CAMP Program

11:30 am - 6:30 pm

Registration Open (CAMP and Pre-CAMP), 2nd Floor Lobby

1:30 pm - 5:00 pm

Pre-CAMP Conference: Getting Started with Federated Identity Management
Bayside II on 1st Floor

7:30 am - 5:30 pm                              

Registration Open, 2nd Floor Lobby 

8:30 - 8:45 am

Welcome and Introductions  Salon F, 2nd Floor
Shel Waggener, Senior Vice President, Internet2

8:45 - 9:25 am

Keynote
Patrick Perry, Vice Chancellor of Technology, Research and Information Systems
California Community Colleges
Download the slides

The 112 California Community Colleges are highly independent.  In pursuit of academic goals, and over the course of their lives, California Community College students may attend several colleges (sometimes attending 2-3 colleges at the same time to get enough classes).  This “swirling” and “come-and-go” behavior creates significant student identity challenges.

Patrick Perry will discuss these challenges and how the California Community Colleges Chancellor’s Office (CCCCO) is tackling this problem to facilitate research for systemic and institution improvement.  In addition, with mandates from the legislature, CCCCO is tasked to implement technology for student success, and a common student identity across the largest system of higher ed is the “secret sauce” in making it all work.

9:30 - 10:15  am              

Identity Management and Distributed Services: Challenges and Solutions
Session Moderators: Jacob Farmer, Indiana University; Ann West, Internet2

From library databases to outsourced email, your campus departments and budget officers want to provide better service at a lower cost. And, they look to you to make it all possible with your identity management infrastructure. We'll kick off CAMP with a series of lightning talks, polls, and discussions to set the stage, identify the challenges, and offer up solutions.

Identity Services: Strategy, Governance, Practice
Speakers: Kevin Morooney and Renee Shuey, Penn State

The role of executive sponsorship and organizational governance is important for bringing together awareness and stewardship for identity management practices and support of processes and policies. Join a conversation about one institution’s approach to aligning the components needed to bring executive sponsorship and a governance strategy for Identity and Access Management services.

10:15 - 10:30 am

Refreshment Break, Salon E

Refreshment Break, Salon E

10:30 - 11:30 am

The State of Identity Management on Your Campus
Session Moderators: Jacob Farmer, Indiana University; Theresa Semmens, North Dakota State University
Download the slides

This interactive session will lead you through a self-assessment of your identity and access management system. Are you "just starting" or "battle scarred?" This tool will help you identify focus areas as you move toward outsourced or cloud services.

10:30 - 11:00 am
Outsourcing IAM in North Carolina
Speakers: Mark Scheible and Steve Thorpe, MCNC
Download the slides

This session will present the background and the process that resulted in the creation of an Outsourced IAM “Managed Service” and highlight the benefits it brings not just to K-12 but to higher education - particularly at the touch-points between the two. It also connects the earlier K-20 NCTrust federation to current efforts to provide a Regional Federation for North Carolina.

11:00 - 11:30 am
Identity Management in the Cloud
Speaker: Maria Schuett, Capella University
Download the slides

When Oracle announced that it would not support Capella’s legacy Sun IAM platform it became an opportunity to evaluate the current infrastructure. The IAM gap analysis revealed inadequate lifecycle management, inefficient provisioning and de-provisioning processes, limited role provisioning, incoherent IAM environments, inconsistent user experience, and limited integration with its PeopleSoft systems. Capella needed to better manage its identities, but understood the challenges of assembling a team to deploy and manage an IAM infrastructure. The university chose to go with an IAM Cloud solution using Lighthouse Gateway.

11:30 am - 12:30 pm

Lunch, Salon E

Lunch, Salon E

12:45 - 1:30 pm                   

Joint Session: InCommon Steering Panel, Salon F
InCommon Steering is working closely with Internet2 to take on more responsibility for trusted identity in the research and education space. The Steering committee will describe the vision and projects underway and how they are advancing trusted identity and then take questions and comments from the community.

Joint Session: InCommon Steering Panel , Salon F
InCommon Steering is working closely with Internet2 to take on more responsibility for trusted identity in the research and education space. The Steering committee will describe the vision and projects underway and how they are advancing trusted identity and then take questions and comments from the community.

1:30 - 2:30 pm

Identity Stores, ERPs - Getting the Data into the IAM System
Speakers: Keith Hazelton, University of Wisconsin; Rob Carter, Duke University; Peter DiCamillo, Brown University; Dan Malone, Cal Poly State University

Do you have an ERP system that contains identity data? Do you have different identity stores for students, faculty/staff, and alumni? How do you take data contained in these disparate systems and get it into your IAM system, where you can then feed the outsourced/cloud services? Our panelists will share their solutions for this common problem.
Download the slides - Peter DiCamillo

1:30-2:00 pm
memberOf: Box to ERP
Speakers: Clark Trimble and Jared Housh, University of Tulsa
Download the slides

We trace group membership as used by Box file sharing to its indication in the University ERP. Techniques and troubles encountered along the way are presented for Box, Shibboleth, LDAP, Grouper, attribute store, and the ERP data warehouse. Special emphasis is given to synchronization procedures employed between each component. As a result, a holistic view of the University's identity management system is conveyed.

