Presentation is loading. Please wait.

Presentation is loading. Please wait.

The InCommon Federation The U.S. Access and Identity Management Federation www.incommon.org.

Published byFrancis Reynolds Modified over 9 years ago

Similar presentations

Presentation on theme: "The InCommon Federation The U.S. Access and Identity Management Federation www.incommon.org."— Presentation transcript:

1 The InCommon Federation The U.S. Access and Identity Management Federation www.incommon.org

2 The InCommon Federation InCommon is the national research and education federation in the United States. InCommon membership includes higher education, federal research labs, government agencies and online service providers. InCommon establishes the trust relationship among organizations through common policies and procedures.

3 InCommon Facts Fact: InCommon has more than 4 million higher education users. Fact: InCommon membership has doubled yearly for several years Fact: InCommon higher education members include institutions of all sizes, including community colleges, research universities, and small liberal arts colleges. Fact: InCommon technology is based on standards being adopted globally.

4 The InCommon Federation Today InCommon includes: –139 higher education participants –Six government and nonprofit laboratories, research centers, and agencies (including NIH and NSF) –46 sponsored partners –Two county K-12 school districts (as part of a pilot)

5

6 Attributes: Anonymous ID, Staff, Student, … Federated Access in 30 seconds Metadata, certificates, common attributes & meaning, federation registration authority, Shibboleth 4. If attributes are acceptable to resource policy, access is granted! 3. Authorization: Privacy- preserving exchange of agreed upon attributes 2. Federation-based trust exchange to verify partners and locations 1. Authentication: single-sign-on at home institution Home Institution – user signs in Online Resource

7

8 InCommon Technologies InCommon uses SAML-based authentication and authorization systems (such as Shibboleth ® ) to enable scalable, trusted collaborations among its community of participants. InCommon supports both SAML 1.x and SAML 2.0. Several products interoperate with Shibboleth, including those offered by IBM (Tivoli), Oracle, Sun, and CA (Siteminder).

9 Value of InCommon Governance by a representative Steering Committee –Formulates policy, operational standards and practices, establishes a common set of attributes and definitions. Legal Agreement –Basic responsibilities, official signatory and establishment of trust, conflict and dispute resolution, basic protections Trust “Notary” –InCommon verifies the identity of organizations and their delegated officers Trusted Metadata –InCommon verifies and aggregates security information for each participant’s servers, systems, and support contacts Technical Interoperability (Technical Advisory Committee) –InCommon defines shared attributes, standards (SAML), software (Shibboleth)

10 InCommon Benefits Participants exchange information in a standardized format. Once an organization is a participating member, setting up a new relationship can take as little as a few minutes. Community-based collaboration and support. Use of a common authentication and authorization software provides single sign-on convenience.

11 Who can join InCommon? Accredited two- and four-year higher education institutions. Partner organizations sponsored by higher education participants.

12 Joining InCommon Business, education, research, and government organizations who partner with higher education join the Federation as Sponsored Partners. Participation agreement – agreeing to the policies of the federation and the community. Develop your participant operation practices (POP), which helps other federation members determine level of trust, privacy policies, attribute collection/use policies. Metadata: “Data about data” – a lynchpin of federating.

13 What does it cost to join InCommon? One-time fee of $700. Annual fee of $1,000 (for up to 20 service provider systems) (through 12/31/2009) As of January 1, 2010 (based on Carnegie Class) –Very High Research - $3000 –High Research - $2500 –Comprehensive and Doctoral - $1500 –Others - $1100 Note: this is the cost for InCommon membership. Depending on your integration and infrastructure, you may incur additional costs for implementation of software and systems.

