This document has been written following the identification of a need within the Research and Education Federation communities for a tool by which to express and monitor compliance with policies and best practices. The self-assessment tool is intended to manage the quality standards self-evaluation process for the entities registered to the eduGAIN inter-federation service. At the time of inception, the following use cases were drivers for the development of a centralised, flexible tool:
- the evaluation of Level of Assurance (LoA) for Identity Providers (IdPs)
- the evaluation of LoA for Service Providers (SPs)
- the assertion of compliance with the Security Incident Response Framework for Federated Identity (Sirtfi)
- the assertion of compliance with the Data Protection Code of Conduct (CoCo)
GEANT project (GN4-2 JRA3 T2.4 Identity Assurance Service) is implementing the tool during 2017.
Software requirements specification
- Draft requirements specification (please comment!): Google doc
- Please comment in the document or send the editors (Hannah Short and Mikael Linden) an email if there is anything specific you would like to discuss.
- Presentation in 22 June 2016: Google slides