CommIT Road Map and Glossary of terms through December 2013
DRAFT as of May 2, 2012
Category Glossary
Technical
● Identifier and Identity Management
○ account management
● IdP (Fed Auth)
● SP (Fed Auth)
● Privacy Architecture
● User Managed Access Approach
● Level of Assurance Management
● Production Requirements
○ Scalability
○ Disaster Recovery
● Service Registry
● User Interface
Governance
● Policies
● Privacy
● Legal Issues and agreements
● Decision Making (Who gets to decide)
● Process development such as Issue resolution (duplicate resolution)
Functional
● Use Cases
○ Higher Ed
○ Vendor
○ Federal
● Level of Assurance Requirements
● Privacy Requirements
● Matching Requirements
● Support issues
○ Password resets
○ Support for stakeholders
○ Help desk (user support)
● Duplicate management
Business
● Business Plan
○ Funding
○ Business Model(s)
● Marketing
○ Plan
○ Branding Services & Data Flow
■Transparency to Users
○ Recruiting Partners/Stakeholders
○ Presentations at conferences
■AACRAO (July 2012)
■EDUCAUSE (November 2012)
● Procedures
● Service Level Agreements
● Participation and Certification Process
● Privacy requirements
Participants/Stakeholders
● Applicants
● Parents
● Institutions
○ Colleges
■administrators
■reviewers
○ Secondary Schools
■counselors
■teachers
○ Community Based Organizations
■students
■counselors / advisors
● Business partners
○ Hobsons
○ Common App
○ College Board
○ ACT
○ Academy One
● K-12 Districts
● Federal Agencies
● Students
Road Map
Preparations for Oct 2012
● Marketing
● Identify attributes to be held
● Stress testing
○ Hosting: Hobson’s and ConnectEDU
● Architecture for Attribute Aggregation
● Identify what unique identifier will look like
● Define SAML2 deployment profile
● Identify how much work to do/how much it will cost
● Identify privacy requirements
Prototype: PESC Meeting (Oct 2012) (IS1 and basic demonstration of IS2)
Outcomes: Leave with Formal Commitment for First Production Stage August 1, 2013
● IdP
○ Identity management
○ Account issue, password reset, etc, account checking to avoid duplicates
○ Report on Stress testing
○ Make sure that the func and behavior that may be expected of the grown-up IdP is prototyped and tested to whatever extent possible
○ Other items not to violate scope creep rules
● 2 or more service organizations
○ (SP and IdP variably)
○ Private
○ Public Authoritative Data Sources vs. Data Aggregators
● Interface to IdP to demonstrate asserting and increasing/decreasing LOA, account vetting, etc.
● IAt least one example of attribute aggregation
● Account Linking
● Identify identifier approach (as part of privacy arch), implement if possible
● Delivering a decision making process through the first stage of production
○ InCommon Admissions group
○ Business group
● Ask for Letters of Commitment
● Identify what kind of funding we need
● Funding model for First Stage of Production and Pilot
● Marketing Approach
● Support model
○ Federated support implications
○ Linking old accounts to new
● UI????
Pilot Stage: June 1, 2013
First Production Stage: August 1, 2013
● Fed authentication and account linking
● Identifier approach with privacy enforcements
● Used by Common App and a handful of other HE partners
● No LoA 2
● matching,
Prototype Phase 2: (WHEN?)
Pilot Stage Phase 2: (WHEN?)
Second Production Stage: August 1, 2014
● Fed authentication
● CommiT as a service
○ account linking
○ IdP
○ privacy and access management
○ user support
○ capable of LOA2
● Higher Ed and Business Services
● Participation, Business Model and Certification Process in place