Entity Category and Attribute Bundles Working Group Charter
Approved by the working group - 11 November 2019
The purpose of this working group is to define and promote a set of attribute release profiles and associated entity categories applicable to the access of scholarly information resources and services in the context of federated authentication.
The group will identify one or more categories of scholarly information resources and users such as library walk-ins, hospital/clinical settings, research collaborations, and corporate libraries. The group will then:
- determine ways for IdP to identify categories of users through standard practices;
- determine their requirements for personalization, privacy and the like;
- develop standard attribute release policies and attribute sets applicable to each category; and,
- describe ways to signal when the release of such attribute sets is required.
The goal is to have these categorizations and profiles adopted and/or endorsed by global research and education federations, library communities, and other stakeholder groups. Any specific proposals for new entity categories should be submitted to REFEDS for consideration.
Attribute release - see the article, “Introduction to Identity Attributes and Attribute Release for Access to Online Library Resources”
Entity categories group identity federation entities that share common criteria. The intent is that all entities in a given entity category are obliged to conform to the characteristics set out in the definition of that category.
Personal Data, as defined in GDPR: “The data subjects are identifiable if they can be directly or indirectly identified, especially by reference to an identifier such as a name, an identification number, location data, an online identifier or one of several special characteristics, which expresses the physical, physiological, genetic, mental, commercial, cultural or social identity of these natural persons. In practice, these also include all data which are or can be assigned to a person in any kind of way. For example, the telephone, credit card or personnel number of a person, account data, number plate, appearance, customer number or address are all personal data.”
Membership must include representatives from the library, publisher, service and platform provider, identity provider, and federation operator spaces. Each representative must be familiar with the characteristics of a federated authentication workflow.
All members are expected to actively engage in committee discussions and any consensus calls or votes.
The committee will be chaired by the SeamlessAccess.org Program Director.
- Laird Barrett, SpringerNature
- Judith Bush, OCLC
- Alan Buxey, MyUniDays
- Dave Flynn, EBSCO
- Peter Gietz, DAASI International
- Jason Griffey, NISO
- Roy Hatcher, J.B. Hunt Transportation Inc.
- Ken Klingenstein, Internet2
- Adam Lewenberg, Stanford IT
- Tim McGeary, Duke University Libraries
- Peter Murray, consultant
- Jiří Pavlik, National Library of Technology, Czech Republic as FIM4L representative
- Chris Shillum, Elsevier
- Emily Singley, Boston College
- Andras Somagaal, SpringerNature
- Jennifer Ward, University of Washington Libraries
- Rich Wenger, retired
- Albert Wu, Internet2
- Ralph Youngen, ACS
Heather Flanagan, Program Director, SeamlessAccess Laura Paglione, SP Outreach Manager, SeamlessAccess
Duration and Timeline
This committee will exist for the duration of the beta-development and -deployment phase of the Coalition for Seamless Access set of services. At the conclusion of the beta phase, the governance group will determine what kind of structure, including all sub-committees, will exist for any future production services, which might include the continuation of this group.
The group will be asked to come up with initial recommendations by 31 December 2019. The second half of the beta phase (which runs through 30 June 2020) will be refining the initial recommendations and soliciting buy-in from relevant communities to start implementing and/or endorsing the profiles.
This committee will discuss and provide guidance on:
- A list of real-world use cases that describe various resource request scenarios where attributes may or may not be required.
- The entity categories which are relevant to scholarly information resources and services.
- The default attribute release policies and attribute sets applicable to each entity category.
- What attributes, if any, the IdP can release without user consent, and under what circumstances for the defined entity categories.
- Any technical implications or implementations that might impact enforcement of these guidelines.
- Requirements for an appropriate set of management capabilities for SPs, IdPs, and federation operators to manage attribute release classifications at scale.
See Section 2.3 of NISO’s Recommended Practice for Improved Access to Institutionally-Provided Information Resources for initial use cases, and the Final Report & Recommendations: Resource Access in the 21st Century, RA21 Hospital Clinical Access Working Group. See also the post “Introduction to Identity Attributes and Attribute Release for Access to Online Library Resources” for insight into what attributes are in a federated context and some release scenarios.
The committee will use a rough consensus model (where “consensus” will mean an absence of sustained opposition) for decisions; the Program Director will make the consensus calls. If consensus cannot be determined (e.g., group is not at quorum during a meeting) then the Program Director will send out an e-vote with a two-thirds majority required for approval.
The committee will meet virtually at least monthly by conference call, with more frequent calls as needed. Committee members are expected to participate in 80+% of calls; failure to participate is grounds for removal from the committee.
The committee will use a mailing list (email@example.com) and a Slack instance (SeamlessAccess.org #attribute-release channel) as the primary forms of communication. Google Docs will be used to collaboratively work on working group outputs.