Versions Compared

Old Version 14

changes.mady.by.user trscavo@internet2.edu

Saved on

compared with

New Version Current

changes.mady.by.user David Walker (internet2.edu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Entity categories are used to indicate certifications and other properties of IdPs and SPs that are registered within the federation. These certifications may be self-asserted or formally assigned by the federation, but the criteria and certification processes are always made available for transparency. For current category assignments, see InCommon Entity Categories and InCommon Certified Identity Providers.

InCommon Entity Categories

The following entity categories are available within InCommon

InCommon Entity Categories

Terminology

  • An Entity Category is a group of entities (SPs or IdPs or both) possessing a particular characteristic.
  • Membership in an Entity Category is indicated by an Entity Attribute in metadata.
  • An Entity Attribute is a SAML Attribute in a container of type mdattr:EntityAttributeType defined by an Entity Attribute Profile of SAML Metadata.
  • An Entity Attribute Profile of SAML Metadata describes how SAML Attributes and Assertions may be added to SAML metadata extensions.
  • An Entity Category Profile of SAML Entity Attributes describes a specific Entity Attribute for categorizing entities according to some Entity Attribute Profile of SAML Metadata.

Two international Entity Category Profiles in the R&E space are:

  1. REFEDS Research & Scholarship Entity Category
  2. REFEDS Hide From Discovery Entity Category

...

  1.  - Used to streamline researchers' access to federated services that support their work by certifying those services as meeting specific criteria for purpose, security, and operational maturity.
  2. REFEDS Security Incident Response Trust Framework for Federated Identity (SIRTFI) Category - Used to indicate compliance with REFEDS's framework for security incident response.
  3. InCommon Bronze and Silver - Used to indicate compliance with NIST Assurance Levels 1 and 2, respectively.
  4. Registered By InCommon Category
  5. InCommon Research & Scholarship Support Category

See the child pages to this wiki page for local documentation on each of these entity categories.

Service Categories

Div
stylefloat:right;margin-left:1em;margin-bottom:1ex
Note

Browse a list of all entity categories

A Service Category is a special type of Entity Category. A Service Category is a group of service providers with a common purpose. The intended goal of a Service Category is to make attribute release more scalable. To this end, IdPs release a known set of attributes to entire categories of SPs. Using entity attributes (instead of entityIDs), attribute release policy at the IdP is configured for all services in the category (both present and future), rather than once per service. IdPs signal their support of particular service categories in metadata, which allows SPs to build dynamic, relevant discovery interfaces.

To become a member of the Research and Scholarship Category, a service provider supports the research and scholarly activities of the higher ed community and satisfies a modest set of technical requirements.

Resources

  1.  - Indicates that the entity was registered by InCommon, as opposed to some other federation.
  2. REFEDS Hide From Discovery Entity Category - Used to exclude an IdP from general-purpose discovery interfaces, e.g., because it is a test IdP. This category would not generally be used for production IdPs.
  3. InCommon Research & Scholarship Support Category - Deprecated. See Research and Scholarship Category for more information.

For more information about entity categories, see General Information about Entity Categories.

...