Getting to Silver: Practical Matters for CIC Universities Tom Barton University of Chicago © 2009 The University of Chicago.

Slides:



Advertisements
Similar presentations
How Identity and Access Management Can Help Your Institution Touch Its Toes Renee Woodten Frost Internet2 and University of Michigan Kevin Morooney The.
Advertisements

Appropriate Access InCommon Identity Assurance Profiles David L. Wasley Campus Architecture and Middleware Planning workshop February 2008.
Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.
Bronze and Silver Identity Assurance Profiles for Technical Implementers Tom Barton Senior Director for Integration University of Chicago Jim Green Manager,
Credentialing, Levels of Assurance and Risk: What’s Good Enough Dr. Michael Conlon Director of Data Infrastructure University of Florida.
Password Policy: Update Recommendations Identity & Access Management Committee September, 2012.
Going for the Silver Winter 2010 CSG January 13, 2010.
Identity Assurance Profiles & Trust Federations David Bantz, U Alaska Tom Barton, U Chicago Ann West, Internet2 & InCommon David Bantz, U Alaska Tom Barton,
InCommon Assurance Certification VA-SCAN October 3, 2013 Mary Dunker.
Enterprise Architecture 2014 EAAF as a vehicle for LoA Using EAAF processes to incrementally approach InCommon/UCTrust certification.
Information Resources and Communications University of California, Office of the President UCTrust David Walker Office of the President University of California.
1 Penn State’s Identity & Access Management Initiative “It’s all about who you know … and what you know about them”
Office of the Chief Information Officer EFCOG Annual Meeting Fred Catoe (IM-32) U.S. Department of Energy.
Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.
Information Resources and Communications University of California, Office of the President Current Identity Management Initiatives at UC & Beyond: UCTrust.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
Mary Dunker Common Solutions Group January 12, 2010.
InCommon and Federated Identity Management 1
Meeting InCommon Silver Profile Standards at UCD and UCB Bob Ono, UC Davis, Dedra Chamberlin, UC Berkeley, David Walker, UC Davis, Doreen Meyer, UC Davis.
Winter 2011 CSG Workshop: InCommon Silver January 12, 2011.
Appropriate Access: Levels of Assurance Stefan Wahe Office of Campus Information Security.
© 2011 The University of Chicago InCommon Silver Implementation at UChicago Tom Barton 1.
E XAMINATION AND E NFORCEMENT I SSUES : B EYOND T HE P ILLARS The AMLA Third Annual Full Day BSA/AML Conference October 4, 2013 Presented by: John M. Geiringer.
Federal Requirements for Credential Assessments Renee Shuey ITS – Penn State February 6, 2007.
Refining Silver CSG January 2011, Duke University Renee Shuey, RL "Bob" Morgan, Tom Barton.
1 EDUCAUSE Midwest Regional Conference Top Strategies for Working with Stakeholders: Synopses of Recommendations from the Identity Management Summit Mark.
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign Federated Incident Response Jim Basney
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
InCommon Michigan State Common Solutions Group, January 2011 Matt Kolb
The InCommon Federation The U.S. Access and Identity Management Federation
CIC E-Publishing Venture COC-11 Portland, Oregon April 19, 2002 Tom Peters.
The Implementation of HIPAA Joan M. Kiel, Ph.D., C.H.P.S. Duquesne University Pittsburgh, Pennsylvania.
IDENTITY ASSURANCE PROFILES AND FRAMEWORK DOCUMENTS: PEEK INTO PROPOSED FICAM CHANGES 12/12/12 1.
An Integrated Control Framework & Control Objectives for Information Technology – An IT Governance Framework COSO and COBIT 4.0.
Federated or Not: Secure Identity Management Janemarie Duh Identity Management Systems Architect Chair, Security Working Group ITS, Lafayette College.
Important informations
Ning Zhang, the University of Manchester, UK David Groep, National Institute for Nuclear and High Energy Physics, NL Blair Dillaway, OGF Security Area.
Technology Supervision Branch Interagency Identity Theft Red Flags Regulation Bank Compliance Association of CT Bristol, CT September 3, 2008.
Identity Assurance: When it Matters David L. Wasley Internet2 / InCommon.
Federated Access to US CyberInfrastructure Jim Basney CILogon This material is based upon work supported by the National Science.
Identity Management in Open Science Grid Identity Management in Open Science Grid Challenges, Needs, and Future Directions Mine Altunay OSG Security Officer.
Campus Identity Management Requirements (=IAP) REFEDs meeting Mikael Linden,
Balance Between Audit/Compliance and Risk Management- Best Practices FIRMA 21 st National Training Conference Julia Fredricks, U.S. Chief Compliance Officer.
State of e-Authentication in Higher Education August 20, 2004.
Data Governance 101. Agenda  Purpose  Presentation (Elijah J. Bell) Data Governance Data Policy Security Privacy Contracts  FERPA—The Law  Q & A.
Projecting Infrastructure to the CLOUD CSG discussion Fall Princeton University.
Federated Identity in Texas Paul Caskey The University of Texas System HEAnet National Conference Kilkenny, Ireland 13 November 2008.
New York Library Association 2010 Conference Survive a State Financial Audit Alex Gutelius Clifton Park-Halfmoon Library, Director Rob Lusak, The Smithtown.
Attribute Delivery - Level of Assurance Jack Suess, VP of IT
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
EDUCAUSE Identity & Access Management 2/12/2008.
Winter 2011 CSG Workshop: InCommon Silver Campus Panel: University of Iowa January 12, 2011.
Identity Management in Open Science Grid Identity Management in Open Science Grid Challenges, Needs, and Future Directions Mine Altunay, James Basney,
May 5, 2016 May 5, Reporting obligations for  Investment banks,  Stockbrokers and dealers  FM and Investment advisers 2. Publication financial.
Leveraging Campus Authentication to Access the TeraGrid Scott Lathrop, Argonne National Lab Tom Barton, U Chicago.
INFORMATION ASSURANCE POLICY. Information Assurance Information operations that protect and defend information and information systems by ensuring their.
1 EDUCAUSE Mid-Atlantic Regional Conference Top Strategies for Working with Stakeholders: Synopses of Recommendations from the Identity Management Summit.
LoA In Electronic Identity Jasig Dallas Levels of Assurance In Electronic Identity Considerations for Implementation Benjamin Oshrin Rutgers University.
Tom Barton, Senior Director for Integration, University of Chicago
Preparing For An InCommon Silver Audit – Lessons From the First Phase
Auditing Sustainable Development Goals
Connecting InCommon-Silver and Research at UW-Milwaukee
InCommon Participant Operating Practices: Friend or Foe?
InCommon Steward Program: Community Review
Privacy, Security, and Identity Management Update
Federated Identity to Support Collaboration in the CIC
Federal Requirements for Credential Assessments
PASSHE InCommon & Federated Identity Workshop
InCommon Participant Operating Practices: Friend or Foe?
Appropriate Access InCommon Identity Assurance Profiles
Presentation transcript:

