Campus Based Authentication & The Project Presented By: Tim Cameron National Council of Higher Education Loan Programs.

Slides:



Advertisements
Similar presentations
Where Did My Loan Go? Presenters: Amy Kerwin Great Lakes Higher Education Guaranty Corporation Tim Cameron National Council of Higher Education Loan Programs.
Advertisements

- 1 - Defense Security Service Background: During the Fall of 2012 Defense Security Service will be integrating ISFD with the Identity Management (IdM)
Effective Entrance and Exit Counseling Maria Luna-Torres Director of Education Finance Initiatives TG.
Presented by: Doug Falk National Student Clearinghouse Student Access to Federal Loan Data and Other Online Student Services.
Split Servicing: Tools and Strategies to Help Track and Manage Debt Presented by: Tim Cameron The Meteor Project Manager National Council of Higher Education.
5 th Annual Conference on Technology & Standards April 28 – 30, 2008 Hyatt Regency Washington on Capitol Hill Electronic Data Exchange Standards.
ECASLA Programs Participation Program PUT Program SLGFA Annual Conference Crowne Plaza Hotel March 10 th, 2009 Wanda Hall Theresa McDuffee Edfinancial.
U.S. Department of Agriculture eGovernment Program February 2004 eAuthentication Integration Status eGovernment Program.
Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (
1 eAuthentication in Higher Education Tim Bornholtz Session #47.
© Copyright Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.
Academic Services Interactive Media Managing the Web with Java JA-SIG Winter 2002 Robert Sherratt Academic Services, Interactive Media.
Great Lakes Loan Servicing NCASFAA Conference September 2011.
PROACTIVELY IDENTIFYING POTENTIAL IMPACTS OF PUT LOAN TO BORROWERS Creating A Positive Customer Experience NCHELP Program Operations Update May 26, 2009.
EAuthentication in Higher Education Tim Bornholtz Session 58.
Extending Enterprise Authentication and Authorization in Higher Education: Building on the Success of Project Meteor.
SAS 112: The New Auditing Standard Jim Corkill Controller Accounting Services & Controls.
Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.
Session 41-2 Session 41 Services on the Web for Schools.
Student Financial Assistance. Session 40-2 Session 40 Web Tools: SFA Self-Assessment/ Compliance Modules.
For FAA Use Only Higher Education Opportunity Act Overview of Title X Private Student Loan Transparency & Improvement Act Presented by: Cherrie Champie.
The InCommon Federation The U.S. Access and Identity Management Federation
1 Web Services and E-Authentication Adele Marsh, AES Charlie Miller, RIHEAA Session 35.
Session #43 METEOR Russ Judd, Great Lakes Adele Marsh, AES Tim Cameron, NCHELP Electronic Access Conference December 3-6, 2002.
1 Georgia Higher Education Conference, March 5, 2003 Presented by: Russell Judd, Great Lakes Educational Loan Services, Inc.
Meteor Implementation Presented by: Tim Cameron & Justin Greenough Technical Track Session.
Human Resources Administration Department of Social Services 1 Eligibility Data and Image Transfer System EDITS November 6, 2008.
Mapping Your Future ® and Meteor™ Where is my student loan? Presented by: Cathy Mueller Mapping Your Future Tim Cameron Meteor.
U.S. Department of Agriculture eGovernment Program August 14, 2003 eAuthentication Agency Application Pre-Design Meeting eGovernment Program.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
Shib-Grid Integrated Authorization (Shintau) George Inman (University of Kent) TF-EMC2 Meeting Prague, 5 th September 2007.
Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.
1 NCHELP Update Common Record for FFELP & Alternative Loans Meteor The High Performance Channel.
