Módosítások

# The aim of the Federation had been founded in order is to facilitate allow the use of the services of its Members and Partners by , where authorisation is based on the user information originating from the users. Users should be able to access the services (if they are allowed to use them) if they ' Home Institution identified and authorised themInstitutions.# A Home Institution might Institutions must only authenticate only users having a (known) relationship with the given institutionaffiliation to them.# IdPs and SPs must not give false or misleading information about itselfthemselves.# An IdP User information provided by IdPs should provide information be as accurate as it is possible. However, Service Providers SPs must take into account that some parts of the received information received from an IdP might may be modified by its users themselvesat the discretion of the user. # The IdPs must ensure that the User credentials (i.e. passwordpasswords) of their users are stored by IdPs must be protected. Credentials could be and verified only in a safe procedurethrough secure procedures.# A SP SPs must request only the minimal amount of the user’s user attributes from the IdPwhich are absolutely necessary for their operation.# A SP SPs must not request the password of a user used at his or her IdPask users for their federation passwords. # The SP processes SPs must handle personal data of the users according to the applicable local privacy laws.# IdP IdPs and SP SPs must cooperate when a in the investigation of possible misuse should be investigatedabuse/fraud.# IT systems running IdPs and SPs IT systems must be operated with due diligence.