- Created by Dean Woodbeck (internet2.edu), last modified on Dec 14, 2020
This working group completed its work in August 2018. The final report is available in the Trust and Identity Document Repository here http://doi.org/10.26869/TI.98.1
Working Group Chairs
- Tommy Roberson, Baylor
- Garrett King, Carnegie Mellon
Working Group Mission and Goals
The Streamlining SP Onboarding Working Group will identify and document standards for Service Provider operation within the InCommon Federation using the CIC Cloud Services Cookbook as a starting point. Having standards available that help SPs onboard will add to the value proposition for SPs in the InCommon Federation and reduce variance in configuration and increase interoperability.
The target audience for the working group is organizations that are running, or want to run, an SP. The standards will apply to both education and research SPs and vendor (commercial) SPs. It is important that working group members be aware that most Service Providers in the Federation, whether noncommercial or commercial, support the mission of research and scholarship.
The working group will not redo work that the community has already contributed. It will augment the existing profiles by integrating similar information into the standards that it produces.
The goals of the working group are to:
- Increase the clarity for organizations running SPs on what it means to federate in InCommon
- Provide suggestions for how organizations can verify their SP configurations
- Reduce the burden on Identity Provider Organizations to communicate the requirements
Charter
Membership
The Chair of the Working Group will be appointed by the InCommon Technical Advisory Committee (TAC) and is responsible for providing it with updates on the progress of the work. Participation in the working group is open to all who are interested, including organizations running IdPs and/or SPs.
Deliverables
- Define a standard set of technical vocabulary to aid in the understanding of the configuration standards
- Identify Service Provider implementation criteria using the CIC Cloud Services Cookbook
- Document SP configuration standards including basic and optional levels that meet the requirements defined and scoped in the charter
End Date
The tentative end date of the Streamling SP Onboarding Working Group is late November to mid-December 2017.
See Also
Community Consultation on Working Group Report (closed May 28, 2018)
Trust and Identity Working Groups Home
Guidelines for Trust and Identity Working Group Chairs and Flywheels
Meeting Dates and Times
Working group calls have completed as of Sept 2018
Meeting Minutes
Collaborative scribing is in this Google doc
Email List: streamlining-sp@incommon.org
- No labels
3 Comments
tommy_roberson@baylor.edu
Starting points for Vocabulary. As mentioned on the call, some of these are dated, but good starting points. I'll work through these and pull things out as a starting point, but want to save them here for others to see as well. I'll add more later.
IAM Functional Model and IAM Glossary
https://spaces.at.internet2.edu/download/.../CMU-identity-glossary.pdf
https://www.incommon.org/docs/iamonline/Remote%20Credentialing%20IAM%20Online%20-%20Final.pdf
Garrett King (andrew.cmu.edu)
Correction/Update to the CMU Identity Glossary URL: https://spaces.at.internet2.edu/download/attachments/1540598/CMU-identity-glossary.pdf
Garrett King (andrew.cmu.edu)
Related Resources:
InCommon - Policies (and Practices)
“The documents listed below comprise the policies and practices under which the InCommon Federation and Participants operate.”
https://www.incommon.org/policies.html
InCommon Federation - Participant Operational Practices
Includes questions SPs should be asking themselves along with common terminology
"The purpose of the questions above is to establish a base level of common understanding by making this information available for other Participants to evaluate.
https://www.incommon.org/docs/policies/incommonpop_20080208.pdf
InCommon - Participation Agreement
The criteria entities must meet in order to be a participant in InCommon
InCommon Federation Software Guidelines: https://www.incommon.org/federation/softguide.html
InCommon Federation Attribute Overview: https://www.incommon.org/federation/attributes.html
Link to full agreement: https://internet2.app.box.com/v/InCommon-Participation-Agreemt
Federation Participants - Recommended Practices
“In this document the InCommon Federation presents recommendations for federation participants regarding many aspects of federation practice.
https://spaces.at.internet2.edu/display/InCFederation/Recommended+Practices
Federation Basics
What it means, using high level concepts
https://www.incommon.org/federation/basics.html
CIC Cloud Services Cookbook
“The CIC IdM Working Group launched a project to produce a collection of guidelines that set out best practices and requirements that could be recommended to candidate SaaS vendors.”
https://carmenwiki.osu.edu/display/CICIDM/Cloud+Services+Cookbook+Project
REFEDS Extension of the Cloud Services Cookbook
"As part of the 2016 Workplan (see REF16-3C), the REFEDS community aims to extend the Cookbook so it covers a more global scope."
https://wiki.refeds.org/display/FBP/Cloud+Services+Cookbook
Related Working Groups:
Baseline Expectations - Working Group
“The intent is to improve interoperability among InCommon Participants and ensure that the Federation has a common level of trust by establishing expectations that all Participants agree to meet”
https://spaces.at.internet2.edu/display/BE/Baseline+Expectations+for+Trust+in+Federation
InCommon Deployment Profile Working Group
"Develop a Deployment Profile that describes REQUIRED and RECOMMENDED practices for IDPs and SPs operating in the Higher Education and Research community."
Deployment Profile Working Group Home
Attribute Standards:
InCommon Attribute Overview
https://spaces.at.internet2.edu/display/InCFederation/Supported+Attribute+Summary
SCHAC
"The need of interoperability among different components and the need of exchanging information outside institutional and sometime outside national boundaries have increased awareness of the role that attributes play."
https://wiki.refeds.org/display/STAN/SCHAC
inetOrgPerson
"We define a new object class called inetOrgPerson for use in LDAP and X.500 directory services that extends the X.521 standard organizationalPerson class to meet these needs."
https://www.ipa.go.jp/security/rfc/RFC2798EN.html
https://www.oasis-open.org/committees/download.php/61575/saml-subject-id-attr-v1.0-wd03.pdf