PESC Annual Conference May 7, What is Meteor? Web-based universal access channel for financial aid information Aggregated information to assist.
1 NCHELP Collaborations Tim Cameron NCHELP Adele Marsh American Education Services.
U.S. Department of Agriculture eGovernment Program July 15, 2003 eAuthentication Initiative Pre-Implementation Status eGovernment Program.
Helping you Help Students Avoid Default: Debt Management Tools for Schools and Students Russell Judd Great Lakes Higher Education Corp. Doug Falk National.
Presented by: Presented by: Tim Cameron CommIT Project Manager, Internet 2 CommIT Project Update.
Common Manual: Unified Student Loan Policy Becca Diskin MASFAP Conference March 7, 2007.
Single Sign-on for Loan Servicing Data & Repayment Services Presented by: –Tim Cameron Meteor Project Manager National Student Clearinghouse.
The National Science Digital Library & Shibboleth.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Erie 1 BOCES / WNYRIC eBOCES applications Visit us at:
Session 52-1 Session 52 Meteor Where it is and where is it going?
5 th Annual Conference on Technology & Standards April 28 – 30, 2008 Hyatt Regency Washington on Capitol Hill A Discussion on Project Meteor.
Meteor & Mapping Your Future: Leveraging Technology to Provide Enhanced Services 3 rd Annual Conference on Technology & Standards May 2, 2006.
U.S. Department of Agriculture eGovernment Program July 9, 2003 eAuthentication Initiative Update for the eGovernment Working Group eGovernment Program.
The privacy risks and rewards of distributed identity Conference Presentation (8 September 2003) Surveillance and Privacy 2003, University of New South.
The Impact of Evolving IT Security Concerns On Cornell Information Technology Policy.
State of e-Authentication in Higher Education August 20, 2004.
E-Authentication in Higher Education April 23, 2007.
Session 45 Direct Loans: How to Get Started and Get Going ! Gail McLean-Campbell Lisa DiCarlo.
C-DERL is an application designed to be a Federal- wide, online repository for data standards, definitions, and context. It was authorized jointly by the.
1 E-Authentication and Web Services Charlie Miller, RIHEAA.
E-Authentication & Authorization Presentation to the EA2 Task Force March 6, 2007.
Meteor General Information May 16, Types of Data Available Meteor –FFELP –Alternative/Private Loans –State Grants & Scholarships (Summer 2006)
1 Efficient- Flexible- Cost Effective. 2 The key is to ensure that your clients have a positive experience remotely irrespective of the process you wish.
Project Presentation to: The Electronic Access Partnership July 13, 2006 Presented by: Tim Cameron, Meteor Project Manager The.
University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.
Jan 2002 CSG Meteor Project Real-time access to financial aid information.
2003 © SWITCH Authentication and Authorisation Infrastructure - AAI Christoph Graf Project Leader AAI SWITCH.
Attribute Delivery - Level of Assurance Jack Suess, VP of IT
E-Authentication October Objectives Provide a flexible, easy to implement authentication system that meets the needs of AES and its clients. Ensure.
Stanford University & National Student Clearinghouse Shibboleth Pilot CAMP Phoenix, AZ February 5, 2009.
Authentication Presenter Meteor Advisory Team Member Version 1.1.
MS Invoice E-Invoice Solution Overview March 2016.
PRACE user authentication and vetting Vincent RIBAILLIER, 29 th EUGridPMA meeting, Bucharest, September 9 th, 2013.
“Real World” METEOR Implementation Issues
NCHELP Update Common Record for FFELP & Alternative Loans Meteor
PROACTIVELY IDENTIFYING POTENTIAL IMPACTS OF PUT LOAN TO BORROWERS
Presentation transcript:

