Shibboleth Developers

[Simon McLeish <>]

The UK JISC (Joint Information Systems Committee) study into eduPerson and 
related schemas (http://www.jisc.ac.uk/index.cfm?name=prog_middss_studies [bottom 
of the page]) is being undertaken by LSE (the London School of Economics) to 
identify the potential for British Further & Higher Education institutions to 
use role-based directory attributes for managing access by their users to 
licensed online resources.  The study is also the UK point of contact with the 
intl-schemas working group, coordinated by Educause.

We would like to ask a few questions about how Shib targets (principally 
commercial targets, though other responses are welcome) are planning to use 
the role based authorisation made possible by software such as Shibboleth.  
If possible, answers by the end of next week (7 May 2004).

When role based authorisation becomes possible via Shibboleth do you plan to make use of it? 

If so, then beyond identifying 'membership' (however that is defined) of an 
institution licensed to access your online resources, if an institution 
wished to license access on a more restrictive basis, what types of role or 
status factors would you expect to use (or, would you expect institutions to 
wish to use) to distinguish individuals covered by the license, from 
individuals with no access?

Secondly, what functionality will you be implementing based on roles (restrict access 
to parts of databases; different "skins" for different types of user; better 
focused resource discovery; storing/tracking of searches etc.; other)? What user 
attributes would you wish to use to do this - please be as specific as possible, but at 
least indicate which of the following broad categories you would be looking for: 
subject areas of interest (e.g. derived from organisational unit); type of user (e.g. 
status/affiliation); other...

Yours,
Simon McLeish
Technical Officer, UKeduperson Study