Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
en:degrees_of_reliance [2017/07/06 14:05] – Wolfgang Pempe | en:degrees_of_reliance [2019/12/20 12:56] – Wolfgang Pempe | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | FIXME **This page is not fully translated, yet. Please help completing the translation.**\\ //(remove this paragraph once the translation is finished)// | ||
- | |||
====== Degrees of Reliance within the DFN-AAI ====== | ====== Degrees of Reliance within the DFN-AAI ====== | ||
===== 1 Introduction ===== | ===== 1 Introduction ===== | ||
Line 19: | Line 17: | ||
==== 2.1 Identification Procedure by the Home Organisation (I) ==== | ==== 2.1 Identification Procedure by the Home Organisation (I) ==== | ||
+ | <callout type=" | ||
+ | The requirements mentioned below only refer to the procedures for onboarding identities like enrolment of students. \\ | ||
+ | **Procedures for resetting passwords are not subject of the Degrees of Reliance!** | ||
+ | </ | ||
The Home Organisation has to assign unique digital identities to their users. | The Home Organisation has to assign unique digital identities to their users. | ||
^ Degree | ^ Degree | ||
Line 32: | Line 34: | ||
^ Advanced |authentication by means of a personal account with user ID and password or with a digital certificate which has been issued under sufficiently secure and trustworthy directives | by means of this procedure a person can unequivocally be authenticated, | ^ Advanced |authentication by means of a personal account with user ID and password or with a digital certificate which has been issued under sufficiently secure and trustworthy directives | by means of this procedure a person can unequivocally be authenticated, | ||
- | ==== 2.3 Datenhaltung und Prozesse zur Pflege der Identitäten | + | ==== 2.3 Data Management and Processes for Maintaining Digital Identities |
- | Die nutzende Einrichtung muss die elektronische Identitäten ihrer Nutzer pflegen und insbesondere bei Änderungen diese aktualisieren. | + | The Home Organisation has to maintain the digital identities of its users and is obliged to bring the user data up-to-date. |
- | ^ Klasse | + | ^ Degree |
- | ^ Test | Verfahren freigestellt | + | ^ Test | any procedure |
- | ^ Basic | Mit Verpflichtung bzgl. Korrektheit und Aktualisierung innerhalb von 3 Monaten | + | ^ Basic | obliged to keep user data correct and bring it up-to-date within |
- | ^ Advanced | Mit Verpflichtung bzgl. Korrektheit und Aktualisierung innerhalb von 2 Wochen | + | ^ Advanced | obliged to keep user data correct and bring it up-to-date within |
- | ===== 3 Einordnen in eine Klasse der Verlässlichkeit | + | ===== 3 Assignment to a Degree of Reliance |
- | Die Klassen | + | The degrees |
- | Zu den technischen Details siehe unter [[de:metadata|Metadaten]] und [[de: | + | For technical details please refer to [[en:metadata|Metadata]] and [[en: |
- | ==== 3.1 Einordnung der Ressourcen durch die Anbieter | + | ==== 3.1 Classification of Resources |
- | Der Anbieter ordnet seinen Service Provider je nach Schutzbedürfnis seiner Ressource in der Metadatenverwaltung selbst der passenden Föderation zu und legt so fest, welche Mindestanforderungen Einrichtungen für die Nutzung der Ressource erfüllen müssen. | + | In the metadata administration tool the resource / service provider has to choose which degree of reliance he needs for his resource. Choosing the " |
- | ==== 3.2 Konformitätserklärung der nutzenden Einrichtungen | + | ==== 3.2 Declaration of conformity of the participating institutions |
- | Die nutzende Einrichtung ordnet sich in der Metadatenverwaltung unter Vertragsdaten im Sinne einer Konformitätserklärung selbst einer Klasse der DFN-AAI zu. Ihre Nutzer können dann auf alle Ressourcen zugreifen, deren Schutzbedürfnis von den Anbietern entsprechend eingeordnet wurde. Um sich einer bestimmten Klasse der DFN-AAI zuordnen zu dürfen, muss eine Einrichtung alle o.g. Mindestanforderungen dieser Klasse erfüllen. Die Zuordnung zu einer Klasse erfolgt über die Metadatenverwaltung. | + | The Home Organisations use the metadata administration tool to declare to which degree their IdP conforms. The users of these institutions can then gain access to resources that were assigned to that degree by the resource providers (SPs). IdPs that conform to the " |
- | **Beispiel:** Will sich eine Einrichtung der DFN-AAI " | + | **Example:** If an institution wants to assign its IdP to DFN-AAI " |