• No results found

Authentication Context Classes for Levels of Assurance for the Swedish eid Framework

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Authentication Context Classes for Levels of Assurance for the Swedish eid Framework"

Copied!
5
0
0

Loading.... (view fulltext now)

Download now ( 5 Page )

Full text

(1)

ELN-0605-v1.0

Authentication Context Classes for Levels of

Assurance for the Swedish eID Framework

ELN-0605-v1.0

Version 1.0

2013-07-01

(2)

ELN-0605-v1.0

1

INTRODUCTION

3

2

DEFINED AUTHENTICATION CONTEXT CLASSES

3

2.1

L

EVEL OF

A

SSURANCE

L

EVEL

1

3

2.2

L

EVEL OF

A

SSURANCE

L

EVEL

2

3

2.3

L

EVEL OF

A

SSURANCE

L

EVEL

3

4

2.4

L

EVEL OF

A

SSURANCE

L

EVEL

4

5

(3)

ELN-0605-v1.0

1 Introduction

This specification complements [

Eid2Tillit

] with definitions of Authentication Context Classes for defined levels of

assurance for the Swedish eID framework. These Authentication Context Classes are defined in accordance

with Authentication Context for the OASIS Security Assertion Markup Language (SAML) V2.0

[

SAML2AuthCont

].

Each Authentication Context Class defined in this document includes:

A URI Identifier, which identifies the Authentication Context Class as well as the XML Schema name

space for corresponding Authentication Context Declarations.

The XML Schema for Authentication Context Declarations related to this Authentication Context Class.

2 Defined Authentication Context Classes

2.1 Level of Assurance – Level 1

URI identifier: http://id.elegnamnden.se/loa/1.0/loa1

XML Schema:

<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns="http://id.elegnamnden.se/loa/1.0/loa1" targetNamespace="http://id.elegnamnden.se/loa/1.0/loa1" finalDefault="extension" blockDefault="substitution" version="2.0"> <xs:redefine schemaLocation="http://docs.oasis-open.org/security/saml/v2.0/saml-schema-authn-context-types-2.0.xsd"> <xs:annotation> <xs:documentation>

Class identifier: id.elegnamnden.se/loa/1.0/loa1 defines level 1 of the Swedish E-Identification board Assurance Framework.

</xs:documentation> </xs:annotation> <xs:complexType name="AuthnContextDeclarationBaseType"> <xs:complexContent> <xs:restriction base="AuthnContextDeclarationBaseType"> <xs:sequence> <xs:element ref="GoverningAgreements"/> </xs:sequence>

<xs:attribute name="ID" type="xs:ID" use="optional"/> </xs:restriction> </xs:complexContent> </xs:complexType> <xs:complexType name="GoverningAgreementRefType"> <xs:complexContent> <xs:restriction base="GoverningAgreementRefType">

<xs:attribute name="governingAgreementRef" type="xs:anyURI"

fixed="http://elegnamnden.se/doc/tillitsramverk.pdf#loa1" use="required"/> </xs:restriction> </xs:complexContent> </xs:complexType> </xs:redefine> </xs:schema>

2.2 Level of Assurance – Level 2

URI identifier: http://id.elegnamnden.se/loa/1.0/loa2

XML Schema:

(4)

ELN-0605-v1.0

<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns="http://id.elegnamnden.se/loa/1.0/loa2" targetNamespace="http://id.elegnamnden.se/loa/1.0/loa2" finalDefault="extension" blockDefault="substitution" version="2.0"> <xs:redefine schemaLocation="http://docs.oasis-open.org/security/saml/v2.0/saml-schema-authn-context-types-2.0.xsd"> <xs:annotation> <xs:documentation>

Class identifier: id.elegnamnden.se/loa/1.0/loa2 defines level 2 of the Swedish E-Identification board Assurance Framework.

</xs:documentation> </xs:annotation> <xs:complexType name="AuthnContextDeclarationBaseType"> <xs:complexContent> <xs:restriction base="AuthnContextDeclarationBaseType"> <xs:sequence> <xs:element ref="GoverningAgreements"/> </xs:sequence>

<xs:attribute name="ID" type="xs:ID" use="optional"/> </xs:restriction> </xs:complexContent> </xs:complexType> <xs:complexType name="GoverningAgreementRefType"> <xs:complexContent> <xs:restriction base="GoverningAgreementRefType">

<xs:attribute name="governingAgreementRef" type="xs:anyURI"

fixed="http://elegnamnden.se/doc/tillitsramverk.pdf#loa2" use="required"/> </xs:restriction> </xs:complexContent> </xs:complexType> </xs:redefine> </xs:schema>

2.3 Level of Assurance – Level 3

URI identifier: http://id.elegnamnden.se/loa/1.0/loa3

XML Schema:

<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns="http://id.elegnamnden.se/loa/1.0/loa3" targetNamespace="http://id.elegnamnden.se/loa/1.0/loa3" finalDefault="extension" blockDefault="substitution" version="2.0"> <xs:redefine schemaLocation="http://docs.oasis-open.org/security/saml/v2.0/saml-schema-authn-context-types-2.0.xsd"> <xs:annotation> <xs:documentation>

Class identifier: id.elegnamnden.se/loa/1.0/loa3 defines level 3 of the Swedish E-Identification board Assurance Framework.

