REFEDs - Level of Assurance
Work Item Leader: Nicole Harris, JISC
Description of work
Level of assurance (LoA) encompasses several issues. In Identity Federations, LoA refers mainly to the way Identity Providers (IdP) establish the identity of the end user and how securely users credentials are stored. Based on the this information, Service Providers (SP) can decide how confident they can be in identifying a remote entity requesting for service access.
Some of work in this area will include:
- Investigating existing definitions of LoAs and their applications in the research and education federations operating at international level;
- Agreeing on standard definitions of LoAs;
- Defining documents to provide recommendations on the usage of the appropriate LoA, depending on sensitivity of the resources to access.
Useful Documents
- Multiple Identity Providers and Level of Assurance [April 2009]
This document is a summary of a debate on the TF-EMC2 mailing list. The discussion regarded the introduction of non-institutional Identity Providers (IdPs) into HE Federations and the impact that this would have on end-user choice, end-user processes and securing levels of assurance.