The InCommon Library Services Collaboration Vendor Group has produced two documents in draft form and seeks comment from the InCommon Community.
The Best Practices document focuses on resource providers (publishers and databases, for example) that provide Shibboleth-based access to their licensed content.
The Registry of Resources document includes information about resource providers that are in various stages of Shibboleth-compliance. This is intended as a resource for the community, particularly Identity Providers seeking to use federated access for such services.
The intent of these documents is to provide a checklist for vendors for Shibboleth implementation, and to provide implementation details to universities who would like to integrate with Shibboleth-enabled resources.
These documents are available through our wiki space: https://spaces.at.internet2.edu/display/inclibrary
Here are also direct links to the documents:
https://spaces.at.internet2.edu/display/inclibrary/Best+Practices
https://spaces.at.internet2.edu/display/inclibrary/RegistryOfResources
These documents are in draft form and open for community comment by December 15. Comments are enabled on these pages (you must be logged in to spaces.at.internet2.edu to comment) or you can send email to inc-lib-vendor@incommonfederation.org.
Going to the Educause annual conference (Nov. 3-6)? Fans of identity and access management will find no fewer than 14 related sessions, including a pre-conference workshop for CIOs on Tuesday, November 3. Sessions will cover identity management and governance, federating with federal agencies and the National Student Clearinghouse, and other topics related to identity and access management. Take a look at our listing of IAM sessions.
InCommon will roll out the ability to accept self-signed certs Thursday, Oct. 22. To provide information and answer questions, the InCommon Technical Advisory Committee (TAC) has scheduled a webinar for tomorrow (Thursday Oct. 22) at 2 p.m. EDT. The TAC will also entertain questions and discussion about SAML 2.0 support, Shib 2.x migration, among other technical issues.
The webinar will use Adobe Connect for slide- and screen-sharing (and chat), and a conference call bridge for the audio. Connection information is included below. The session will be archived for later viewing.
InCommon Technical Webinar
Thursday, October 22, 2009
2 p.m. EDT / 1 p.m. CDT / 11 a.m. PDT
Adobe Connect: http://internet2.acrobat.com/incommontech/
Phone:
+1-734-615-7474 (Please use if you do not pay for long distance)
+1-866-411-0013 (toll free US/Canada Only)
Access code: 0188018#
InCommon will host a town hall webinar on Monday, October 19, at 4 p.m. (EDT) to discuss the proposed business plan that merges InCommon and the Internet2 Middleware Initiative into the InCommon LLC.
The town hall will also include a discussion of the 2010 fee structure (interim) and plans for developing the fee structure for succeeding years.
There are a number of documents available as background information, including:
- The announcement of the proposed restructuring and fee structure.
- The interim fee structure for 2010
- The complete draft business and financial plan (pdf)
- Slides from the InCommon Future session at the I2 Member Meeting.
All InCommon participants, and other interested parties, are invited to join the call. Slides will be shared via Adobe Connect and the webinar will be recorded and archived. To join the call:
Enter the Adobe Connect room at http://internet2.na6.acrobat.com/incforum/
Call into the phone bridge:
+1-734-615-7474 (please use if you do not pay for long distance)
+1-866-411-0013 (toll-free US/Canada only)
Access code: 0107154#
Shibboleth IdP 2.1.4 is now available.
This release is a bug fix release. Deployers who use the Username/Password login handler to authenticate against an LDAP directory are strongly encouraged to upgrade. The previous version of the LDAP library contained a bug that prevented connections from being properly closed once authentication was complete.
InCommon has released two new case studies describing how campuses have federated with UniversityTickets and with StudentsOnly.
Lafayette College sought to provide student-only tickets to campus events through an agreement with UniversityTickets. The Dean of Students office worked with the company, but ran up against the challenge of providing user IDs and passwords for all 2,300-plus students. Lafayette turned to a federated solution, which the college had already used with some of its other resource providers, including library applications and the Moodle course management system.
At the University of Washington, "we wanted to offer the discount travel program as a service for our students," said registrar Todd Mildon. "But we did not want a third party accessing our directory and we did not want to generate many phone calls or visits to our office seeking student verification."
Washington and StudentsOnly, which provides a service using a number of enrollment verification methods, also decided a federated approach would provide value to all parties.
InCommon publishes case studies that outline problems facing identity providers and service providers, and outlining the development of a solution. The case studies can provide ideas for additional services to federate, as well as a resource to share with other campus offices.
