Transcript Document
Minimal security requirements Barcelona, 6th of September 2005 David Simonsen,UNI-C "eduroam is a registered trademark of TERENA. David Simonsen is independent of TERENA." Minimal service level agreement, Top Level eduroam Service The eduroam Secretariat guaranties, through agreements with the federation members, that the necessary infrastructure to run the official, top level eduroam services is in place at all times and that these are maintained according to best practice. Hardware must be duplicated and placed in geographically separate places to ensure resilience and the overall stability of the eduroam top level services. The eduroam Secretariat also guaranties that reported incidents concerning the eduroam federation policy are being handled as fast as possible and that all such incidents are being logged and presented to the next eduroam Assembly. The eduroam Secretariat will assist in the dissemination of eduroam and connecting new countries and organisations. The eduroam Secretariat must keep a copy of the present eduroam federation policy signed by every NREN joining eduroam. Minimal service level agreement, NREN Each NREN joining eduroam should ensure that the necessary infrastructure supporting the eduroam services is in place, being maintained according to best practice. The NREN must keep a copy of the present document signed by every institution joining eduroam. The NREN must act as the national eduroam authority. A dispute can only in very special cases be passed on to the eduroam Secretariat to resolve and appropriately act upon. Once a year a report on misuse and breaches of the eduroam federation policy must be delivered to the eduroam Secretariat. Each NREN joining eduroam must establish and maintain a website informing about participating institutions and practical information about how to use eduroam in the local language and preferably in English and other languages as well. Minimal service level agreement, institution Each institution must: - maintain the local eduroam infrastructure according to best practice - not put in place systems that can in any way provide the user credentials of users from other eduroam institutions - Not authorize use of any resource affiliated with the name ’eduroam’ without prior successful eduroam authentication - set up a web site describing the details of the local eduroam setup (accessible via web redirect) - report breaches to the eduroam federation policy to the local NREN Each institution should: - broadcast the wireless network name (SSID) 'eduroam' to ensure easy recognition - educate and support their users in the use of eduroam