</xs:documentation> </xs:annotation> <xs:complexType name="AuthnContextDeclarationBaseType"> <xs:complexContent> <xs:restriction base="AuthnContextDeclarationBaseType"> <xs:sequence> <xs:element ref="GoverningAgreements"/> </xs:sequence>

<xs:attribute name="ID" type="xs:ID" use="optional"/> </xs:restriction> </xs:complexContent> </xs:complexType> <xs:complexType name="GoverningAgreementRefType"> <xs:complexContent> <xs:restriction base="GoverningAgreementRefType">

<xs:attribute name="governingAgreementRef" type="xs:anyURI"

(5)

ELN-0605-v1.0

</xs:restriction> </xs:complexContent> </xs:complexType> </xs:redefine> </xs:schema>

2.4 Level of Assurance – Level 4

URI identifier: http://id.elegnamnden.se/loa/1.0/loa4

XML Schema:

<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns="http://id.elegnamnden.se/loa/1.0/loa4" targetNamespace="http://id.elegnamnden.se/loa/1.0/loa4" finalDefault="extension" blockDefault="substitution" version="2.0"> <xs:redefine schemaLocation="http://docs.oasis-open.org/security/saml/v2.0/saml-schema-authn-context-types-2.0.xsd"> <xs:annotation> <xs:documentation>

Class identifier: id.elegnamnden.se/loa/1.0/loa4 defines level 4 of the Swedish E-Identification board Assurance Framework.

</xs:documentation> </xs:annotation> <xs:complexType name="AuthnContextDeclarationBaseType"> <xs:complexContent> <xs:restriction base="AuthnContextDeclarationBaseType"> <xs:sequence> <xs:element ref="GoverningAgreements"/> </xs:sequence>

<xs:attribute name="ID" type="xs:ID" use="optional"/> </xs:restriction> </xs:complexContent> </xs:complexType> <xs:complexType name="GoverningAgreementRefType"> <xs:complexContent> <xs:restriction base="GoverningAgreementRefType">

<xs:attribute name="governingAgreementRef" type="xs:anyURI"

fixed="http://elegnamnden.se/doc/tillitsramverk.pdf#loa4" use="required"/> </xs:restriction> </xs:complexContent> </xs:complexType> </xs:redefine> </xs:schema>

3 References

[Eid2Tillit]

Tillitsramverk för Svensk E-legitimation –

http://elegnamnden.se/doc/tillitsramverk.pdf

[SAML2AuthCont]

Authentication Context for the OASIS Security Assertion Markup Language (SAML) V2.0 OASIS

Stand-ard, 15 March 2005 –

http://docs.oasis-open.org/security/saml/v2.0/saml-authn-context-2.0-os.pdf

.

References

Download now ( PDF - 5 Page - 690.87 KB )

Related documents

Riduttori ruota Wheel hub

DISINNESTO MECCANICO - MECHANICAL RELEASE EH I riduttori ruota EH possono essere dotati di disinnesto meccanico per rendere trainabile il veicolo sul quale sono installati

f-q 25, 1948 opinion No. V-587 Re: Question relati hg to the travel expense of a sheriff commissloned from justice to this State.

A sheriff, deputy sheriff, or other peace of- ficer who goes to'another state after a fugitive from justice may not be legally paid his actual and,neces- sary~.travellng expenses

Transatlantic Divergence in Legal Thought: American Law and Economics vs. German Doctrinalism, The

In the United States, legal realism discredited classical legal thought and opened legal scholarship for external criteria. Legal realism, among other things, argued

Assessing deployment strategies for ethanol and flex fuel vehicles in the U.S. light-duty vehicle fleet

efficiency. The optimization factor can be used to represent an aggregate across the fleet. The effect of optimization has very little effect on utilization when compared

Organellar Genome Evolution in Red Algal Parasites: Differences in Adelpho- and Alloparasites

demonstrating that red algal parasites are able to transfer their nuclei and organelles into host cells via cell fusions (Goff and Coleman 1984, 1985, 1987, Goff and

Web Data Mining: A Case Study

In addition to basic statistics and large data warehouses, a major part of data mining technology is artificial intelligence (AI)?. As they developed, these algorithms became

Review of Selected Cattle Identification and Tracing Systems Worldwide

Producers opting for tracing of their animals’ movements from one premises to another, under NAIS, will need to report the following information to the national animal

Considering Online Career Interventions

In my own practice, I have been involved in the development of e-learning software, the design of online career interventions, the delivery of e-career services to clients, and