Several different use-cases have been put forward describing requirements to identify individuals who fit some sort of description of academic and / or Identity Providers that are from academia. Due to significant global and local differences in the way that these concepts are implemented and used it is not possible to come up with a single easy-to-use solution for these requirements. There are approaches that can be taken. REFEDS and it members are attempting to a) document possible misunderstandings regarding existing federation metadata and b) document possible pragmatic solutions that may meet the requirements put forward by user groups.
There are many different definitions of both academic and academia used globally. For the sake of this work, the following two definitions will be used:
Existing Issue | Discussion |
---|---|
Research and Education federations have IdPs that do not belong to "educational" bodies. | Whilst most federations place some restrictions around IdPs and limit the registration of them to sub-sets of user groups it is not possible to fully limit IdPs to organisations that are strictly academic. |
There is no wide-spread use of the term "faculty". | Faculty is used in the eduPerson specification and is the closest value to "academic" that currently exists, however it is not widely used as a term outside of the US. For more background on the usage of affiliation see the REFEDS ePSA usage comparison. |
"Faculty" and "Academic" are different things | Faculty specifically refers to the academic staff of an organisation in the US. Academic could include students, academic-related staff (librarians, IT, researchers) etc. |
IdPs do not typically group or label individuals as academic in systems. | Use of academic / academic-related is normally restricted to pay-grade systems and is not a generic tag that would typically be assigned to user groups. |
Academia IdPs may serve various user groups | Many guests (like consultants, participants in part-time further education courses, etc.) that get an account in an academia IdP will generally not qualify as academic users. These guests would typically get an affiliation value of 'affiliate' or no value at all. |
Non-academia IdPs are not tagged. | There is currently no flag for "non-academic" IdPs. Such a tag could be explored but it would probably be considered negative by the entity owners. It would also be subject to misinterpretation and misuse - if Google is used by 3 academic users as an IdP, is it therefore academic? Also there is no authorative source for labeling the non-members. |
Confusing terms-of-use and authorisation. | There are scenarios where a terms-of-use style agreement with the user (e.g. you can only use this in x scenario, you can only download one copy) has been translated into an authorisation requirement (you must be a person of type x). These translations can often lead to bad-fit and confusion. |
Hub and Spoke federations have challenges supporting entity categories | Many hub and spoke federations are providing virtualisation to allow features to be added that support interactions such as entity tagging. |
Academics might not be in "academia" IdPs | Many academics will be using specific VO IdPs rather than the IdP of a recognisable "academic" organisation. Should it be permissible for these to be tagged with "academia" |
There is no one-size fits all solution to the needs of the community. REFEDS could propose the creation of a toolbox with three parallel and complementing tools. Defining values alone will not move the requirements forward as Service Providers will still be faced with the problem of ensuring that attribute release is occurring. Entity Category work could support this need.
1. for IdP entities in SAML2 metadata | 2. Supporting use of "academia" value with schacHomeOrganisation | 3. Supporting use of eduPerson(Scoped)Affiliation = faculty |
---|