AboutEduID.hu

Innen: KIFÜ Wiki
A lap korábbi változatát látod, amilyen Bajnokk(AT)niif.hu (vitalap | szerkesztései) 2012. január 23., 10:46-kor történt szerkesztése után volt. (Policy and principles of interoperation)

Purpose of this document

This document is a collection of the information specified in several specific documents written in Hungarian. Since only Hungarian educational and research institutions are expected to be Federation Members (ie. operate an Identity Provider), this document focuses on rules relevant to (international) Federation Partners.

About the federation

Hungarian Research and Educational Federation (HREF) is an identity federation of Hungarian higher education and research institutions, and for public collections and other content providers. For the end-users, the federation aims to be transparent, therefore the login procedure is communicated as eduID login.

Contacts

The Federation is operated by NIIF Institute as a Federation Operator. Questions, concerns or any kind of requests about the Federation should be directed to any of the following addresses:

  • aai@niif.hu
  • Kristof Bajnok, NIIF Institute
18-22 Victor H. str
H-1132 Budapest
Hungary

News and information about the federation is located at http://eduid.hu (Hungarian only)

Policy and principles of interoperation

Basic principles

  1. The aim of the Federation is to allow the use of services of its Members and Partners, where authorisation is based on the user information originating from the users' Home Institutions.
  2. Home Institutions must only authenticate users having a known affiliation to them.
  3. IdPs and SPs must not give false or misleading information about themselves.
  4. User information provided by IdPs should be as accurate as possible. SPs must take into account that parts of the received information may be at the discretion of the user.
  5. User credentials (i.e. passwords) stored by IdPs must be protected and verified only through secure procedures.
  6. SPs must request only the user attributes which are absolutely necessary for their operation.
  7. SPs must not ask users for their federation passwords.
  8. SPs must handle personal data according to the local privacy laws.
  9. IdPs and SPs must cooperate in the investigation of possible abuse/fraud.
  10. IT systems running IdPs and SPs must be operated with due diligence.

Data protection

  • Prior joining the federation, every entity needs to publish the Data Protection Policy under which it operates. This policy must be kept up-to-date.
  • Whenever the policy changes, the Federation Operator must be notified.
  • Transfer of personal data is only allowed when
    • authorised by law,
    • the user expressed his or her consent on the data transfer.

Rules of membership

The Federation is operated by the Federation Operator, that also operates the national research network. Further participants are Members and Partners that must have a signed contract with the Operator.

  1. The following institutions may be Members of the federation:
    • Institutions of the higher education;
    • Institutions of the Hungarian Research Academy and other research institutions;
    • Institutions of secondary education;
    • Public collections.
  2. Any organisation might join as Partners.
  3. All Members and Partners of the Federation might provide services.
  4. A Partner might participate in the meeting of the Members' Board as an observer, without having rights to vote.
  5. Only Members are entitled to
    • supply user information to the federation
    • send representatives into the Members' Board with a right to vote.

Governance

Legal

Technical information

Operational requirements

Attributes

Metadata

Federation Operator services

Metadata distribution

Resource Registry

Discovery Service

Virtual Home Organization