| Info | ||
|---|---|---|
| ||
This page has been deprecated. Please see Incident Handling for current information. |
| Info | ||
|---|---|---|
| ||
Note that this page contains general information about federated incident response. See Security Incident Response Trust Framework for Federated Identity (SIRTFI) Category for specific criteria for certification under the SIRTFI program (highly recommended). |
...
- A security incident is the act of violating an explicit or implied security policy (for example, as documented in an acceptable use policy)
- A Service Provider is expected to define and provide a service. The expected behavior of a service provider is defined by its service description, InCommon's Participation Agreement and the documents it references, their Participant Operational Practices and possibly other policies and laws. In particular, all All SPs are expected to comply with any restrictions on the use of identity information they obtain of attributes contained in the Participant Operating Practices of any Identity Provider partners from which they accept identity information. Evidence of behavior by a Service Provider service provider that violates those policies is considered a security incident.
- Identity Providers are expected to represent user identities (identifiers and/or attributes) to the degree of authority and accuracy specified in InCommon's Participation Agreement and the documents it referencestheir Participant Operating Practices. Evidence of failure of an Identity Provider to do so, e.g. impersonation of a user by another party, is considered a security incident.
...