFEDS Research and Scholarship

For an identity provider to be tagged with R&S it must contact the federation that it has registered with. If the identity provider is registered within the SWAMID federation the identity provider operator sends an e-mail to operations@swamid.se with a formal request.

The request must contain the following information:

  • A statement that the identity provider releases attributes as described in the entity category REFEDS Research and Scholarship.

Upon receiving a request SWAMID operations will respond within two weeks.

GÉANT Dataprotection Code of Conduct

entity-support-category URI

http://www.geant.net/uri/dataprotection-code-of-conduct/v1

Definition

The GÉANT Data protection Code of Conduct (CoCo) defines an approach at a European level to meet the requirements of the European Union Data Protection Directive for releasing mostly harmless personal attributes to a Service Provider (SP) from an Identity Provider (IdP). For more information please see GEANT Data Protection Code of Conduct.

CoCo is used in the eduGAIN interfederation to make services available to users of European higher education institutions. The CoCo makes it possible to automatically release mostly harmless attributes to Service Providers which fulfill the EU Data Protection Directive. The expected IdP behaviour is to release the Service Provider required subset of the attributes eptid, eppn, email, displayName, scoped affiliation and schacHomeOrganization. The required subset of attributes for a specific service is defined in the mandatory Service Provider Privacy Policy. There is furthermore an identity provider entity support category that should be registered for all IdP that supports the R&S Category that can be used for filter purpose in a discovery service.

Process for applying for tagging an identity provider with entity support category for GÉANT Dataprotection Code of Conduct

For an identity provider to be tagged with CoCo it must contact the federation that it has registered with. If the identity provider is registered within the SWAMID federation the identity provider operator sends an e-mail to operations@swamid.se with a formal request.

The request must contain the following information:

  • A statement that the identity provider releases attributes as described in the entity category GÉANT Dataprotection Code of Conduct.

Upon receiving a request SWAMID operations will respond within two weeks.

Other Entity Categories

Hide From Discovery

entity-category URI

http://refeds.org/category/hide-from-discovery

Definition

The Hide From Discovery entity category is a category of Identity Providers that are intended not to be shown on discovery interfaces by default. For more information please see REFEDS Hide From Discovery Entity Category.

 

Process for applying for tagging an identity provider with entity category Hide From Discovery

For an identity provider to be tagged with Hide From Discovery it must contact the federation that it has registered with. If the identity provider is registered within the SWAMID federation the identity provider operator sends an e-mail to operations@swamid.se with a formal request.

Upon receiving a request SWAMID operations will respond within two weeks.

  • No labels