Federation Policy

Innen: KIFÜ Wiki
A lap korábbi változatát látod, amilyen Bajnokk(AT)niif.hu (vitalap | szerkesztései) 2011. szeptember 27., 01:28-kor történt szerkesztése után volt. (autosave)
(eltér) ← Régebbi változat | Aktuális változat (eltér) | Újabb változat→ (eltér)

Policy of the HREF Federation

  1. The Federation had been founded in order to facilitate the use of the services of its Members and Partners by the users. Users should be able to access the services (if they are allowed to use them) if they Home Institution identified and authorised them.
  2. A Home Institution might authenticate only users having a (known) relationship with the given institution.
  3. IdPs and SPs must not give false or misleading information about itself.
  4. An IdP should provide information as accurate as it is possible. However, Service Providers must take into account that some of the information received from an IdP might be modified by its users themselves.
  5. The IdPs must ensure that the credentials (i.e. password) of their users are protected. Credentials could be verified only in a safe procedure.
  6. A SP must request only the minimal amount of the user’s attributes from the IdP.
  7. A SP must not request the password of a user used at his or her IdP.
  8. The SP processes personal data of the users according to the applicable privacy laws.
  9. IdP and SP must cooperate when a possible misuse should be investigated.
  10. IdPs and SPs IT systems must be operated with due diligence.

Rules

Data protection rules

  1. Members and Partners must ensure that processing personal data satisfies the requirements of the applicable laws. Therefore personal data of the users may be processed only if either authorised by law or, if the user expressed his or her consent. Users must be able to receive all the needed background information before their permission could be asked.
  2. All Members and Partners must have their own Data Protection (Privacy) Policy which must include
    • description of the collected personal data;
    • purpose of the data processing;
    • period of time of keeping collected personal data;
    • procedures of expressing complaint about data processing.
  3. All Partners and Members must publish their up to date Data Protection (Privacy) Policy.

Operational rules

  1. Operational rules are described in separate documents: IdP requirements, SP requirements.
  2. The Federation Operator is authorised to verify conformance to the operational rules.
  3. Members and Partners must insure that their metadata handling and modification procedures adhere to the metadata specification, thus:
    • Members maintain their data in the Resource Registry in order keep the Federation's metadata files up to date.
    • metadata must be updated and verified according to the schedule included into the specification.
  4. Both IdP and SP follows the Attribute Specification when transferring attributes of a user.

Data management rules

  1. All Identity Providers must document their user registration procedures.
  2. Only users having a defined affiliation with the institution might be authenticated by that institution.
  3. Quality of data
    • Data storage procedures must support that an individual can be back-traced only for the time what it is necessary for the purpose of the data processing.
    • It is recommended to build the database of the IdP based on an authoritative database. Regular update of the data ensures its timeliness and accuracy.
    • If the database of the IdP would not be based on an authoritative database then procedures must take place to maintain the quality of data.
  4. The Identity Provider should aim to make its services available to all of its affiliated users.
  5. The Identity Provider implements the attributes what are required by the Attribute Specification.

Rules of Membership

The HREF Federation consists of Members, Partners and an Operator. The Operator is the same organisation that operates the Hungarian National Information Infrastructure. Further participants are Members and Partners – they must have a signed contract (hereinafter referred as Contract of Participation) with the Operator. 1. Institutions eligible for membership of the HREF Federation are the following: Institutions of higher education; Istitutions of the Hungarian Academy of Sciences, other Research Institutions; Institutions of secondary education; Public collections. 2. Any organisation might join as a Partner of the Federation. 3. All Members and Partners of the Federation might provide services. 4. A Partner might participate in the meeting of the Board of Members as observer, without having voting rights. 5. Only Members are entitled to identify their users; send representatives into the Board of Members, entitled to vote.

A lap eredeti címe: „https://wiki.niif.hu/index.php?title=Federation_Policy&oldid=2148