1 / 11

Schac attributes and common vocabularies

Schac attributes and common vocabularies. TF-EMC2 16-17.10.2006 Mikael Linden CSC, the Finnish IT Center for Science. Outline. Why vocabularies? Why cross-national vocabularies? schac attributes with no vocabulary schac attributes with obvious vocabulary

palmer
Download Presentation

Schac attributes and common vocabularies

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Schac attributes and common vocabularies TF-EMC2 16-17.10.2006 Mikael Linden CSC, the Finnish IT Center for Science

  2. Outline • Why vocabularies? • Why cross-national vocabularies? • schac attributes with no vocabulary • schac attributes with obvious vocabulary • Vocabulary definition for HomeOrganizationType, UniqueCode and UniqueID • Vocabulary definition for PersonalPosition and UserStatus

  3. Why vocabularies? • If we intend to use attributes for authorization, there should be common understanding on their semantics between the users (for example, IdPs and SPs) • for example ”this service is authorised for university students” • what is a university? • what is a student? • eduPerson defines one vocabulary: eduPersonAffiliation • student/staff/faculty/employee/member/affiliate/alum • (it still leaves the interpretation quite open…)

  4. Why cross-national vocabularies? • If we are some day going to have cross-national confederation (e.g. eduGAIN), we need common vocabularies as part of the schema • it’s easier to design the vocabularies now, when our federations are still young • later it will be painfull – too many changes to too many production level systems • How to define vocabularies in an interoperable but still flexible way?

  5. No vocabulary, no problem • schacDateOfBirth • for example: 19660412 • schacPlaceOfBirth • for example: Algeciras, Spain • schacSn1, schacSn2 • for example, Lopez de la Moraleda • schacPersonalTitle • for example, Prof • schacUserPrecenseID • URIs, for example sip:pepe@myweb.com • schacExpiryDate • for example: 20051231125959Z • schacUserPrivateAttribute • for example, mail, telephoneNumber

  6. Vocabulary is obvious (hope so!) • schacMotherTongue – ISO 639 • for example, fr, es-ES • schacGender – ISO 5218 • 1=male, 2=female, 0=not known, 9 = not specified • schacCountryOfCitizenship – ISO 3166 • for example, es • schacHomeOrganization – domain names • for example, tut.fi • schacCountryOfRecidence – ISO 3166 • for example, es • schacUUID – UUID defined by RFC 4530 • for example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6

  7. Outline of the proposed solution • for HomeOrganizationType, UniqueCode and UniqueID • We define an international/EU-wide vocabulary, when we can identify a common European denominator • Additionally, each NREN maintains a national vocabulary for national extensions • may delegate namespaces for institutional vocabularies • Terena gathers links to the national vocabularies and publishes them in http://www.terena.nl/registry/terena.org/schac/ • Benefits • EU-wide vocabulary understood in every country • National vocabularies make it possible to use and publish national semantics, even to services in another countries, if necessary

  8. schacHomeOrganizationType • Purpose: authorization of cross-national services • For example, ”for higher education students in any EU country” • Proposed international/EU vocabulary PREFIX=urn:mace:terena.org:schac:homeOrganizationType • PREFIX:eu:higherEducationInstitution // HE defined by Bologna • PREFIX:eu:educationInstitution // other educational institutions • PREFIX:eu:NREN // NREN defined by TERENA • PREFIX:eu:universityHospital • PREFIX:eu:NRENAffiliate // organisations part of the NREN constituency • Bologna process seems to have no definition for a university • National extensions, for example in Finland • PREFIX:fi:university, PREFIX:fi:polytechnic, PREFIX:fi:researchInstitution, PREFIX:fi:other • Terena gathers links to national ”homepages” • http://www.terena.nl/registry/terena.org/schac/homeorgtype/

  9. schacPersonalUniqueID • National identification number/social security number • assigned by national governments, each country (except Germany) has at least one • considered as sensitive in many countries (strong identifier) • each NREN maintains the national namespace • for example the Finnish Identification Code (FIC)urn:mace:terena.org:schac:personalUniqueID:fi:FIC:010161-123L • Terena gathers links to national ”homepages”:http://www.terena.nl/registry/terena.org/schac/personalUniqueID/

  10. schacPersonalUniqueCode • Local (=not government-assigned) identification codes • Student number, Library patron number, etc • Notice: employeeNumber is already defined by InetOrgPerson • One international namespace proposed for a student number • to make student numbers understood automatically between countries • urn:mace:terena.org:schac:personalUniqueCode:eu:studentID:‹tld›:‹code› • for example, urn:mace:terena.org:schac:personalUniqueCode:eu:studentID:tut.fi:159345 • for other local identifiers, each NREN maintains the national namespace • Terena gathers links to national ”homepages”:http://www.terena.nl/registry/terena.org/schac/personalUniqueCode/

  11. The rest two without separate namespace maintenance schacPersonalPosition • defines a personal position in an institution • for example, urn:mace:terena.org:schac:personalPosition:umk.pl:programmer • to manage namespace, it is recommended to use domain name after the prefix (urn:mace:terena.org:schac:personalPosition) schacUserStatus • specifies persons status as a user of services • for example, urn:mace:terena.org:schac:userStatus:uma.es:affiliation:expired urn:mace:terena.org:schac:userStatus:uma.es:sendMail:expired urn:mace:terena.org:schac:userStatus:uma.es:getMail:active • to manage namespace, it is recommended to use domain name after the prefix (urn:mace:terena.org:schac:userStatus)

More Related