In This Issue:
- May 11 IAM Online: The Challenges of User Consent
- CAMP Registration Open: Prices Increase May 31
- ACAMP: Identity Services Summit III, May 25-27
- Unicon Renews as InCommon Affiliate
- InCommon Highlights from the Spring Member Meeting
- New Participants for March and April
Campuses are seeking a scalable approach to managing attribute release. Automating the user consent procedure, combined with metadata-driven attribute release, provides an approach that greatly simplifies this process. This IAM Online will include a demo of uApprove for managing user consent, and a discussion of the use of attribute groups for simplifying consent. May 11 at 3 p.m. EDT. For details, see www.incommon.org/iamonline.
The program is now online for CAMP: Hot Topics in Identity and Federated Identity Management (June 21-23 in Columbus, Ohio). You can save with early-bird rates by registering by May 31. We’re also having a pre-meeting seminar, Introduction to Federated Identity Management (separate registration required).
Managers and technical implementers will find concrete solutions and valuable discussion and guidance in a number of areas, including:
- Potential uses for social identity in higher education
- Assurance profiles and more-stringent identity proofing requirements
- Best practices for federating
- Attribute release and user consent
- Building blocks for campus access management
- Cloud computing and shared service models – and what lies ahead
Advance CAMP: Identity Services Summit III, will focus on better provisioning, access management and other identity-related problems. Participants will work with identity leaders and developers across higher education to help design the next generation architecture. Registration is still open.
Unicon, Inc., a leading provider of IT consulting services for the education market, has renewed as an InCommon Affiliate for 2011. For details about Unicon (www.unicon.net), see the information near the end of the newsletter.
- Attendees heard about changes in the Identity Assurance Program (a.k.a. Bronze and Silver) intended to streamline the adoption process. Read a summary at: https://spaces.internet2.edu/x/NpKAAQ.
You can find the Assurance Program documents, the FAQ, and more information at https://spaces.internet2.edu/x/4SM
- User consent for attribute release was also a key topic. Attendees saw a demo of uApprove, a Shibboleth add-on to enable user consent, and heard about the potential of common attribute sets. The demo is available on the Policy Forum Netcast archive, starting at approximately 33:40 of the video. http://preview.tinyurl.com/3nbjh6b
- The Technical Forum included discussion of an administrative interface to create/maintain metadata, allowing an admin to use an attribute consuming service, including requested attributes and such user interface elements a display name, description, keywords, information URL, privacy statement URL, and a logo URS. Read the notes at https://spaces.internet2.edu/x/MJKAAQ.
- The Policy Forum included a review of InCommon goals for 2011, an update on the InCommon Certificate Service (client certificates available soon), and user consent for attribute release. Read the notes at: https://spaces.internet2.edu/x/LpKAAQ, or see the Netcast archive at: http://preview.tinyurl.com/3nbjh6b
- A track session provided an update and future plans for the Certificate Service, and perspectives from subscribers. See the Netcast archive at: http://preview.tinyurl.com/3ky5nrb
InCommon welcomed nine new participants in March and April, bringing the total to 290.
- Ball State University (www.bsu.edu)
- Drexel University (www.drexel.edu)
- Lansing Community College (www.lcc.edu)
- Mayo Clinic (www.mayo.edu)
- Rensselaer Polytechnic Institute (www.rpi.edu)
- University of Montana (www.umt.edu)
- Vermont State Colleges (www.vsc.edu)
- ARTstor (www.artstor.org)
- Institute for Advanced Study (www.ias.edu)
ARTstor (www.artstor.org) provides 1.3 million digital images for educational and scholarly use, serving an increasingly broad range of disciplines and users at over 1,300 educational institutions in 42 countries. Its mission extends to the development of sophisticated software and services to enable greater ways of accessing visual materials online. ARTstor recently launched Shared Shelf, a web-based software service with cataloging tools, controlled vocabulary warehouse, digital asset management system, and web-publishing tools. ARTstor is also working with The Getty Research Institute and the Avery Architectural and Fine Arts Library at Columbia University to create a Built Works Registry (BWR), a community-generated data resource for architectural works and the built environment.
The Institute for Advanced Study (www.ias.edu) is one of the world’s leading centers for theoretical research and intellectual inquiry. The Institute exists to encourage and support fundamental research in the sciences and humanities. It provides for the mentoring of scholars by a permanent faculty of 28. The Institute, founded in 1930, is a private, independent academic institution located in Princeton, New Jersey. Its more than 6,000 former members hold positions of intellectual and scientific leadership throughout the academic world. Some 25 Nobel Laureates and 38 out of 52 Fields Medalists, as well as many winners of the Wolf or MacArthur prizes, have been affiliated with the Institute.
Unicon, Inc., is a leading provider of IT consulting services for the education market. Unicon works closely with colleges, universities, and corporations to find the best solutions to meet their business challenges. Unicon specializes in using open source technologies to deliver flexible and cost-effective systems in the areas of enterprise portals, learning management systems, identity and access management, online video, calendaring, email, and collaboration. Unicon is a Sakai Commercial Affiliate; an InCommon Affiliate; an Industry Member of Internet2; a Jasig and VMware Partner; an authorized Solution Provider for CAS, uPortal, and VMware; a services partner and reseller of Kaltura, Liferay, and Zimbra; and a Contributing Member of the IMS Global Learning Consortium. For more information, visit: www.unicon.net.
InCommon News is published for InCommon participants and other interested parties. InCommon is an LLC of Internet2. Send feedback or comments to email@example.com.
This newsletter is sent to firstname.lastname@example.org. To subscribe or unsubscribe, send an email to email@example.com with one of these messages in the subject: subscribe incommon-announce or unsubscribe incommon-announce. You can also subscribe to the InCommon RSS news feed, which includes this newsletter, by visiting www.incommon.org.
The InCommon Identity Assurance Program is closer to adoption with the draft version 1.1 of two key documents, which were discussed at the Spring 2011 Spring Internet2 Member Meeting. Members of the InCommon TAC (Technical Advisory Committee) reviewed version 1.1 of both the Identity Assurance Profiles (IAP) and the Identity Assurance Assessment Framework (IAAF).
Final approval of the v1.1 documents by InCommon Steering is pending. The documents, along with a review guide outlining the changes from v1.0, are available at https://spaces.internet2.edu/x/4SM.
The original (1.0) versions of these documents were published in 2008, based on an earlier set of US government requirements. In 2009, the US government ICAM program published new requirements, generally compatible but somewhat less rigorous. In 2010, InCommon received feedback from participants attempting to comply with the InCommon documents that indicated some "pain points" and suggestions for improvement.
The v1.1 documents are intended to remove some burdensome outdated requirements and references, harmonize terminology, clarify remaining requirements, and separate technical measures from compliance processes.
The IAP defines the requirements that Identity Provider Operators must meet for Bronze and Silver identity assurance certification, which are intended to be compatible with the U.S. government’s LoA 1 and 2. The IAAF describes the identity assurance trust model that InCommon has adopted, including a functional model for IdPs, a certification model describing how certification is accomplished. It also characterizes the methodology that must be used in performing an assessment of an Identity Provider Operator.