Target audience = execs and policy makers
Introduction
A federation is a collection of organizations, both real and virtual, that have agreed to share information for authentication and authorization purposes using an common set of rules. These rules focus primarily in the areas of privacy and security. This framework of agreements mean federation members do not have to negotiate bilateral agreements with every other member of the federation.
Interfederation is a similar concept, but scaled up to have entire federations agreement to cooperate and share information. Interfederation allows federations to develop rules according to their own needs and legal requirements and yet still share information in clearly defined ways.
Use Cases
International scientific collaboration
LIGO, an international research collaboration in the area of gravitational physics, has signed Memorandum of Understanding with related research groups in Italy and Japan. The fundamental concept underlying those MoU is the sharing of data created out of several large, dedicate instruments. However, being in entirely different geopolitical regions, the associated research groups are part of different federations. In order for these researchers to focus on science and not a large, complex Identity Management Infrastructure where local accounts must be created and managed, the federations need to have an agreement of their own that will allow tools like Shibboleth to enable single sign-on with the researchers' home credentials.
University Libraries
Universities often have sister institutions in other countries. The goal of having these partnerships is to make it easier for students and faculty to exchange information as well as location for the betterment of research and learning. These relationships happen at an individual institution level, and those institutions are likely to already belong to a federation appropriate to their area.
Multi-sector collaborations
Government with academia
Academia with commercial
Commercial with Government
The Value of Interfederation
The Challenges
- Usability
- discovery
- Scalability
- discovery
- metadata exchange between federations (where are the endpoints? What are the basic policies of the federation?)
- Implementability
- changes required at both the federation and the local level
- attributes
- standardized release policies
- standardized schema
- common language for query
Efforts in this space
Who is working on the problems?
Technology
- eduGAIN
The eduGAIN service is intended to enable the trustworthy exchange of information related to identity, authentication and authorisation between the GÉANT (GN3) Partners' federations. The eduGAIN service will deliver this through co-ordinating elements of the federations' technical infrastructure and a policy framework controlling the exchange of this information. The initial goal is to enable Pan-European Web Single Sign On (Web SSO) to both GÉANT services and to those provided by other communities represented by, or associated with, the GN3 Partners.
- Funded by? Business model?
- Public Endpoints Entities Registry (PEER|https://spaces.at.internet2.edu/display/PEER/Home;jsessionid=40BEA1FDF95B512EDA772E10504A8F40)
PEER is envisioned as a lightweight, global registrar for SAML Metadata representing both SAML and non-SAML endpoints (e.g., OpenID, IMI). It is intended as a focused activity to catalyze international use of federated identity. The service is not intended to be a replacement for federation or inter-federation, but is intended to be a tool supporting such activities. The service is intended to be operational by July 2011. It will be operated by an interim operator as a proof-of-concept and move to a permanent home if the service is seen as useful. Part of the PEER project will include an analysis of sustainability for PEER.
- Funded by? Business model?