Home page
Sirtfi

[vc_row][vc_column width=”3/4″][vc_column_text]

Sirtfi

The Sirtfi framework (Security Incident Response Trust Framework for Federated Identity) is a mechanism to identify trusted and operationally secure partners in a federated authentication and authorisation environment.

Sirtfi lists a number of requirements that organisations need to meet in order to be declared Sirtfi-compliant. As a result, Sirtfi is used to mark trusted partners within eduGAIN. Compliance is expressed in metadata and gives a transparent view of those organisations willing to engage in collaborative incident response.[/vc_column_text][vc_column_text]

More about Sirtfi

[/vc_column_text][vc_row_inner][vc_column_inner width=”1/2″][vc_column_text]

Publications

The Sirtfi framework v1.0 (PDF)

[/vc_column_text][vc_column_text]

Presentations

An introduction to Sirtfi

Impact of Sirtfi on FIM4R

More presentations about Sirtfi

 

Training

Sirtfi Online Training (in GÉANT Learning Centre)

Overview and how to adopt Sirtfi  (in REFEDS wiki)

Improving incident response through collaboration: SIRTFI[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/2″][vc_column_text]

Outreach

Why Sirtfi?

The Sirtfi poster

Sirtfi: chasing the bad-guys together (REFEDS blog)

List of ID federations asserted by Sirtfi (eduGAIN website; filter for Sirtfi status on the bottom-right corner)

Sirtfi FAQs (REFEDS website)[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_column_text]

Sirtfi in action

[/vc_column_text][vc_row_inner][vc_column_inner width=”1/2″][vc_column_text]

AARC RCAuth Pilot

This pilot addresses the SAML to x509 certificate token translation that is essential for many researchers, particularly those dependent upon grid computing.

By requiring that identity providers assert Sirtfi, in conjunction with the Research and Scholarship entity category, RCAuth is able to issue trusted IGTF certificates, which are accepted by major research infrastructures such as EGI.[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/2″][vc_column_text]

CERN

Sirtfi provides the security contact of the home organisation for all users accessing CERN via eduGAIN. This is considered critical to ensure that any incident involving CERN, and the related computing infrastructure WLCG, is able to be handled efficiently.

Without Sirtfi, identity providers in eduGAIN are not trusted to authenticate at the thousands of service providers that CERN manages.[/vc_column_text][/vc_column_inner][/vc_row_inner][/vc_column][vc_column width=”1/4″][vc_single_image image=”2939″ img_size=”medium”][vc_column_text]Sirtfi was written by the REFEDS (the Research and Education FEDerations group) Sirtfi Working Group.[/vc_column_text][vc_empty_space][vc_video link=”https://www.youtube.com/watch?v=EuXrzCjuXDw&list=PLd64t_lPgjX3n9jH4NSnkMsdqpxyphlf” align=”center” title=”IAM online : Sirtfi”][vc_empty_space height=”4px”][/vc_column][/vc_row]

aarc-contacts@lists.geant.org

Linkedin Twitter Youtube

© members of the AARC Community. 
The work leading to these results has received funding from the European Union (GAP 101131237) and other sources. The contents of this publication is the sole responsibility of AARC and does not necessarily reflect the opinion of the European Union.