shibboleth-dev - Role based authorisation - some questions for deployers of the Shib target from the UKeduperson study
Subject: Shibboleth Developers
List archive
Role based authorisation - some questions for deployers of the Shib target from the UKeduperson study
Chronological Thread
- From: Simon McLeish <>
- To:
- Cc: , , , ,
- Subject: Role based authorisation - some questions for deployers of the Shib target from the UKeduperson study
- Date: Fri, 30 Apr 2004 16:50:28 +0100
- Disposition-notification-to: Simon McLeish <>
The UK JISC (Joint Information Systems Committee) study into eduPerson and
related schemas (http://www.jisc.ac.uk/index.cfm?name=prog_middss_studies [bottom
of the page]) is being undertaken by LSE (the London School of Economics) to
identify the potential for British Further & Higher Education institutions to
use role-based directory attributes for managing access by their users to
licensed online resources. The study is also the UK point of contact with the
intl-schemas working group, coordinated by Educause.
We would like to ask a few questions about how Shib targets (principally
commercial targets, though other responses are welcome) are planning to use
the role based authorisation made possible by software such as Shibboleth.
If possible, answers by the end of next week (7 May 2004).
When role based authorisation becomes possible via Shibboleth do you plan to make use of it?
If so, then beyond identifying 'membership' (however that is defined) of an
institution licensed to access your online resources, if an institution
wished to license access on a more restrictive basis, what types of role or
status factors would you expect to use (or, would you expect institutions to
wish to use) to distinguish individuals covered by the license, from
individuals with no access?
Secondly, what functionality will you be implementing based on roles (restrict access
to parts of databases; different "skins" for different types of user; better
focused resource discovery; storing/tracking of searches etc.; other)? What user
attributes would you wish to use to do this - please be as specific as possible, but at
least indicate which of the following broad categories you would be looking for:
subject areas of interest (e.g. derived from organisational unit); type of user (e.g.
status/affiliation); other...
Yours,
Simon McLeish
Technical Officer, UKeduperson Study
- Role based authorisation - some questions for deployers of the Shib target from the UKeduperson study, Simon McLeish, 04/30/2004
Archive powered by MHonArc 2.6.16.