PARTICIPATION TO IDEM FEDERATION

The National Institute of Nuclear Physics (INFN), through the infrastructure of the INFN-AAI project, participates to IDEM (IDEntity Management for federated access to services) for the  realization of the Authentication and Authorization Infrastructure of the GARR network.

Access credentials are issued to all INFN employees and to all people with a scientific collaboration with INFN units/divisions. The procedures for issuing, using and revoking credentials are contained in the document describing the procedure of accrediting of INFN users (DOPAU).

ATTRIBUTES ISSUED TO IDEM SERVICES PROVIDERS

To access the services offered by the IDEM Federation, the Identity Provider (IdP or INFN Identity Check) is requested to release some attributes belonging to the user requesting the service. The IDEM Federation undertakes to agree with the Service Provider (SP) the release of only the essential attributes for the provision of the service.

The attributes that the INFN-AAI IdP is authorized to release to resource providers who request them are listed below:

Personal data

- cn (common name): first and last name
- givenName (first name): first name
- sn (surname): last name
- displayName: first and last name

Contacts

- mail: e-mail address

Affiliated organisation

- o (Organization): Istituto Nazionale di Fisica Nucleare
- ou (Unità Organizzativa): Affiliated Unit/Division (e.g. Lecce Unit)
- eduPersonOrgDN: infn.it
- eduPersonAffiliation: affiliation role (e.g. staff, member)
- eduPersonScopedAffiliation: affiliation role linked to @infn.it (e.g. Questo indirizzo email è protetto dagli spambots. È necessario abilitare JavaScript per vederlo., Questo indirizzo email è protetto dagli spambots. È necessario abilitare JavaScript per vederlo.)

Authentication and Authorization Identifiers

- uid (username): (e.g. enrico)
- eduPersonPrincipalName (username linked to @infn.it (e.g. Questo indirizzo email è protetto dagli spambots. È necessario abilitare JavaScript per vederlo.)
- eduPersonEntitlement: list of privileges related to service providers (e.g. urn:mace:terena.org:tcs:personal-user, urn:mace:terena.org:tcs:escience-user, etc.)

Other identifiers (not meaningfull)

- eduPersonTargetedID

ASSISTANCE FOR USERS

Questo indirizzo email è protetto dagli spambots. È necessario abilitare JavaScript per vederlo.

TECHNICAL SUPPORT FOR IDP

Enrico M. V. Fasanelli
Questo indirizzo email è protetto dagli spambots. È necessario abilitare JavaScript per vederlo.
Phone +39 0832 297442

Dael Maselli
Questo indirizzo email è protetto dagli spambots. È necessario abilitare JavaScript per vederlo.
Phone +39 06 94032214

PRIVACY POLICY

(pursuant to Articles 13 and 14 of the (EU) Regulation No. 679/2016 - GDPR)