Schac attributes and common vocabularies TFEMC 2 16

Schac attributes and common vocabularies TF-EMC 2 16 -17. 10. 2006 Mikael Linden CSC, the Finnish IT Center for Science

Outline Ø Ø Ø Why vocabularies? Why cross-national vocabularies? schac attributes with no vocabulary schac attributes with obvious vocabulary Vocabulary definition for Home. Organization. Type, Unique. Code and Unique. ID Ø Vocabulary definition for Personal. Position and User. Status

Why vocabularies? Ø If we intend to use attributes for authorization, there should be common understanding on their semantics between the users (for example, Id. Ps and SPs) Ø for example ”this service is authorised for university students” Þ what is a university? Þ what is a student? Ø edu. Person defines one vocabulary: edu. Person. Affiliation • • student/staff/faculty/employee/member/affiliate/alum (it still leaves the interpretation quite open…)

Why cross-national vocabularies? Ø If we are some day going to have cross-national confederation (e. g. edu. GAIN), we need common vocabularies as part of the schema Ø it’s easier to design the vocabularies now, when our federations are still young • later it will be painfull – too many changes to too many production level systems Ø How to define vocabularies in an interoperable but still flexible way?

No vocabulary, no problem Ø schac. Date. Of. Birth • for example: 19660412 Ø schac. Place. Of. Birth • for example: Algeciras, Spain Ø schac. Sn 1, schac. Sn 2 • for example, Lopez de la Moraleda Ø schac. Personal. Title • for example, Prof Ø schac. User. Precense. ID • URIs, for example sip: pepe@myweb. com Ø schac. Expiry. Date • for example: 20051231125959 Z Ø schac. User. Private. Attribute • for example, mail, telephone. Number

Vocabulary is obvious (hope so!) Ø schac. Mother. Tongue – ISO 639 • for example, fr, es-ES Ø schac. Gender – ISO 5218 • 1=male, 2=female, 0=not known, 9 = not specified Ø schac. Country. Of. Citizenship – ISO 3166 • for example, es Ø schac. Home. Organization – domain names • for example, tut. fi Ø schac. Country. Of. Recidence – ISO 3166 • for example, es Ø schac. UUID – UUID defined by RFC 4530 • for example, f 81 d 4 fae-7 dec-11 d 0 -a 765 -00 a 0 c 91 e 6 bf 6

Outline of the proposed solution Ø for Home. Organization. Type, Unique. Code and Unique. ID 1. We define an international/EU-wide vocabulary, when we can identify a common European denominator 2. Additionally, each NREN maintains a national vocabulary for national extensions • may delegate namespaces for institutional vocabularies 3. Terena gathers links to the national vocabularies and publishes them in http: //www. terena. nl/registry/terena. org/schac/ • Benefits • • EU-wide vocabulary understood in every country National vocabularies make it possible to use and publish national semantics, even to services in another countries, if necessary

schac. Home. Organization. Type Ø Purpose: authorization of cross-national services • For example, ”for higher education students in any EU country” Ø Proposed international/EU vocabulary PREFIX=urn: mace: terena. org: schac: home. Organization. Type • PREFIX: eu: higher. Education. Institution // HE defined by Bologna • PREFIX: eu: education. Institution // other educational institutions • PREFIX: eu: NREN // NREN defined by TERENA • PREFIX: eu: university. Hospital • PREFIX: eu: NRENAffiliate // organisations part of the NREN constituency • Bologna process seems to have no definition for a university Ø National extensions, for example in Finland • PREFIX: fi: university, PREFIX: fi: polytechnic, PREFIX: fi: research. Institution, PREFIX: fi: other Ø Terena gathers links to national ”homepages” • http: //www. terena. nl/registry/terena. org/schac/homeorgtype/

schac. Personal. Unique. ID Ø National identification number/social security number Ø assigned by national governments, each country (except Germany) has at least one Ø considered as sensitive in many countries (strong identifier) Ø each NREN maintains the national namespace • for example the Finnish Identification Code (FIC) urn: mace: terena. org: schac: personal. Unique. ID: fi: FIC: 010161 -123 L Ø Terena gathers links to national ”homepages”: http: //www. terena. nl/registry/terena. org/schac/personal. Unique. ID/

schac. Personal. Unique. Code Ø Local (=not government-assigned) identification codes • • Student number, Library patron number, etc Notice: employee. Number is already defined by Inet. Org. Person Ø One international namespace proposed for a student number • • • to make student numbers understood automatically between countries urn: mace: terena. org: schac: personal. Unique. Code: eu: student. ID: ‹tld›: ‹code› for example, urn: mace: terena. org: schac: personal. Unique. Code: eu: student. ID: tut. fi: 159345 Ø for other local identifiers, each NREN maintains the national namespace Ø Terena gathers links to national ”homepages”: http: //www. terena. nl/registry/terena. org/schac/personal. Unique. Code/

The rest two without separate namespace maintenance schac. Personal. Position Ø defines a personal position in an institution Ø for example, urn: mace: terena. org: schac: personal. Position: umk. pl: programmer Ø to manage namespace, it is recommended to use domain name after the prefix (urn: mace: terena. org: schac: personal. Position) schac. User. Status Ø specifies persons status as a user of services Ø for example, urn: mace: terena. org: schac: user. Status: uma. es: affiliation: expired urn: mace: terena. org: schac: user. Status: uma. es: send. Mail: expired urn: mace: terena. org: schac: user. Status: uma. es: get. Mail: active Ø to manage namespace, it is recommended to use domain name after the prefix (urn: mace: terena. org: schac: user. Status)