The InCommon case studies are available at www.incommonfederation.org/cases.html
The Internet2 Member Meeting has kicked off in San Antonio. There are five InCommon sessions during the next three days, and three are available for remote participants. They include:
Federating with Health and Science applications, featuring speakers from the NIH and NSF. Tuesday, October 6, at 5:30 p.m. EDT / 4:30 p.m CDT / 2:30 PDT. Available via netcast.
The Future of InCommon, featuring a discuss of the draft business and financial plan and interim 2010 fee structure (approved unanimously by the InCommon Steering Committee. Wednesday, October 7, at 9:45 a.m. EDT / 8:45 a.m. CDT / 6:45 a.m. PDT. Available via Adobe Connect
InCommon Collaboration, featuring information from the InC-Library Services group and its work with vendors, as well as from the InC-Student group and its work with federating the National Student Clearinghouse Student Self-Service application. Wednesday, Oct. 7, at 4 p.m. EDT / 3 p.m. CDT / 1 p.m. PDT. Available via netcast.
For details on how to connect and participate, go to http://www.incommonfederation.org/FMM_09.html.
The InCommon Steering Committee and the Internet2 Board of Trustees continue to outline the future of InCommon, with the goal of having key decisions made at the Internet2 board's December meeting.
The proposed changes will be discussed in two sessions at the Internet2 Member Meeting: the InCommon Forum on Monday, October 5; and the Future of InCommon track session on Wednesday, October 7. The track session will be available to remote participants via Adobe Connect. For information on how to participate, go to www.incommonfederation.org/FMM_09.html.
The complete draft InCommon interim business and financial plan is available at the InCommon Collaborate wiki: https://spaces.at.internet2.edu/x/y4E0.
The plan includes a number of proposed changes:
- Merging the federation and the Internet2 Middleware Initiative under the InCommon LLC and refining the governance connections between the InCommon Steering Committee and the Internet2 governance structures.
- Implementing a new tiered fee structure for InCommon, starting in with an interim schedule for 2010.
- Providing InCommon with additional funds to secure its continued growth.
- Aggressively moving to introduce new assurance profiles, including Bronze and Silver.
- Exploring additional areas necessary for trust services, including training, consulting, and a possible certificate service.
InCommon and Middleware: The business plan creates an umbrella InCommon organization that incorporates both the trust services operation (the current InCommon federation) and the Internet2 middleware outreach, research, and development efforts.
Tiered Fee Structure: The plan includes a new interim tiered fee structure for the 2010 calendar year. This structure, approved unanimously by the InCommon Steering Committee, is aligned for expediency and, for this year only, to Carnegie classifications similar to Internet2's member levels. Under the new fee structure, annual dues will range from $1,100 to $3,000. Details on the tiers are available at www.incommonfederation.org/fees2010.html. Service providers will be classified based on their annual revenues. The fee structure for 2011 and beyond will continue with a tiered concept, but will be developed in an open fashion, allowing for participant input. Campuses will receive a letter with their classification/level of dues in late October.
Additional Capital: The Internet2 Board of Trustees has indicated its strong support the InCommon and identity middleware activities and for providing the necessary funding for InCommon to continue its growth and to offer additional services. The board has authorized the hiring of an executive director for InCommon, who will lead the implementation of this new business plan and will report to the Internet2 CEO. The Board will formally approve an InCommon business plan in December.
New Assurance Profiles: There are a growing number of drivers for the InCommon Bronze and Silver assurance profiles, including applications from the National Institutes for Health and the National Science Foundation. InCommon intends to have Silver in production by Fall 2010 and expects that this profile will have its own pricing structure.
Additional Trust Services: InCommon is growing beyond research-intensive institutions and is investigating services that may be required by smaller institutions, such as training, consulting, and installation assistance. InCommon is also exploring offering a certificate service, if it is financially viable and would provide universities with significant savings.
Town Hall: InCommon will host a town hall meeting Monday, October 19, for a discussion and update about InCommon's future structure and next year's tiered dues implementation. Details will be provided via the website and the participants mailing list.
This all represents the initial direction and support for the future of InCommon, with the goal of having the plan completed for the December meeting of the Internet2 Board of Trustees. Information will continue to be disseminated at www.incommon.org, via the InCommon participants mailing list, and by the InCommon RSS news feed.
InCommon Federation Forum, October 05, 2009, 4:30 PM - 6:00 PM
The Forum brings together members of the InCommon Federation community to discuss the latest issues surrounding the U.S. identity federation. Topics include InCommon's strategic direction, the Silver assurance profile, migration to SAML 2.0, and collaboration activities.
