Raising the Trust in Research and Education Digital Services using Levels of Assurance Profiles

Abstract

In contemporary society, the digitization of societal functions necessitates the implementation of robust mechanisms to authenticate user identities. The imperative nature of establishing digital trust is particularly pronounced in the realm of electronic services, notably those administered by governmental and institutional entities. Trustworthiness of an electronic identity triggers the exigency for an accompanying process known as electronic authentication (e-authentication), which substantiates the legitimacy of the digital identity. The intricate task of managing digital identities and authentication credentials manifests as a challenge for a majority of end-users. Notwithstanding this complexity, service providers recurrently mandate digital identities for the provision of identity-centric services or for alerting users to irregularities. In light of these considerations, the conceptual framework of Identity Federation emerges as a paradigm, orchestrating the dissemination of identity information within predefined parameters. This research undertakes the examination of federated identity systems in the ecosystem of research and educational institutions, with a specific focus on the different authentication mechanisms and levels of assurance. We examine both the technologies (multi-factor authentication) and protocols (SAML) involved in these processes and currently defined attribute exchange policies used.