DRAFT - Research and Scholarship

...

Category Pilot

InCommon is launching a new service to make it easier for participants to provide collaborative services and for faculty, researchers, and scientists \[students?\] to use those services with their federated identities. This service uses categorization of service providers (SPs) to simplify and streamline configuration of identity providers (IdPs) and SPs to work together. The newly defined Research & Scholarship (R&S) category will apply to service providers that support research and scholarly activities such as virtual organizations and campus-based collaboration services. Participating IdPs will agree to release a minimal set of attributes to the R&S category with a one-time addition to their default release policies, a simpler and more scalable approach than negotiating such release bilaterally with every service provider.

Background

A growing number of Service Providers (SPs) supporting collaborative research and scholarship activities are joining InCommon. As is the standard practice in the higher education and research world, collaboration on these sites involves knowing who the collaborators are: name, email, institutional affiliation. Unfortunately, the default Attribute Release Policies in place at most campus Identity Providers (IdPs) do not share any information with these sites without local review of the SP's purpose, governing policy, and operational practices. This approach is simply not scalable to the thousands of campus IdPs and thousands of SPs supporting research and scholarship that we anticipate in the future. It is already a serious problem for the big virtual organizations and research labs; the hoped-for explosion of smaller collaboration sites housed in academic departments will not succeed with federation without a scalable solution.

...

• Service Providers
  • TBA
• Identity Providers
  • TBA

Candidate Services

The three traditional dimensions of the academic endeavor are: research & scholarship, instruction, and service. Candidates for the R&S Category are those Service Providers that are specifically designed to support some aspect of research and scholarship; SPs aimed to enable instruction or service do not qualify for this category, even if they are intended for use by academics. Likewise, SPs that provide generalized services that have been or might be adopted for use in support of research and scholarship activities, but whose primary purpose is not research and scholarship, are not included in the R&S Category.

...

InCommon has chosen to introduce service categories in a conservative way, by focusing narrowly on services purposed for research and scholarship, in order to make implementation as straightforward as possible, and limit the range of concerns to be as specific as possible. Other service categories may be defined in the future for other purposes.

Requirements for the R&S Category

Service Providers are already bound by the requirements of the InCommon Federation: Participation Agreement. For the purposes of R&S, they should pay particular attention to Section 9:

...

R&S Service Providers must resolve issues of non-compliance within a reasonable period of time from when they become aware of the issue.  Failure to do so can result in revocation of their membership in the R&S category.

R&S Category Attributes

InCommon IdPs are strongly encouraged to release the following attributes to R&S category SPs:

...

R&S category SPs may request other attributes, but IdP Operators will likely require a prior agreement before releasing those additional attributes.  It is highly recommended that SPs use a minimalist approach to attribute requests. In the future, if InCommon interfederates with federations in other parts of the world, IdPs in other countries may be operating under laws and regulations which require a true minimalist approach.

Application for Inclusion in the R&S Category

To request membership in the R&S Category, a site administrator for the organization owning the SP completes a web form asserting compliance with the criteria.  This initiates the following approval process:

...

1. An entity attribute is inserted into metadata.
2. The new R&S SP is added to a web page listing members of the R&S category.
3. An announcement is sent to the announce@incommon.org email list and/or the monthly newsletter.

Policy Considerations for Identity Providers

Identity Providers are responsible for protection of the privacy of their community members' identity attributes.  As such, they must be cautious when releasing those attributes to Service Providers.  As can be seen above, the R&S category has been restricted to the release of low-risk attributes to low-risk Service Providers with high value.  Nevertheless, legislation such as FERPA, as well as local policy, may require further controls over attribute release by an IdP.  For example, some students may have opted out of attribute release under FERPA.

...

Campuses are encouraged to implement a default policy that releases the R&S attributes to SPs in the R&S Category; implementing this is a one-time change to the IdP configuration. When this is not possible, mechanisms for implementing limiting controls are described below in "Technical Considerations." In the interest of facilitating collaboration and sharing of resources for as broad a community as possible, however, it is recommended that such controls be applied with as small a scope as possible.

Technical Considerations

The following documents describe the technical considerations for participation in the R&S Category:

...