Trust and Internet Identity Meeting Europe
11-14 Feb 2019: Workshops and Unconference

TIIME 2017: Session 18 FIM4R 5 years after

(Peter Gietz)

2012 Requirements:

  1. User friendliness(high)
  2. Browser & no-browser federated access(high)
  3. Bridging communities (medium)
  4. Multiple technologies with translators including dynamic issue of credentials (medium)
  5. Implementations based on open standards and sustainable with compatible licenses (high)
  6. Different Levels of Assurance with provenance (high)
  7. Authorization under community and /or facility control (high)
  8. Well defined semantically harmonized attributes (medium)
  9. Flexible and scalable IdP attributes release policy (medium)
  10. Attributes must be able to cross national borders (high)
  11. Attribute aggregation for authorization (medium)
  12. Privacy and data protection to be addressed with community-wide individual identities (medium)

https://cdsweb.cern.ch/record/1442597/files/CERN-OPEN-2012-006.pdf

  • ** User friendliness
    • ** Free text for each Question
    • ** Did the introduction of the Proxy improve your user experience?
      • ** Do services have knowledge to bypass WAYF
      • ** Do services have knowledge to point out IdP shortcomings to the user?
  • ** What works well vs badly
    • ** Browser / non-web
      • ** Users working on commandline
      • ** Delegation
      • ** WebDAV
      • ** Mobile
      • ** ECP Coming back? (Probably don't include, be careful to focus on requirements not solutions)
      • ** REST APIs
  • ** Does your community have preferences for existing technologies?
    • ** Web
      • ** OIDC
      • ** OAUTH
      • ** SAML
      • ** Kerberos
      • ** 509
    • ** Non-web
      • ** OIDC
      • ** Kerberos
      • ** 509
    • ** Split by prod / dev / dream
  • ** Implementations based on open standards and sustainable with compatible licenses
    • ** Open standards
    • ** Open source
  • ** LoA: Different levels of assurance (with provenance)
    • ** IdP/SP proxies impact on LoA
    • ** Per attribute LoA
      • ** Is it used
      • ** Is it required by your community** (maybe this is a non-problem)
  • ** Could you please describe your use-case if you need it.
    • ** Trust hub?
      • ** Provenance of group info: Can the hub be trusted with this or do you need more?
    • ** Authorisation:
      • ** Any problems?

2012 Recommendations

  • –Recommendations to the research communities
  • –conduct Risk analysis

Progress Discussion

  • –Significant progress made
  • –AARC I & II

Editorial board

  • –Rep from each community/infrastructure
  • –Define survey Questions
  • –Write summary of progress FIM4Rv1
  • –Combine contributions from communities7infrastructures

Community/Infrastructure input

Statement on own progress and challenges

Complete survey

Potential size of community - home organization login (how many people are able to use it and how many people will be able to use it) what percentage of the research is based on home organization login and what amount of it would be able to join it.

Just the domain part needs to be provided.