Working Group Goals and Charter

The Attributes for Collaboration and Federation Working Group will recommend a default attribute release policy (ARP) for InCommon participants, develop and execute a roadmap for adoption of the ARO, and review and enhance online content for identity provider administrators so they have a clear set of steps to follow to implement the desired approach.

Background

The InCommon Federation was founded on a principle of privacy protection (based on local authentication and limited attribute release to SPs) with an expectation that campuses would actively manage their Attribute Release Policies and adopt attribute release “bundles”, based on the needs of their respective campus communities. However, this approach, influenced by a conservative interpretation of privacy regulations such as FERPA, and a common assumption that the primary driver for attribute release is enterprise contracts, has resulted in very restrictive Attribute Release Policies on campuses.

The Research & Scholarship (R&S) Category, was created as a scalable way for campus IdPs to easily create a global attribute release policy targeting SPs that have been validated as supporting Research & Scholarship. The underlying principle is that for people accessing these SPs, associating their name with their work is more important than remaining anonymous.

Unfortunately R&S, while a great idea, is an opt-in model and has not been adopted by enough institutions to make federation “work” for research organizations. A joint InCommon Steering, InCommon Technical Advisory Committee (TAC) and InCommon Assurance Advisory Committee (AAC) priority for 2017 and the first 6 months of 2018, is to “flip the bit” of R&S, i.e., make it an opt-out model that is a social expectation and the technical default (as much as possible), and dramatically increase the adoption across current higher ed and research identity providers.  Otherwise, frustrated research organizations may seek alternatives to the InCommon federation.

In addition, many non-R&S SPs only require a unique identifier or alternatively an email address to allow access to services.  These attributes (including in some cases a user’s name and campus affiliation) are usually considered “directory information” under FERPA guidelines, and unless a student specifically requests to block release of that information, could be released by default to ALL SPs.

The InCommon Technical Advisory Committee (TAC), InCommon Steering, and the InCommon Assurance Advisory Committee (AAC) are committed to re-addressing this issue of basic attributes needed for federation, and working with InCommon participants and their campus stakeholders to ensure attribute release meets the needs of the community.

Charter

Read and comment on the Working Group Draft Charter.

Membership

 

 

See Also

InCommon Working Groups Home

Meeting Dates and Times

 

Working Group Members