This working group completed its work in August 2018. The final report is available in the Trust and Identity Document Repository here http://doi.org/10.26869/TI.98.1


Working Group Chairs

  • Tommy Roberson, Baylor
  • Garrett King, Carnegie Mellon

Working Group Mission and Goals

The Streamlining SP Onboarding Working Group will identify and document standards for Service Provider operation within the InCommon Federation using the  CIC Cloud Services Cookbook as a starting point. Having standards available that help SPs onboard will add to the value proposition for SPs in the InCommon Federation and reduce variance in configuration and increase interoperability.

The target audience for the working group is organizations that are running, or want to run, an SP. The standards will apply to both education and research SPs and vendor (commercial) SPs. It is important that working group members be aware that most Service Providers in the Federation, whether noncommercial or commercial, support the mission of research and scholarship.

The working group will not redo work that the community has already contributed. It will augment the existing profiles by integrating similar information into the standards that it produces.


The goals of the working group are to:

  1. Increase the clarity for organizations running SPs on what it means to federate in InCommon 
  2. Provide suggestions for how organizations can verify their SP configurations
  3. Reduce the burden on Identity Provider Organizations to communicate the requirements

Charter

Working Group Charter

Membership

The Chair of the Working Group will be appointed by the InCommon Technical Advisory Committee (TAC) and is responsible for providing it with updates on the progress of the work. Participation in the working group is open to all who are interested, including organizations running IdPs and/or SPs.

Deliverables

  1.  Define a standard set of technical vocabulary to aid in the understanding of the configuration standards 
  2. Identify Service Provider implementation criteria using the CIC Cloud Services Cookbook 
  3. Document SP configuration standards including basic and optional levels that meet the requirements defined and scoped in the charter

End Date

The tentative end date of the Streamling SP Onboarding Working Group is late November to mid-December 2017. 


See Also

Community Consultation on Working Group Report (closed May 28, 2018)

Internet2 Blog Post: Streamlining Service Provider Onboarding: Criteria, Interactive Guidance, and More!

InCommon Working Groups Home

Trust and Identity Working Groups Home

Guidelines for Trust and Identity Working Group Chairs and Flywheels


Meeting Dates and Times

Working group calls have completed as of Sept 2018


 

Meeting Minutes

Collaborative scribing is in this Google doc


Email Liststreamlining-sp@incommon.org 

  • No labels

3 Comments

  1.  

    Starting points for Vocabulary.  As mentioned on the call, some of these are dated, but good starting points.  I'll work through these and pull things out as a starting point, but want to save them here for others to see as well.  I'll add more later.

     

    IAM Functional Model and IAM Glossary

    https://spaces.at.internet2.edu/download/.../CMU-identity-glossary.pdf

     

    https://www.incommon.org/docs/iamonline/Remote%20Credentialing%20IAM%20Online%20-%20Final.pdf

     

     

  2. Related Resources:

    InCommon - Policies (and Practices)
    “The documents listed below comprise the policies and practices under which the InCommon Federation and Participants operate.”
    https://www.incommon.org/policies.html

    InCommon Federation - Participant Operational Practices
    Includes questions SPs should be asking themselves along with common terminology
    "The purpose of the questions above is to establish a base level of common understanding by making this information available for other Participants to evaluate.
    https://www.incommon.org/docs/policies/incommonpop_20080208.pdf

    InCommon - Participation Agreement
    The criteria entities must meet in order to be a participant in InCommon
    InCommon Federation Software Guidelines: https://www.incommon.org/federation/softguide.html
    InCommon Federation Attribute Overview: https://www.incommon.org/federation/attributes.html
    Link to full agreement: https://internet2.app.box.com/v/InCommon-Participation-Agreemt

    Federation Participants - Recommended Practices
    “In this document the InCommon Federation presents recommendations for federation participants regarding many aspects of federation practice.
    https://spaces.at.internet2.edu/display/InCFederation/Recommended+Practices

    Federation Basics
    What it means, using high level concepts
    https://www.incommon.org/federation/basics.html

    CIC Cloud Services Cookbook
    “The CIC IdM Working Group launched a project to produce a collection of guidelines that set out best practices and requirements that could be recommended to candidate SaaS vendors.”
    https://carmenwiki.osu.edu/display/CICIDM/Cloud+Services+Cookbook+Project

    REFEDS Extension of the Cloud Services Cookbook
    "As part of the 2016 Workplan (see REF16-3C), the REFEDS community aims to extend the Cookbook so it covers a more global scope."
    https://wiki.refeds.org/display/FBP/Cloud+Services+Cookbook


    Related Working Groups:

    Baseline Expectations - Working Group
    “The intent is to improve interoperability among InCommon Participants and ensure that the Federation has a common level of trust by establishing expectations that all Participants agree to meet”
    https://spaces.at.internet2.edu/display/BE/Baseline+Expectations+for+Trust+in+Federation

    InCommon Deployment Profile Working Group
    "Develop a Deployment Profile that describes REQUIRED and RECOMMENDED practices for IDPs and SPs operating in the Higher Education and Research community."
    Deployment Profile Working Group Home


    Attribute Standards:

    InCommon Attribute Overview
    https://spaces.at.internet2.edu/display/InCFederation/Supported+Attribute+Summary

    SCHAC
    "The need of interoperability among different components and the need of exchanging information outside institutional and sometime outside national boundaries have increased awareness of the role that attributes play."
    https://wiki.refeds.org/display/STAN/SCHAC

    inetOrgPerson
    "We define a new object class called inetOrgPerson for use in LDAP and X.500 directory services that extends the X.521 standard organizationalPerson class to meet these needs."
    https://www.ipa.go.jp/security/rfc/RFC2798EN.html