Working Group Goals and Charter

The Attributes for Collaboration and Federation Working Group will recommend a default attribute release policy (ARP) for InCommon participants, develop and execute a roadmap for adoption of the ARP, and review and enhance online content for identity provider administrators so they have a clear set of steps to follow to implement the desired approach.

Background

The InCommon Federation was founded on a principle of privacy protection (based on local authentication and limited attribute release to SPs) with an expectation that campuses would actively manage their Attribute Release Policies and adopt attribute release “bundles”, based on the needs of their respective campus communities. However, this approach, influenced by a conservative interpretation of privacy regulations such as FERPA, and a common assumption that the primary driver for attribute release is enterprise contracts, has resulted in very restrictive Attribute Release Policies on campuses.

The Research & Scholarship (R&S) Category, was created as a scalable way for campus IdPs to easily create a global attribute release policy targeting SPs that have been validated as supporting Research & Scholarship. The underlying principle is that for people accessing these SPs, associating their name with their work is more important than remaining anonymous.

Unfortunately R&S, while a great idea, is an opt-in model and has not been adopted by enough institutions to make federation “work” for research organizations. A joint InCommon Steering, InCommon Technical Advisory Committee (TAC) and InCommon Assurance Advisory Committee (AAC) priority for 2017 and the first 6 months of 2018, is to “flip the bit” of R&S, i.e., make it an opt-out model that is a social expectation and the technical default (as much as possible), and dramatically increase the adoption across current higher ed and research identity providers.  Otherwise, frustrated research organizations may seek alternatives to the InCommon federation.

In addition, many non-R&S SPs only require a unique identifier or alternatively an email address to allow access to services.  These attributes (including in some cases a user’s name and campus affiliation) are usually considered “directory information” under FERPA guidelines, and unless a student specifically requests to block release of that information, could be released by default to ALL SPs.

The InCommon Technical Advisory Committee (TAC), InCommon Steering, and the InCommon Assurance Advisory Committee (AAC) are committed to re-addressing this issue of basic attributes needed for federation, and working with InCommon participants and their campus stakeholders to ensure attribute release meets the needs of the community.

Charter

Read and comment on the Working Group Draft Charter (you must login with your federation credential to leave a comment)

Membership

This will initially be an invitation-only membership working group in order to ensure we have the right stakeholders contributing their ideas and expertise.  However, webinar(s), email lists, and the WG wiki will be used to communicate with the community.  (See member roles in the left sidebar.)

 

See Also

InCommon Working Groups Home

Meeting Dates and Times

TBD

Working Group Member Roles:

  1. InCommon Steering (WG Sponsor)

  2. InCommon TAC (WG Sponsor)

  3. InCommon AAC (WG Sponsor)

  4. Registrar (2)

  5. CIO from higher education institution

  6. Research SP operator

  7. Internet2 Staff member

  8. TIER Packaging WG Member

  9. Researcher

  10. Auditor, Risk or Privacy Manager, Lawyer

  11. SMEs as needed (e.g. FERPA regulations)