Access Management

17 June 2014 at 4:22pm
Research, and particularly the on-line collaborative research referred to as e-science, creates a new challenge for federated access management systems. In teaching, the authoritative statement whether an individual is entitled to access an on-line resource comes from their home organisation: are they a member of that course? are they covered by that institutional licence? Thus it is natural to provide a source of authorisation attributes alongside, or even as part of, the home organisation's authentication systems.
24 April 2014 at 1:59pm
I only wish the Article 29 Working Party had published their Opinion on Legitimate Interests several years ago, as it could have saved us a lot of discussion in the federated access management community.
20 March 2014 at 10:03pm
Some thoughts on the e-Infrastructure requirements for supporting VirtualOrganisations.  A Virtual Organisation (VO) is one that intersects with multiple realorganisation.  It is comprised of users from multiple homeinstitutions. Many of which may be entirely unaware of the existenceof the VO at all.  This means that the Virtual Organisation needs tobe self-organising and must be provided with the tools to manage itsown membership.
11 March 2014 at 2:03pm
I've had several conversations this week that related to what's commonly referred to as "level of assurance": how confident we can be that an account or other information about an on-line user actually relates to the person currently sitting at the keyboard. Governments may be concerned with multiple forms of documentary proof but I suspect that for most common uses in the education sector that may be over-complicating things.
28 February 2014 at 9:02am
In discussions with e-Infrastructures we’ve spoken quite a bit about federated authentication, so I thought it was worth a quick summary of the federated authentication schemes already available on Janet. And, in particular, what the policies of those federations already offer to Service Providers by way of guarantees.
16 October 2014 at 5:03pm
Papers examining the access management requirements for European e-infrastructures:
14 February 2014 at 2:07pm
The Information Commissioner’s analysis of the European Parliament’s amendments to the draft Data Protection Regulation discusses the wide range of information that falls within the definition of "personal data" and gives examples that seem particularly relevant to identity federations.
10 January 2014 at 11:44am
As a privacy-sensitive person, I'm concerned that the trend in European Data Protection law seems to be to place more and more weight on my consent as justification for processing my personal data. In theory that sounds fine – given full information and a free choice, I can decide whether or not I'm willing for the processing to take place.
19 November 2013 at 9:07am
There are several situations when it would be useful to have a life-long identifier that doesn’t change when we move house, employer or even country. Most of us already have life-long identifiers to link together all our interactions with the health service and the tax office; in research and education linking together our achievements would also be useful when preparing a CV or research proposal. However these applications have very different consequences if the link between individual and identifier fails; they also need to resist different types of threat.
8 October 2013 at 9:31pm
At the VAMP workshop last week I was asked to review legal developments that might affect access management federations. On the legislative side the new European Data Protection Regulation seems to be increasingly mired in politics.
Subscribe to Access Management