Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.



Best practices for Hub-and-Spoke federation


Hub-and-Spoke federations operate a centralized authentication component as part of their Identity Federation. In Reseach and Education about 10 federations are currently running such a setup.

This activity gathers best practices form those running such federations. Possible topics may include:

  • Operational topic, e.g. scale and security
  • Enduser, IdP and SP support
  • Trust establisment, privacy preservation and policy
  • Business cases for running a central component
  • Augmenting federation with e.g. group management, attribute aggregation, stepup authentication, credential and protocol translation and autherization
  • Working with metadata
  • Available tools and technologies
  • Working with eduGAIN, Code of Conduct and attribute bundles
  • Combining Hub-and-Spoke and Mesh federation technology
ProposerNiels van Dijk
Resource requirementsSeveral conference calls, a wiki space, pehaps one or two f2f discussion meetings at existing venues
+1's<for others to voice their support - add your name here>Laas Toom (EENet)