InCommon Forum Agenda (Live Oak Room)
Introduction and Announcements (15 min.) - John Krienke
Technical issues (30 min.) - Renee Shuey and RL "Bob" Morgan
- self-signed certs
- quarterly webinar/interactive call
- NIH/Silver Update
- appropriate QA/upgrade processes for IdPs
- others
Steering/Policy issues (30 min.) - Jack Suess
- InC Future Review
*Changes in structure, financing
Other Issues (15 min.) - Participants
InCommon News, October 1, 2009
In This Issue:
- InCommon Sessions at I2 Meeting via Netcast
- InCommon Future Session October 7
- EDUCAUSE Live Features John O'Keefe Oct. 2
- InCommon Technical Webinar October 22
- IdM and Cloud Computing
- EDUCAUSE Award Recognizes InCommon, Internet2
- New Case Studies Available
- New Participants
--------------------
InCommon Sessions at I2 Meeting via Netcast
Two key InCommon sessions at the upcoming Internet2 Fall Member Meeting will be available to all InCommon participants via the conference netcast. "Federating with Health and Science Applications" (Oct. 6; 4:30-5:30 CDT) and the "InCommon Collaboration Update" (Oct. 7, 3-4 p.m. CDT) will both be streamed live via the Web on October 6-7, from the conference in San Antonio. For details, see http://www.incommonfederation.org/FMM_09.html.
--------------------
InCommon Future Session October 7, Available via Adobe Connect
Recommendations included in a draft business plan for InCommon's future will be outlined at the InCommon Future track session at the Internet2 Fall Member Meeting, Wednesday, October 7, at 9:45 a.m. EDT. For those not attending the meeting in person, the session will be available to remote participants via Adobe Connect and a conference call bridge. For details and remote participation information, go to http://www.incommonfederation.org/FMM_09.html.
--------------------
EDUCAUSE Live Features John O'Keefe Oct. 2
John O'Keefe, director of academic technology and network services at Lafayette College, will be the guest on EDUCAUSE Live, Friday, Oct. 2 at 1 p.m. EDT. His presentation is titled "Emerging Technologies in Higher Education: Big School Solutions to Small School Problems." For more information, including how to register, see https://spaces.at.internet2.edu/x/h4Cg.
--------------------
InCommon Technical Webinar October 22
The InCommon Technical Advisory Committee has scheduled an InCommon Technical Webinar for Thursday, October 22, open to all members of the community. Topics for discussion include the launching of self-signed certs, a review of SAML 2.0 support, and other items. For more information, including how to participate, go here: https://spaces.at.internet2.edu/x/xYCg.
--------------------
IdM and Cloud Computing
Identity management, and the InCommon Federation, are key to a comprehensive approach to cloud computing, according to an article by Jack Suess and Kevin Morooney appearing in the September/October 2009 issue of EDUCAUSE Review. The article is titled "Identity Management and Trust Services: Foundations for Cloud Computing." A summary, and a link to the full article, is available at https://spaces.at.internet2.edu/x/GYCZ.
--------------------
EDUCAUSE Award Recognizes InCommon, Internet2
EDUCAUSE has announced that its 2009 Catalyst Award will be presented to "federated identity management systems." The award will be presented at the EDUCAUSE 2009 Annual Conference in Denver, November 3-6. InCommon and the Internet2 Middleware Initiative will be recognized for their contributions to federated identity management. See the details here: https://spaces.at.internet2.edu/x/EQKP.
--------------------
New Case Studies Available
Two new InCommon case studies are now available. One outlines how Lafayette and UniversityTickets worked together to federate the campus-wide ticketing system. The other looks at the University of Washington's work with StudentsOnly on a pain-free way to verify enrollment. See both at www.incommon.org.
--------------------
New Participants
Since September 1, these identity providers and services providers have joined InCommon:
Identity Provider:
• Oregon Health & Science University (www.ohsu.edu/)
Service Provider:
• NC Live (www.nclive.org/). NC Live is a statewide collaborative among the nearly 200 public and academic libraries in North Carolina.
--------------------
InCommon News is published by the InCommon Federation (www.incommon.org) for its participants and other interested parties. Send feedback or comments to woodbeck@internet2.edu.
This newsletter is sent to incommon-announce@incommonfederation.org.
To subscribe, send an email to sympa@incommonfederation.org with this message in the subject: subscribe incommon-announce.
To unsubscribe, sent an email to sympa@incommonfederation.org with this in the subject line: unsubscribe incommon-announce.