2:00 - 2:30 pm
Synchronizing Active Directory Groups
Speakers: Eric Kool-Brown and Nathan Dors, University of Washington
Download the slides

Institutions with one or more authorization systems may be interested in the areas covered by this project: 1) Event-driven architecture: pros and cons, platforms, and alternatives, 2) Unified authorization: keeping authorization groups synchronized between systems, 3)
Integrating Linux and Windows authorization: AD supports LDAP and Kerberos; could AD be used in addition to or as an alternative to OpenLDAP and MIT Kerberos in your institution?

2:30 - 3:15 pm

Managing Your Service Provider Interactions
Speakers: Brendan Bellina, University of Southern California; Nathan Dors, University of Washington, Michael Brogan, University of Washington
Download the slides

As you support more and more service providers (both on-campus and off-campus), you may find yourself spending more time resolving problems and troubleshooting, perhaps both policy and technical issues, particularly with external partners. Our speakers will discuss how they manage their SP relationships and some of the lessons they have learned over the years.

Lowering Barriers for Distributed Service Integration: The Cloud Service Cookbook
Speakers: Keith Wessel and Mark Nye, University of Illinois at Urbana-Champaign; Keith Brautigam, University of Iowa
Download the slides

Partnering with a new cloud service provider can be complicated and time-consuming. By the time you educate a new cloud vendor about identity management in higher ed, work your existing single sign-on and federation into their model, and integrate their service into your existing campus services, it’s easy to question the value of a cloud service in the first place.

The CIC Identity Management task force is creating a Cloud Service Cookbook to help lower these barriers. The cookbook will explain the IDM landscape in higher ed, propose best practices, and make suggestions from procurement to implementation. It will also document the value of InCommon membership for vendors and how joining InCommon helps simplify cloud integration. This session will show the cookbook and the process that went into creating it. We will discuss how it’s helping the CIC schools and can help other schools and their vendors.

3:15 - 3:30 pm

Break Sponsored by Unicon, Salon E

Break Sponsored by Unicon, Salon E

3:30 - 4:30 pm

Outsourcing your IAM or Federated IAM System: Policy and Technical Considerations
Speakers: Tim Calhoon, California Community Colleges; Dedra Chamberlin, University of California; Rob Chevalier, University of Oregon; Greg Haverkamp, Lawrence Berkeley Lab; Noreen Hogan, University of Oregon

You understand the value of an Identity and Access Management system. You see the possibilities of federation. But the staffing levels and dealing with the learning curve just aren't in the cards. While outsourcing of email has become somewhat common, but how about outsourcing identity and access management, and/or federated IAM? Hear the policy and technical pros and cons, and listen to case studies from our panelists and lightning talkers.

InCommon TAC: Priorities for 2014
Download the slides

The InCommon Technical Advisory Committee (TAC) will provide one of the regular updates of its work plan and discuss some of the projects that are currently underway. In addition to interest in hearing feedback about current work, the TAC is interested in hearing about current problems as well as suggestions of areas that deserve attention. Most of this work is done in subgroups that draw their membership from the community. The face-to-face environment is expected to provide an opportunity for active discussion of some of these topics.

4:30 pm - 5:30 pm

Joint Session: Google! Facebook! Can Social Identities Make Your Life Easier?
Speakers: Dave Langenberg, University of Chicago; Dedra Chamberlin, Cirrus Identity; John Krienke, Internet2

Download the slides

Do you serve constituents that have an arms-length relationship with your campus? High schoolers applying for admission, for instance? Parents? Community members taking continuing education classes? Oftentimes, portals and other low-risk applications serve these groups, but you have to issue NetIDs and manage the whole credentialing process. Can you have them bring their own credentials, in the form of Google and Facebook IDs? Hear about the community work being done and case studies from early implementers.

Joint Session: Google! Facebook! Can Social Identities Make Your Life Easier?
Speakers: Dave Langenberg, University of Chicago; Dedra Chamberlin, Cirrus Identity; John Krienke, Internet2

Download the slides

Do you serve constituents that have an arms-length relationship with your campus? High schoolers applying for admission, for instance? Parents? Community members taking continuing education classes? Oftentimes, portals and other low-risk applications serve these groups, but you have to issue NetIDs and manage the whole credentialing process. Can you have them bring their own credentials, in the form of Google and Facebook IDs? Hear about the community work being done and case studies from early implementers.

6:00 - 7:30 pm

CAMP Reception,  Lobby Level

CAMP Reception, Lobby Level

8:30 - 9:30 am                     

Provisioning and Deprovisioning - Policy Considerations and Case Studies                                        
Session Moderator: C.W. Belcher, University of Texas
Speakers: Theresa Semmens, North Dakota State University; Noreen Hogan, University of Oregon; Jim Jokl, University of Virginia; Scott Koranda, LIGO; Andrea Harrington, Penn State; Dustin Slater, University of Texas
Download the slides

As you provide more outsourced and cloud services, granting and removing access becomes more and more important. What are the policy considerations as you look at your process? How do campuses handle guests, affiliated groups, students who attend other institutions, and other specific use cases? We can't provide you with all of the answers, but can get you started on the right questions to address.

