Skolfederation Trust Framework

The document “Tillitsramverk för Skolfederation” forms the foundation for the trust and security requirements agreed between the Skolfederation Member Organisations regarding digital identities, user attributes, and the protection of privacy.

link tillitsramverk-for-skolfederation.pdf

Assurance Statement Release in Skolfederation (DRAFT)

The document below is a DRAFT version of a specification introducing a new set of controlled URI values for expressing authentication context and level of identity assurance. It also defines implementation requirements and metadata signalling mechanisms for both Identity Providers and Relying Parties, enabling interoperability and policy-driven access control in federated environments.

link Assurance-Statement-Release-in-Skolfederation.pdf

This specification proposes that the current assurance levels (listed below) will be withdrawn and replaced by the URI values and associated requirements described herein.

The Swedish Internet Foundation welcomes feedback and comments on the specification. Please send your input to: info@skolfederation.se.


Assurance levels for Skolfederation

Currently, the trust levels "Bas" and "2FA" are applied within Skolfederation. 

Bas - approved member of Skolfederation

Bas does not entail any other requirements than those that come with membership in Skolfederation. Bas is implied if no assurance level is signalled.

Identifier: http://id.skolfederation.se/loa/bas

2FA – Two-factor authentication

The protection class for e-identities and issuance of identity certificates whose level of protection corresponds to the Swedish Authority for Privacy Protection's requirements for strong authentication when an IT system is accessible via the Internet, and the system contains sensitive information. Skolfederation does not review compliance with the requirement; this is the responsibility of the school organiser.

Identifier: http://id.skolfederation.se/loa/2fa

Managing assurance levels

The document "Hantering av tillitsnivåer" describes how assurance levels are requested and signalled between Identity Providers and Service Providers. 

Hantering-av-tillitsnivåer-version-1_2.pdf

  • No labels
Write a comment…