14 2010 Tiers Approved by the Steering Committee, based on new Internet2 Levels: Carnegie Classification and Corporate Revenue 14 Very High ResearchL1$3,000 High ResearchL2$2,500 Doctoral, Large Masters, Medical Schools L3$1,500 All otherL4$1,100 Corporate: > $1B RevenueL1$3,000 Corporate: < $1B RevenueL3$1,500 Corporate: < $10M RevenueL4$1,100 Others: Case by Case, Similar Size Basis L1-4$

15 InCommon and the Federal Government Signed agreements with National Institutes for Health, National Science Foundation Interest expressed by, or in discussion with, several agencies, including: NASA Department of Agriculture Department of Energy CA Big (National Cancer Institute) CA Grid (National Cancer Institute)

16 InCommon and the NIH –Working on LoA 1 (Bronze) applications with NIH Clinical and Translational Science Awards –National Libraries of Medicine Genome data Testing with University of Washington –Piloting LoA 2 (Silver) application with NIH eRA (electronic Research Administration) Involves NIH, InCommon, University of Washington, Penn State University, Johns Hopkins University, University of California Davis Technical demo September 22, 2009 (Federal Demonstration Partnership meeting) Rollout during 2010

17 InCommon and the NSF –Piloting LoA 1 application (research.gov) at the National Science Foundation Involves InCommon, Penn State and the University of Washington Testing sandbox is up and running Technical demo September 22, 2009 (Federal Demonstration Partnership meeting) –More applications under consideration, once this pilot is completed

18 InCommon and the Federal Government –Worked closely with GSA to provide feedback on the new federal trust framework. GSA Federal CIO Council (FCIOC) Information Security and Identity Management Committee (ISIMC) Program oversight by Identity, Credential and Access Management Subcommittee (ICAMSC) –Federal trust framework based on OMB’s M-04-04 (risk management) and NIST 800-63 (electronic authentication guidelines). –InCommon helped inform the latest revision of NIST levels of assurance (LoA).

19 InCommon Silver –InCommon Silver profile comparable to NIST LoA2 –Silver pilot now underway at NIH Technical demonstration at FDP meeting Sept. 22 Full roll-out (with auditing, policy, and standards in place) in fall 2010. –InCommon assurance profiles based on OMB M-04-04 and NIST 800-63. –InCommon will soon submit its Bronze and Silver assurance profiles to the Identity, Credential and Access Management Subcommittee. –Once approved by ICAMSC, Bronze and Silver will be approved for use with all federal agencies at LoA1 and LoA2, respectively.

20 Recent History for the “Future” Jan 2009: InCommon Future Group Formed, chartered by InCommon Steering, AMSAC, RACGroup March 2009: Future Group Meets in Oakland April 2009: Draft Report for Public CommentReport May 2009: Three Town Hall Forums for Comment July 2009: Board Report Issued: “InCommon Future Report and Recommendation” September 2009: –CIC and RUCC universities urge support of InCommon –Interim Financial Plan for Board Discussion –Internet2 Board: “… The Board is firmly committed to ensuring that InCommon is properly positioned to provide sustainable leadership in this field for the indefinite future... ” –Community Response: Increase Financial Support, Increase InCommon Annual Dues –Internet2’s Response: Increase Financial Support: Exec Director, Interim Business Plan December 2009: Final Business Plan due to Internet2 Board for Approval 20

21 InCommon Governance InCommon Steering Committee –Executive committee (Chair, Vice-Chair, Treasurer, Secretary) –Focus on policy, outreach, and strategic planning Continuing Internet2 commitment to the entire space –Will move to hire an Exec Director for InCommon –Provides operations and management –Providing working capital to build out services Governance Evolving –Presently overseen by Internet2 Board with input from following: Internet2 CEO; Internet2 AMSAC council; and InCommon Steering Committee 21

22 InCommon InCommon will focus on three aspects of the identity middleware ecosystem: 1.Leadership, Advocacy, Outreach 2.Help Coordinate Development and Research Activities Around Globe –Shib, Grouper, COmanage, Paccman, ISOC (DKIM), … 3.Deliver Trust Services to its Participants –InCommon Federation (basic) –Bronze, Silver Profiles for Levels of Assurance of Identity –Certificate Services for U.S. Higher Education –Shib & IdM Training and Consulting –Outsourced Federation Services 22

23 Trust Services Basic – available today Bronze/Silver – in pilot, expected availability is late spring or early summer. Certificate service – In negotiation, likely rollout will be late first quarter of 2010. Shibboleth training – planning conference for June. Developing corporate partners plan rollout for first quarter. Managed federations – waiting for a customer 23

24 The InCommon Federation The U.S. Access and Identity Management Federation www.incommon.org

Download ppt "The InCommon Federation The U.S. Access and Identity Management Federation www.incommon.org."

