UCTrust Workgroup
Child pages
  • UserSelectAttributeReleaseUseCase

Versions Compared

Old Version 11

changes.mady.by.user Wu, Albert

Saved on

compared with

New Version 12

changes.mady.by.user Wu, Albert

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

A Proposal for a User-

...

Select Attribute Release Management Mechanism

Status: Early Draft (from Albert Wu)

Update: There has been discussions in Shib-dev about incorporating this capability into Shib 2.2. Stay tuned.

Overview

A recurring problem in deploying Shibboleth is answering the question:

...

A better way to address this problem may be to shift the decision of data release (at least personal data such "who I am" and "what roles I play") to the individual signing onto the resource.

Proposal

We propose placing a filter on an Shibboleth IdP such that:

Upon successful login, the filter checks to see if the user has an existing attribute release policy for the SP. If not, it presents the user with a somewhat intelligent page describing what it knows about the SP and offers the user a set of data release choices specific to the SP. Optionally, it remembers the user's preference for future sessions.

Telling the user what we know about the SP

In order to help the user make an informed decision, the IdP should disclose security and trust information relevant to the SP such as:

...

Separate to the trust level, we are proposing to disclose whether an SP has been subjected (and passed) to the latest campus security scans (UCLA's Security Office offers an application security scanning service).

Seeking attribute release acknowledgment from the user

In order for this mechanism to work, we believe that the user interface has to be designed in such a way that a user can comprehend and make release decisions in just a few seconds. Therefore, the UI should group attributes into logical groups and presents the choices at first in high level chunks, while offering options to drill down for more fine grained release choices.

...

  • Tell the SP who I am.
  • Share my email address (click here to release additional contact information)
  • Describe to the SP how I am affiliated to the university.

Issues

  • How will the user "reset" or "change" her attribute release preference?
  • How will the institution be able to override the individual's choice?
  • What kind of helpdesk overhead are we anticipating?
  • Should the user be able to set "global" preference?