Campus Based Authentication & The Project Presented By: Tim Cameron National Council of Higher Education Loan Programs

The Meteor Story

What is Meteor? Web-based network for aggregated real-time inquiry of financial aid information Web-based network for aggregated real-time inquiry of financial aid information One stop, online web service One stop, online web service Collaborative effort of the FFELP community Collaborative effort of the FFELP community Freely available software and access to the network Freely available software and access to the network Customization options are available Customization options are available

In the beginning…. Pre-Meteor Environment (1980’s & 1990’s) Pre-Meteor Environment (1980’s & 1990’s) Lenders, Guarantors, Servicers, Schools and others all offered independent web services Lenders, Guarantors, Servicers, Schools and others all offered independent web services Required multiple logins Required multiple logins Low level of security: Low level of security: Many required only SSN and DOB to access financial aid award data! Many required only SSN and DOB to access financial aid award data!

In the beginning…. Department of Education Modernization Plans Department of Education Modernization Plans Performance Based Organization approved with Higher Education Amendments in 1998 Performance Based Organization approved with Higher Education Amendments in 1998 Modernization Blueprint Modernization Blueprint Released September 30, 1999 Released September 30, 1999 Second Edition Second Edition Third Edition – 2001 Third Edition – 2001 Fourth Edition – 2002 Fourth Edition – 2002

In the beginning…. FFELP Providers Solution FFELP Providers Solution Spring 2000: CEO meeting sponsored by NCHELP Spring 2000: CEO meeting sponsored by NCHELP Critical decisions: Critical decisions: Create an information network to provide aggregated financial aid information. Create an information network to provide aggregated financial aid information. Foundation Principles Foundation Principles Open Source Open Source Open Collaboration Open Collaboration Freely Available Freely Available Controlled Participation Network Controlled Participation Network

Increasing Importance for Access to Distributed Databases

Legislative Changes Ensuring Continued Access to Student Loans Act (ECASLA) Ensuring Continued Access to Student Loans Act (ECASLA) Loan Participation Purchase Program Loan Participation Purchase Program Loan Purchase Commitment Program Loan Purchase Commitment Program

Growth of Split Servicing Student used multiple lender/guarantor combos to take advantage of benefits Student used multiple lender/guarantor combos to take advantage of benefits Student consolidated while in-school Student consolidated while in-school Student transferred to a new school Student transferred to a new school School switched from FDLP to FFELP or vice versa School switched from FDLP to FFELP or vice versa Lender suspended student loan offerings Lender suspended student loan offerings

Impact to Borrower Payment schedule complications Payment schedule complications Multiple payment due dates Multiple payment due dates Differing payment amounts Differing payment amounts Multiple payment methods Multiple payment methods Potential loss of extended repayment options Potential loss of extended repayment options Deferment and forbearance complications Deferment and forbearance complications Inconsistent deferment documentation standards Inconsistent deferment documentation standards Inconsistent forbearance period maximums Inconsistent forbearance period maximums

Coping with the Impact Each of these inconveniences is easily overcome so long as the borrower knows who their lenders/servicers are and how to get in touch with them.

Meteor Today 14 Points of access to the Network 14 Points of access to the Network 20 Data providers 20 Data providers School Authentication Agents School Authentication Agents Several custom implementations Several custom implementations

Meteor Participant Types Organizations that implement the Meteor software Organizations that implement the Meteor software Access Providers (AP) Access Providers (AP) Authentication Agents (AA) Authentication Agents (AA) Data Providers (DP) Data Providers (DP) Index Providers (IP) Index Providers (IP)

The Meteor Process One Two Access Provider Data Providers Student/Borrower or Financial Aid Professional or Access Provider Representative or Lender Three Index Provider Users Federated Authentication Process

Each participant is required to register, sign a participation agreement, and submit policies and procedures surrounding their authentication process. Each participant is required to register, sign a participation agreement, and submit policies and procedures surrounding their authentication process. The Meteor Team Leads review the policies and procedures and assign a Level of Assurance The Meteor Team Leads review the policies and procedures and assign a Level of Assurance Meteor uses a centralized LDAP server to contain: Meteor uses a centralized LDAP server to contain: Public keys of all participants Public keys of all participants Network status information (active, pending, suspended) Network status information (active, pending, suspended) Contact Information Contact Information The Meteor Registry

Meteor Authentication Objectives & Process

Provide a flexible, easy to implement authentication system. Provide a flexible, easy to implement authentication system. Ensure compliance with the Gramm-Leach- Bliley Act (GLBA), federal guidelines, and applicable state privacy laws. Ensure compliance with the Gramm-Leach- Bliley Act (GLBA), federal guidelines, and applicable state privacy laws. Assure data owners that only appropriately authenticated end users have access to data. Assure data owners that only appropriately authenticated end users have access to data. Ensure compliance to participant organizations internal security and privacy guidelines. Ensure compliance to participant organizations internal security and privacy guidelines. Meteor’s Authentication Objectives