Similar presentations

1 Leveraging Your Existing Campus Systems to Access Resource Partners: Federated Identity Management and Tales of Campus Participation EDUCAUSE 2006 October.

1 Leveraging Your Existing Campus Systems to Access Resource Partners: Federated Identity Management and Tales of Campus Participation EDUCAUSE 2006 October.
1 The Challenges of Creating an Identity Management Infrastructure for the University of California David Walker Karl Heins Office of the President University.

1 The Challenges of Creating an Identity Management Infrastructure for the University of California David Walker Karl Heins Office of the President University.
2012 State Board of Directors Orientation “Its good business to do business with an AGC member”

2012 State Board of Directors Orientation “Its good business to do business with an AGC member”
The Internet2 NET+ Services Program Jerry Grochow Interim Vice President CSG January, 2012.

The Internet2 NET+ Services Program Jerry Grochow Interim Vice President CSG January, 2012.
Chesapeake Bay Program Goal Development, Governance, and Alignment Carin Bisland, GIT6 Vice Chair.

Chesapeake Bay Program Goal Development, Governance, and Alignment Carin Bisland, GIT6 Vice Chair.
Chesapeake Bay Program Goal Development, Governance, and Alignment Carin Bisland, GIT6 Vice Chair.

Chesapeake Bay Program Goal Development, Governance, and Alignment Carin Bisland, GIT6 Vice Chair.
Information Resources and Communications University of California, Office of the President UCTrust David Walker Office of the President University of California.

Information Resources and Communications University of California, Office of the President UCTrust David Walker Office of the President University of California.
Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.

Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.

1 eAuthentication in Higher Education Tim Bornholtz Session #47.
Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.

Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.
Building Trusted Transactions Identity Authentication & Attribute Exchange In Public and Private Federations OASIS Conference September 2010 Joni Brennan,

Building Trusted Transactions Identity Authentication & Attribute Exchange In Public and Private Federations OASIS Conference September 2010 Joni Brennan,
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.

Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
Www.incommon.org InCommon and Federated Identity Management 1 www.incommon.org.

InCommon and Federated Identity Management 1
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign InCommon and TeraGrid Campus Champions Jim Basney

National Center for Supercomputing Applications University of Illinois at Urbana-Champaign InCommon and TeraGrid Campus Champions Jim Basney
Alabama GIS Executive Council November 17, 2009. Alabama GIS Executive Council Governor Bob Riley signs Executive Order No. 38 on November 27 th, 2007.

Alabama GIS Executive Council November 17, Alabama GIS Executive Council Governor Bob Riley signs Executive Order No. 38 on November 27 th, 2007.
Presenter’s Name InCommon Approximately 80 members and growing steadily More than two million “users” Most of the major research institutions (MIT joining.

Presenter’s Name InCommon Approximately 80 members and growing steadily More than two million “users” Most of the major research institutions (MIT joining.
Minnesota Law and Health Information Exchange Oversight Activities James I. Golden, PhD State Government Health IT Coordinator Director, Health Policy.

Minnesota Law and Health Information Exchange Oversight Activities James I. Golden, PhD State Government Health IT Coordinator Director, Health Policy.
InCommon Policy Conference April 2005. 2 Uses  In order to encourage and facilitate legal music programs, a number of universities have contracted with.

InCommon Policy Conference April Uses  In order to encourage and facilitate legal music programs, a number of universities have contracted with.
1 Tuesday, August 16, 2005 W E B C A S T August 16, 2005 Policy Development Theory & Practice: An Emphasis on IT Pat Spellacy Director of Policy & Process.

1 Tuesday, August 16, 2005 W E B C A S T August 16, 2005 Policy Development Theory & Practice: An Emphasis on IT Pat Spellacy Director of Policy & Process.
1 VA-Affiliated Nonprofit Research and Education Corporations (NPCs) Barbara F. West Executive Director National Association of Veterans’ Research and.

1 VA-Affiliated Nonprofit Research and Education Corporations (NPCs) Barbara F. West Executive Director National Association of Veterans’ Research and.

Similar presentations

Ads by Google