...
| Title | Fed Ops Security Incident Response |
|---|---|
| Description | Most federations have wording in their federation policy to support incident response but this tends to be a few words committing the Op, IdP and SP to work together on issues. There is no developed idea of the workflow for incident reporting and it is difficult for SPs to understand the process across different federations or contact multiple federations. REFEDS should define a common process and workflow descriptions for federations and support a lightweight model for supporting incident reporting and discussion - possibly via the FOG list or an XMPP type approach. As discussed at ACAMP. |
| Proposer | Nicole on behalf of ACAMP session. |
| Resource requirements | REFEDS Coordinator time, buy in from federations, possibly some small infrastructure support requirements. |
| +1's | Tom Barton, CAF, Dave Kelsey, Scott Koranda, Romain Wartel |
| Title | VO Assessment |
|---|---|
| Description | Several years ago, the COmanage project put together a questionnaire aimed at helping both the VO and the organizations supporting them understand their IdM needs and business processes. This proved to be fairly useful, but it needs to be updated and expanded to help a more international audience. The old assessment is available off the COmanage wiki, hosted by Internet2. |
| Proposer | Heather Flanagan |
| Resource requirements | Some effort (probably not a huge amount), maybe support for a survey, and kittens |
| +1's | Niels (both with SURFnet as well as GEANT SA5 VOpaas hat on) |
...
| Title | Focus on VOs |
|---|---|
| Description | VOs straddle national Feds and we handle them in an ad hoc (at best!) fashion. What practices should the interfed community adopt to support their Fed/Interfed needs? Deliverables might include strawman recommended practices to national Feds and roles & responsibilities that together would define a consistent service presented to VOs. The purpose would be to inform ourselves of what it might actually take to operationalize such a service. Could build on the VO Assessment activity proposed by Heather above. |
| Proposer | Tom Barton |
| Resource requirements | A few working group members to interview principals from several VOs or other organizations that support them or otherwise are knowledgeable about needs from a VO perspective (eg, Center for Trustworthy Scientific Cyberinfrastructure). A few Fed Ops to mull this over from an operational perspective. Someone to edit a resulting doc. |
| +1's | Romain Wartel |
| Title | Privacy and interfed |
|---|---|
| Description | Is the CoCo on track? What barriers are there to its adoption? Purpose is to determine what issues a communications campaign should address to improve uptake. |
| Proposer | Tom Barton |
| Resource requirements | Working Group would conduct interviews with a selection of prospective CoCo adopting sites, blend with CoCo knowledgeable expert and a communications person to arrive at an enumeration of concerns to be addressed. Perhaps a dozen Working Group conference calls and list support. Support for a small number of group interviews. |
| +1's | Mikael Linden (the GEANT CoCo flywheel) |
...
| Title | EduGAIN Global incident handling/support framework |
|---|---|
| Description | As national federations continue to join eduGAIN the problem of supporting users across federation boundaries will increase. When a user has an issue attempting to access services provided in another federation how it will be resolved in this global federation of federations. Issues the end user may experience include;
The development of a global incident handling/support framework. This framework would build on each federation’s user support strategies and seek ongoing support of the framework from federation through a memorandum of understanding. |
| Proposer | Terry Smith (AAF) and Sat Mandri (Tuakiri) |
| Resource requirements | 1) Development of a service oriented approach eduGAIN Global Support Framework to provide seamless user experience, including: i. Capability to log support request from anywhere (eduGAIN Support Zendesk) ii. Incident Management process for National Federation on eduGAIN iii. Incident Management process for Service Providers (Institutional, National, and International SPs) 2) A program of work to ingest (1) above into all national federations participating in eduGAIN. Development and documentation of the framework Marketing of the framework and buy in for federations |
| Risk and Issues | eduGAIN to publish a register for participating members to log and manage Risk and Issues |
| +1's | Heath Marks (AAF), Romain Wartel |
| Title | Federated Error Handling |
|---|---|
| Description | Develop a systematic approach to error handling at the Service Provider, especially in the common case where there are no (or too few) user attributes in the SAML response. One approach that has been suggested (but is by no means the only approach) is to leverage the Error Handling URL (errorURL) in IdP metadata so that end users are directed to an appropriate service point (e.g., help desk, IdM support, etc.). A possible outcome of this work item might be a profile of the errorURL in IdP metadata and a strategy for increasing its usage worldwide. |
| Proposer | Tom Scavo |
| Resource requirements | Profiling the use of errorURL in IdP metadata (if that is indeed a recommended approach) would be relatively easy |
| +1's |
...