Getting to Silver: Practical Matters for CIC Universities Tom Barton University of Chicago © 2009 The University of Chicago

Committee on Institutional Cooperation 1.University of Chicago 2.University of Illinois 3.Indiana University 4.University of Iowa 5.University of Michigan 6.Michigan State University 7.University of Minnesota 8.Northwestern University 9.Ohio State University 10.Pennsylvania State University 11.Purdue University 12.University of Wisconsin- Madison 2 The CIC: 12 large midwestern US research universities

 Comparable to NIST LoA2  Based on OMB M and NIST  Covers all aspects of the IdM operation  Two audits required  Every 2 years – confirm operation follows documented policy & procedure  One time – assess documented policy & procedure for Silver compliance  InCommon keeps letter from Silver compliance auditor and publishes the fact of that IdP’s compliance 3 InCommon Silver

 CIC CIOs decided in August 2009 that all CIC schools should be Silver certified by Fall 2011  Why?  Sustain adoption of fundamentally sound campus business practices and technologies in Identity Management  Expand inter-institutional collaboration  Support emergent trends, relationships, needs on the national identity scene and elevate prominence of CIC in those dimensions  Project leads: Renee Shuey & me 4 The CIC and InCommon Silver

Which campus people need Silver assurance? 5 Timeframe sooner later User group size smaller larger NIH apps TeraGrid OSG CILogon NSCNat’l Labs CIC storage cloud CIC CourseShare Payroll caBIG Benefits Student Loans

 Piece A: Documentation of policies and procedures and standard operating practices  Piece B: Strength of authentication and shared secrets  Piece C: Registering identity subjects and issuing credentials to them 6 Pieces of Silver

Documentation of policies and procedures and standard operating practices 7 RequirementsIssues or risks Comprehensive IdM policies and procedures No one really knows, unclear who gets to decide, weak documentation practice Formal authorityLack of clear governance Criminal background checks for IdM staff New mandate for Human Resources Department Bi-annual auditScheduling & funding

Strength of authentication and shared secrets 8 RequirementsIssues or risks Password complexity & lifetime Resistance to change Account lock-outResistance to change Passwords stored appropriately How campus portal handles passwords Passwords only in secure channels Remaining legacy systems

Registering identity subjects and issuing credentials to them 9 RequirementsIssues or risks n/aWhich user groups are in scope for the campus Silver project? Identity vetting & registration Change existing process for on- boarding students or staff –OR– Implement a new IV&R process Store breeder document numbers Increase exposure of Personally Identifiable Information Credential issuance process Change online credential issuance process; new link with existing business processes

 Energize collaborative efforts across the CIC  CIC campuses provide best possible support for scientific and scholarly collaboration  CIC campuses poised to take full advantage of cloud/shared services  For a large university, achieving Silver compliance can boost confidence on campus too 10 The view from Fall 2011

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.