This is a set of entity-categories (http://macedir.org) in use by SWAMID.
For a suggestion on how to consume and process this information in IdPs look at the page Attributfilter för entity-category i Shibboleth IdP.
Data Protection Entity Categories
These categories indicate category classifaction of Identity Providers (IdP) that can release mostly harmless personal attributes to a Service Provider (SP). It's used together with Service Provider Attribute Release Entity Categories below.
EU Adequate Protection
entity-category URI |
http://www.swamid.se/category/eu-adequate-protection |
|---|
Definition
The application is compliant with any of the EU adequate protection for 3rd countries according to EU Commission decisions on the adequacy of the protection of personal data in third countries.
This category includes for instance applications that declares compliance with US safe-harbor.
GÉANT Dataprotection Code of Conduct
This is not yet in production.
Definition
The application has uses the GEANT Code of Conduct.
NREN Service
entity-category URI |
http://www.swamid.se/category/nren-service |
|---|
Definition
The application is provided by the Swedish NREN (SUNET) which is ultimately responsible for its operation.
This category is only relevant for attribute-release between SWAMID registered IdPs and SUNET services.
HEI Service
entity-category URI |
http://www.swamid.se/category/hei-service |
|---|
Definition
The application is provided by a Swedish HEI which is ultimately responsible for its operation.
Service Provider Attribute Release Entity Categories
name below means givenName, surname, initials, displayName.
Category |
Description |
Expected IdP Behavior |
|---|---|---|
research-and-education |
SP is an application that directly or indirectly supports HEI institutions. |
Release eptid, eppn, email, name and scoped affilation plus static organisational information only if the SP is any of the above defined Data Protection Entity Categories |
sfs-1993-1153 |
SP is an application that fulfills SFS 1993:1153 |
Release eduPersonNIN, additive to research-and-education. |
Research & Education
entity-category URI |
http://www.swamid.se/category/research-and-education |
|---|
Definition
The Research & Education category applies to low-risk services that support research and education as an essential component.
For instance, a service that provides tools for both multi-institutional research collaboration and instruction is eligible as a candidate for this category. This category is very similar to InCommons Research & Scolarship Category. The recommended IdP behavior is to release name, eppn, eptid, mail and eduPersonScopedAffiliation which also aligns with the InCommon recommendation only if the services is also in at least one of the safe data processing categories.
SFS 1993:1153
entity-category URI |
http://www.swamid.se/category/sfs-1993-1153 |
|---|
Definition
The SFS 1993:1153 category applies to services that fulfill SFS 1993:1153.
SFS 1993:1153 limits membership in this category to services provided by Swedish HEI-institutions, VHS.se or SCB.se. Example services include common government-operated student- and admissions administration services such as LADOK and NyA aswell as enrollment and course registration services. Inclusion in this category is strictly reserved for applications that are governed by SFS 1993:1153 which implies that the application may make use of norEduPersonNIN. The recommended IdP behavior is to release at least eppn, email, name and norEduPersonNIN.