Attribute release to Service Providers

Posted on Friday, 23 December 2016

Federation members may be aware of a reported security breach at Lynda.com https://www.linkedin.com/help/lynda/answer/75205. As it stands this should not have resulted in any leak of Personally Identifiable Information (PII) for any UK federation users through UK federation related authentication processes, however at this time Id like to remind everyone of the key element of federated access being the correct attribute request and attribute release by Service Providers and Identity providers respectively.

Further details on best practice can be found here https://www.ukfederation.org.uk/content/Documents/AttributesForAuthorization and also in the UK federation Technical recommendations https://www.ukfederation.org.uk/library/uploads/Documents/federation-technical-specifications.pdf and any Institutions or Service Providers who would like further advice on attribute release should contact the UK federation helpdesk.

On a different note wed like to wish everyone happy holidays and the UK federation will be available for entity registrations and modifications from January 3rd 2017.

read more...

Edited by MarkWilliams ? (Permalink)

Sirtfi, the Security Incident Response Trust Framework for Federated Identity

Posted on Thursday, 15 December 2016

Sirtfi, the Security Incident Response Trust Framework for Federated Identity, is a means to identify Identity Providers with sufficient operational security capability and who are willing to collaborate during incident response. Sirtfi compliance has become an essential requirement to access some high value services such as CERN and we encourage entity owners to explore adding the category to their registration with the UK federation.

For further guidance on this please visit:

https://www.ukfederation.org.uk/content/Documents/Sirtfi

read more...

Edited by MarkWilliams ? (Permalink)

Service desk closure for Winter break

Posted on Thursday, 8 December 2016

As always, the UK federation service desk takes an extended break over Christmas and New Year. This means that the helpdesk will be unavailable from 11:00 on Friday 23rd December and will re-open at 10:00 on Tuesday 3rd January 2017. If you submit a request to service@ukfederation.org.uk during these dates, your email will be logged, but we won't be able to respond until we return in January.

UK federation metadata will be re-published automatically over the holiday period so, whilst we will not make changes to UK federation-registered entities, there may be changes due to entities imported via eduGAIN.

read more...

Edited by AlexStuart (Permalink)

10th Anniversary

Posted on Sunday, 4 December 2016

This week we celebrate the tenth anniversary of the UK federation, which has grown from a pilot project between Edinburgh University and Janet to the Service that Jisc provides today, with over a thousand members and reaching users and services in almost 40 countries. On the anniversary it seemed apt to update you on some developments which are occurring with the UK federation.

read more...

Edited by MarkWilliams ? (Permalink)

Research and Scholarship entity category policy for UK federation Service Providers

Posted on Monday, 28 November 2016

About the Research and Scholarship (R&S) Category

Candidates for the Research and Scholarship (R&S) Category are Service Providers that are operated for the purpose of supporting research and scholarship interaction, collaboration or management, at least in part. Example Service Providers may include (but are not limited to) collaborative tools and services such as wikis, blogs, project and grant management tools that require some personal information about users to work effectively. This Entity Category should not be used for access to licensed content such as e-journals. More information can be found here: https://refeds.org/category/research-and-scholarship

read more...

Edited by AlexStuart (Permalink)

Shib IdP v3 security & v3.3 release

Posted on Monday, 14 November 2016

A security advisory [1] has been released for the Shibboleth v3 Identity Provider that involves deployments using the Result Cache feature of the LDAP Data Connector - the issue could result in data associated with one user being substituted for another. Also, a new version of the Shibboleth IdP (v3.3.0) has been released which, amongst various improvements and new features, fixes this issue. read more...

Edited by MarkWilliams ? (Permalink)

Metadata HTTP compression change

Posted on Tuesday, 25 October 2016

The UK federation will, from Wednesday 26th of October, be enabling HTTP compression on its metadata aggregate distribution servers.

read more...

Edited by MarkWilliams ? (Permalink)