The Sirtfi framework (Security Incident Response Trust Framework for Federated Identity) is a mechanism to identify trusted and operationally secure partners in a federated authentication and authorisation environment.
Sirtfi lists a number of requirements that organisations need to meet in order to be declared Sirtfi-compliant. As a result, Sirtfi is used to mark trusted partners within eduGAIN. Compliance is expressed in metadata and gives a transparent view of those organisations willing to engage in collaborative incident response.
More about Sirtfi
More presentations about Sirtfi
Sirtfi Online Training (in GÉANT Learning Centre)
Overview and how to adopt Sirtfi (in REFEDS wiki)
Sirtfi: chasing the bad-guys together (REFEDS blog)
List of ID federations asserted by Sirtfi (eduGAIN website; filter for Sirtfi status on the bottom-right corner)
Sirtfi FAQs (REFEDS website)
Sirtfi in action
AARC RCAuth Pilot
This pilot addresses the SAML to x509 certificate token translation that is essential for many researchers, particularly those dependent upon grid computing.
By requiring that identity providers assert Sirtfi, in conjunction with the Research and Scholarship entity category, RCAuth is able to issue trusted IGTF certificates, which are accepted by major research infrastructures such as EGI.
Sirtfi provides the security contact of the home organisation for all users accessing CERN via eduGAIN. This is considered critical to ensure that any incident involving CERN, and the related computing infrastructure WLCG, is able to be handled efficiently.
Without Sirtfi, identity providers in eduGAIN are not trusted to authenticate at the thousands of service providers that CERN manages.
Sirtfi was written by the REFEDS (the Research and Education FEDerations group) Sirtfi Working Group.