For an Identity Federation trust is everything. To enable trust there is a federation policy that regulates the federation operator’s organisation and working methods as well as the regulatory framework for Identity Providers and Service Providers.
SWAMID Federation Policy Framework
The policy framework for SWAMID consists of three parts: SWAMID Federation Policy describes the management and organization, assurance profiles describing what a relying party can expect from a educational sector login via SWAMID and technology profiles describing the technical interfaces WebSSO SAML and eduroam. Alongside the assurance and technology profiles are also Entity Categories to facilitate communication between Identity Providers and Service Providers.
Identity Provider (IdP)
For an organisation to be able to use services linked to SWAMID the organisation needs to become a member of the Federation. Only organisations connected to the Swedish NREN Sunet can be members of SWAMID if no special circumstances occur. This is done by the Membership Agreement signed and submitted to SWAMID by mail and e-mail. Together with the Membership Agreement an Assurance Declaration for SWAMID Identity Assurance Profiles in form of an Identity Management Practice Statement must be submitted. The Assurance Declaration may be sent by e-mail.
Identity Assurance Profiles
SWAMID is buolt on trust and Identity Providers express their trust level asserting support one or more of the SWAMID Identity Assurance Profiles.
- SWAMID Identity Assurance Level 1 Profile
- SWAMID Identity Assurance Level 2 Profile
- SWAMID Identity Assurance Level 3 Profile
- SWAMID Person-Proofed Multi-Factor Profile (deprecated)
Service Provider (SP)
The SWAMID Metadata Terms of Access and Use is aimed at facilitating access to SWAMIDS Metadata for external Service Providers. The Terms of Access and Use outline the purpose, access to and how you can use SWAMID Metadata. The SWAMID Metadata Terms of Access and Use is used instead of a contract between SWAMID and external service providers. To further enable the service providers to get the right information about users who log in using SWAMID there are Entity Categories.
Interfederation
SWAMID is a member of the Interfederation eduGAIN. In the same way that every member of SWAMID must write a Trust Declaration in the Identity Management Practice Statement, any member of the interfederation write and publish a Federation Metadata Registration Practice Statement.
- SWAMID eduGAIN Metadata Registration Practice Statement
SWAMID export all Identity Providers to eduGAIN by default. A member organisation can decide to opt-out this export.
SWAMID only export services to eduGAIN that opt-in and uses current international entity categories.