A growing number of Service Providers (SPs) supporting collaborative Research and Scholarship activities are joining InCommon. As is the standard practice in the Higher Education/Research world, collaboration on these sites involves knowing who the collaborators are: name, email, institutional affiliation. Unfortunately, the default Attribute Release Policies in place at most campus Identity Providers (IdPs) do not share any information with these sites unless a local faculty member submits a specific request and and a policy exception is granted. This approach is not scalable; it just plain will not work in an environment that will likely have thousands of campus IdPs and thousands of SPs in this category. This is already a serious problem for the big Virtual Organizations and Research Labs; the hoped-for explosion of smaller collaboration sites housed in academic departments will not succeed with federation unless a scalable solution is developed.
InCommon is implementing a simplified and scalable approach to this problem through the specification of a "Research and Scholarship (R&S)" category for SPs. All InCommon SPs have already agreed to a set of practices governing how they manage and use personal attributes. To qualify for inclusion in the R&S category, SPs comply with an additional set of criteria that are designed to facilitate IdP policy decisions to release a controlled set of low-risk attributes the R&S SPs without per-SP review. InCommon provides metadata and technology tools to further facilitate automatic, but controlled, release of attributes to the R&S SPs, as well as aiding user support.
The Research and Scholarship Category Pilot will include a small number of SPs and IdPs to test this approach, recommending modifications to the specifications described here, as appropriate.
In addition to the requirements outlined in the InCommon Federation: Participation Agreement, Service Providers must comply with the following requirements:
InCommon IdPs are strongly encouraged to release the following attributes to R&S Category SPs:
displayName
givenName
surName
mail
eduPersonPrincipalName
eduPersonTargetedID
eduPersonScopedAffiliation
R&S Category SPs may request other attributes, but those requests are not likely to be honored by IdPs unless there has been prior agreement with the IdP Operator. It is highly recommended that SPs use a minimalist approach to attribute requests.
To request membership in the R&S category, a site administrator for the organization owning the SP completes a web form asserting compliance with the criteria. This initiates the following approval process:
When an SP is approved for the R&S category,
The following documents describe the technical considerations for participation in the R&S Category: