Versions Compared

Old Version 17

changes.mady.by.user Heather Flanagan

Saved on

compared with

New Version Current

changes.mady.by.user Nicole Harris

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info

In 2015, IAM managers from the US academic consortia called the CIC put together the CIC Cloud Services Cookbook. This document offers a set of recommendations on how vendors of cloud services and institutional customers should engage with each other to support federated identity.

As part of the 2016 Workplan (see REF16-3C), the REFEDS community aims to extend the Cookbook so it covers a more global scope. This wiki space will capture the ideas and suggestions and be the home for the adaptation of the Cookbook.

Notes: Specific mentions of InCommon have been highlighted; we need to figure out if those recommendations can be generalized to all federations. Comments have been added to wiki on other specific areas that will need to be modified.

...

Warning
  •   Some of the material is already slightly out of date. Would the effort to globalize this also focus on updating the material? How often do we want to commit to reviewing the material?
    •  Proposal: Updating the document should be on the list of things to do, but at a lower priority than globalizing the existing material. Frequency should match the more local updates done by the CIC schools.
  •   If we want this to be more globally applicable, perhaps a bit more on the need to establish SSO on the campus or within the VO? They don't explain why federated authentication in a single campus setting is useful (that it is a logical development out of campus SSO). Also, it would be helpful to have references and definitions.
    •  Proposal: Mention some highlights here, but otherwise point to the videos being produced by the NSRC and REFEDS on the topics.
  •  
    Perhaps add more regional case studies?
  •  
    Perhaps a section on cloud services as accessed through eduGAIN?

 


Table of Contents
maxLevel4

...

Partnering with a new cloud service provider can be complicated and time-consuming. Nearly all of the hurdles can be overcome with technical or policy solutions, but forming those solutions can be an expensive process, which diminishes the value proposition of adopting cloud services. 


Overview of Higher Education IDM Landscape

...

Even if institutional policy forbids sending or storing HIPAA protected in a cloud service, such a policy may not be sufficient to prevent the use of a cloud service for such purposes. Email and file storage services may be of particular concern. If the cloud provider is able to sign a BAA that could mitigate any exposure by the institution's members to that particular vendor. 


Appendix: Identifier Properties

...