8:30 - 9:00
Collaboration as a Service
Speaker: Niels van Dijk, SURFnet
Download the slides

This session showcases various scenarios from The Netherlands where distributed and cloud services were used to facilitate collaborations between institutions.

Scenarios include:

sharing learning platforms between institutions, nationally and internationally;

-sharing digital examination tools between institutions;

-combining cloud-based and on-premise services;

-private cloud document sharing as a collaboration between University Medical Centers.

The presentation will look at the 'business case' for these collaborations, as well as how (inter)federation, groups, attributes and provisioning was used to facilitate these scenarios.

9:00 - 9:30
Enhancing collaboration for researchers across campuses using COmanage
Speakers: Scott Koranda
Download the slides

Research and scholarship today is more collaborative than ever before and collaborations extend beyond a single campus. Groups of researchers and students from around the world need to come together and collaborate efficiently. Identity federations like InCommon in the United States go a long way to help make collaboration more efficient but identity federation by itself is not enough. Research faculty need a collaboration management platform (CMP) to help them create and manage collaboration spaces for their project teams and streamline access to the data, applications, and collaborative tools that power the collaborative research engine.

The University of Wisconsin-Milwaukee and the Laser Interferometer Gravitational-wave Observatory (LIGO) have deployed COmanage, a CMP focused on supporting research virtual collaborative organizations (COs). LIGO is using COmanage to manage the collaboration between itself and its sister project KAGRA in Japan. We will demonstrate how a member of the KAGRA-LIGO working group enrolls, is approved, and then gains access to LIGO web services using his or her federated identity.

9:30 - 10 am

Recommended Practices and New Developments in the InCommon Federation 
Speaker: Tom Scavo, Internet2
View the slides online

Get the most out of your participation in the InCommon Federation. See how the Research & Scholarship Category can provide increased value to faculty and staff on your campus. Learn the latest “tricks of the trade” to help you become a productive and security conscious site administrator. Obtain first-hand knowledge of cutting-edge developments, including: Multifactor Authentication, Delegated Administration, Google Gateway, Interfederation, Metadata Distribution, Affiliation-Based Access, and more.

 

Practical Experiences of IAM and Distributed Services
Speaker: Richard James, Newcastle University
Download the slides

The session will describe Newcastle University’s current Identity and Access Management architecture, and will share experiences and initial approaches for the first ventures into distributed services. Newcastle has a long history of using Open Source tools within IAM. The University’s main IAM components being Internet2’s Shibboleth and Grouper and Talend’s open source Data Integration Suite. The session will discuss the importance of integration between these three components and the value and benefits that they have provided the institute and its users. Specific examples include moving library systems to the cloud and fully exploiting the Microsoft offering for STEM students and staff through schemes such as Microsoft Dreamspark. The frictionless user experience facilitated by these tools has delivered over £1.4million of value to university members.

10:00 - 10:30 am

Refreshment Break, Salon E
and Hotel Check-Out

Refreshment Break, Salon E
and Hotel Check-Out

10:30 - 11:00 am

Lightning Talks from the Community  

Here is an opportunity to speak about what's happening on your campus or raise a topic of special interest to you.  Just let moderator Jacob Farmer know if you would like to share a 5 minute lightning talk. 

The Chicago Approach to Identity Assurance
Speaker: David Langenberg, University of Chicago
Download the slides

Identity Assurance and more specifically InCommon Silver Assurance is being talked about more and more within the IT organization. All of our campuses are at various locations on the not-well-explored path to gaining the InCommon Silver accreditation. This session will provide a brief overview of how the University of Chicago is handling the requirements from a technical perspective.

11:00 am - Noon

Closing Keynote
Tom Black,
Associate Vice Provost for Student Affairs and University Registrar
Stanford University

Identity and Student Services: What if?

As the university becomes more global, offers programs to thousands or hundreds of thousands of students that it never sees, integrates more tightly with the corporate sector, attracts a student body that's increasing electronically sophisticated, what will constitute student services?

What if we could do real time assessment? What if we could integrate the high school experience and make a mashup that a student could use to apply to college with a click? This session will present a look into the future student services and engage the audience in a discussion of the implications on electronic identity.

Closing Keynote
Tom Black,
Associate Vice Provost for Student Affairs and University Registrar
Stanford University

Identity and Student Services: What if?

As the university becomes more global, offers programs to thousands or hundreds of thousands of students that it never sees, integrates more tightly with the corporate sector, attracts a student body that's increasing electronically sophisticated, what will constitute student services?

What if we could do real time assessment? What if we could integrate the high school experience and make a mashup that a student could use to apply to college with a click? This session will present a look into the future student services and engage the audience in a discussion of the implications on electronic identity.

Noon

CAMP Ends

CAMP Ends