US Federations Discussion

["Ma, Ying" <>]

Thank you all for your responses. For the immediate need to offer service
to two classes of students at SDU, bilateral integration with SDU IdP is
probably the approach to pursue. One challenge here is the co-existance of
a bilateral integration and InCommon SSO within the same SP. This UCLA
moodle SP currently provides service to multiple campuses across UC
system, and thus is an InCommon SP taking advantage of InCommon federated
SSO. We don't want to lose InCommon SSO since that covers the majority of
our users. If we create bilateral relationship with an IDP from a
different federation, it's likely that we need to provide a separate login
link for users from that specific IDP. Technically it should not be a
problem with some work done at SP, but it doesn't feel like an elegant
solution, as we are anticipating more overseas demand. I wonder if other
campuses are doing anything different to address similar situations?
 

It's great to have a contact point from WAYF. Also good to know there are
campuses in US joining foreign federations. We are interested in exploring
the case where one SP integrates with two federations across countries.
Most of the issues probably reside on the policy side (privacy concerns,
differences of government legislations, etc) rather than the technical
side, as noted by Steven. We want to get some idea of what it takes to
become a member of foreign federation, or leverage eduGain interfed
effort, as mentioned by Ann. This is more of a long term thinking rather
than address immediate request. Any comment that you have to share is much
appreciated!

Thanks,
Ying Ma
Information Management,
IT Services, UCLA

(310)2064978


On 5/16/12 10:30 AM, "Steven Carmody" 
<>
 wrote:

>On 5/15/12 2:26 PM, Ma, Ying wrote:
>>
>> Thank you for your reply. It's good to know where we are. I'm aware
>> that InCommon is one of the participants in REFEDS, which focuses on
>> topics involved in international collaboration in research and
>> education. Interfederation seems to be one of the topics. We are
>> interested to know if InCommon is actively involved  in REFEDS
>> effort, and whether there is a workgroup focused in this area. Any
>> information helps.
>>
>
>As noted by Ann, there are already a number of situations like the one
>you describe where the two schools have created a bilateral
>relationship, rather than waiting for inter-federation to arrive. This
>would be not much different from creating a bilateral relationship with
>a cloud-based service provider who is not an IC member. (There have also
>been a few cases where campuses have become members of a foreign
>Federation... but let's not go there.)
>
>I've CC'ed David Simonsen who is heavily involved with the WAYF
>Federation in Denmark, and who would be your contact point if you wanted
>to pursue a bilateral relationship.
>
>The other issue if this moves forward is that an EU-based IDP would be
>sending PII attributes to an SP located outside the EU. Using an
>EU-resident IDP immediately means that both parties have to worry about
>the EU Privacy Directive. But, if UCLA can assert that your moodle SP is
>operated in compliance with a set of EU-prescribed requirements then
>that would go a long way toward convincing the WAYF IDP that it is safe
>to send attributes to your SP.