IAM Online - Tuesday, December 6, 2011
3 p.m. ET / 2 p.m. CT / 1 p.m. MT / Noon PT
www.incommon.org/iamonline
Multifactor Authentication in Higher Education
The classic case for multifactor authentication is the need for higher-assurance authentication for transactions that expose the institution to significant risk. Another driver is the desire of some end-users and system administrators to self-select for heightened security. The U.S. Department of Education plans to require two-factor authentication for assets that are part of the Federal Student Aid program. Join us for an overview on the topic and participate in a discussion of business drivers, technology options, potential barriers, and current implementations of multifactor authentication.
Speakers
Steven Burke, Federal Student Aid, U.S. Department of Education
Shilen Patel, Senior IT Analyst, Duke University
Miguel Soldi, Information Security Policy and Resourcing Analyst,
University of Texas System
Host/Moderator
Rodney Petersen, Senior Government Relations Officer and Managing Director of the Washington Office, EDUCAUSE
Connecting
We use Adobe Connect for slide sharing and audio: http://internet2.adobeconnect.com/iam-online. For more details, including back-up phone bridge information, see www.incommon.org/iamonline.
ABOUT IAM Online
IAM Online is a monthly online education series including essentials of federated identity management, hot topics from the EDUCAUSE Identity and Access Management Working Group, and emerging topics in IAM. Experts provide overviews, answer questions and lead discussions. IAM is brought to you by InCommon in cooperation with Internet2 and the EDUCAUSE Identity and Access Management Working Group.
We’ve created some new dynamic web pages intended to give you more information about all of the services available throughout the InCommon Federation. Specifically, we want to make it easier to identify and promote services, and therefore increase the value of federation to everyone.
On the InCommon website, you will now find a list of all identity providers and service providers deployed in the federation (https://incommon.org/federation/all-entities.html). You’ll see tabs for IdPs and SPs at the top of the page. This will complement the list of all InCommon participants.
This past summer, each organization was asked to provide a number of new metadata elements for each identity provider and/or service provider registered in the federation (called entities). We’re using that information to create an individual web page that includes:
- the name and logo for the service provider/identity provider
- a short description
- a URL that leads to additional information
- a URL that leads to a privacy statement
- contact information (names and email addresses for the administrative, technical, and support contacts in metadata)
- for service providers, a list of requested attributes
One reason we’re exposing this information is to increase the value of the federation for sponsored partners by showing more information about the services they provide. We also hope this helps current participants find new services with which they can federate.
If you go to your entity page(s) and see that some information is missing, your site administrator can make the fix by adding the appropriate elements to your metadata. In particular, you’ll see a number of service providers listed under “other.” Your administrator can fix that simply by providing a display name in metadata.
More information is available in the FAQ on the InCommon Collaborate wiki: https://spaces.at.internet2.edu/x/5IOVAQ.
The November InCommon Update is available at www.incommon.org/newsletter. This issue includes:
- InCommon Receives Online Trust Leadership Award
- Federate with Research.gov
- InCommon Sets 2012 Fees
- Resources Available from Internet2 Member Meeting
- First Year of Certificate Service: Tens of Thousands Issued
- New Participants in October
EDUCAUSE, Internet2's Higher Education Information Security Council, and REN-ISAC have announced a call for proposals for the 2012 Security Professionals Conference, May 15–17, 2012, in Indianapolis (and online).
The conference, "Security Everywhere: Exploring the Expanding World of Security," will address the goal of information security professionals of supporting constituents’ ability to take advantage of modern computing in safe and secure ways. And, as the definition of “security” grows to include privacy, identity management, physical security, information assurance, and more, it is imperative to share information and experiences with peers.
See details of the conference and guidelines for proposals at the conference website. The proposal deadline is December 16, 2011.