Chargeable-User-Identity in eduroam. The problem. Current eduroam setup provides per-realm granularity The consequences if a guest misbehaves the SP can only black-list the entire realm
PowerPoint Slideshow about 'Chargeable-User-Identity in eduroam' - vonda
An Image/Link below is provided (as is) to download presentation
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Current eduroam setup provides per-realm granularity
if a guest misbehaves the SP can only black-listthe entire realm
if someone uses theguest access to set up a full-time Internet link the SP may become suspicious about the eduroam idea and may want to turn on some quota system to defend against that kind of overuse (this may be a local-level problem but we might provide a universal solution)
in case of incidents locating the correct entries in the logs may be complicated by the fact that the SP logs will just show anonymous user