The Meteor Authentication Model Each Access Provider uses their existing authentication model (single sign-on) Each Access Provider uses their existing authentication model (single sign-on) Meteor levels of assurance are assigned at registration Meteor levels of assurance are assigned at registration Meteor Level 3 complies with the NIST Level 2 Meteor Level 3 complies with the NIST Level 2

User is required to provide an ID and a shared secret. User is required to provide an ID and a shared secret. Assignment and delivery of shared secret must be secure. Assignment and delivery of shared secret must be secure. Assignment of shared secret is based on validated information. Assignment of shared secret is based on validated information. Reasonable assurances that the storage of the IDs and shared secrets are secure. Reasonable assurances that the storage of the IDs and shared secrets are secure. Meteor’s Authentication Requirements

Access provider must ensure appropriate authentication for each end user and provide traceability back to that user Access provider must ensure appropriate authentication for each end user and provide traceability back to that user Access provider must provide authentication policy to central authority Access provider must provide authentication policy to central authority Access provider must provide central authority with 30 day advance notice of changes to authentication policy Access provider must provide central authority with 30 day advance notice of changes to authentication policy Access provider must agree to appropriate use of data Access provider must agree to appropriate use of data Meteor’s Authentication Requirements

End user authenticates at access provider site or through a Meteor approved third party Authentication Agent End user authenticates at access provider site or through a Meteor approved third party Authentication Agent Access provider creates authentication assertion (SAML) Access provider creates authentication assertion (SAML) Access provider signs authentication assertion with digital certificate Access provider signs authentication assertion with digital certificate The Meteor Authentication Process

Role of end user Role of end user Social Security Number Social Security Number Authentication Process ID Authentication Process ID Level of Assurance Level of Assurance Opaque ID Opaque ID Organization ID and Type Organization ID and Type SAML Assertion Attributes

Meteor and the National Student Clearinghouse: Campus Based Authentication

Campus Based Authentication Schools that have entered into an electronic services agreement with the Clearinghouse will act as Authentication Agents. Schools that have entered into an electronic services agreement with the Clearinghouse will act as Authentication Agents. Students campus issued credentials will be utilized to access Meteor and other Clearinghouse services via Student Self- Service Web site Students campus issued credentials will be utilized to access Meteor and other Clearinghouse services via Student Self- Service Web site

The National Student Clearinghouse Student Self-Service Meteor is integrated into the Clearinghouse’s Student Self-Service Application Meteor is integrated into the Clearinghouse’s Student Self-Service Application For schools that wish to provide students with Meteor access, Meteor loan detail is incorporated into the LoanLocator display For schools that wish to provide students with Meteor access, Meteor loan detail is incorporated into the LoanLocator display

What’s Next?

Online Award Letter Pilot Will serve as a debt management tool Will serve as a debt management tool Borrowing history presented BEFORE a new award is accepted Borrowing history presented BEFORE a new award is accepted Ensures that borrower is aware of the potential impact of increasing his aggregate loan(s) amount Ensures that borrower is aware of the potential impact of increasing his aggregate loan(s) amount Total current outstanding Total current outstanding New total outstanding with the addition of the new loan New total outstanding with the addition of the new loan Repayment scenarios based on aggregates Repayment scenarios based on aggregates

For More Information…. Interactive Web Site Launched Interactive Web Site Launched Audio presentation Audio presentation Interactive demonstration version of the software Interactive demonstration version of the software Link to the Meteor project site Link to the Meteor project site Project Documentation Project Documentation Implementation Information Implementation Information Current Provider List Current Provider List User Guide and other documentation User Guide and other documentation

Tim Cameron NCHELP Meteor Project Manager Tim Cameron NCHELP Meteor Project Manager Contact Information

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.