On March 16, 2012, InCommon registered its 1,000th entity in Federation metadata. Actually, there were four new service providers (SPs) registered on that day, so we’re declaring this a tie and each SP will share the distinction:
- NEXT Medicine Study (owned by University of Washington)
- Microsoft IT Federation Service (owned by Microsoft)
- Environmental Health and Safety development server (owned by Carnegie Mellon University)
- RightAnswers Unified Knowledge Platform (owned by RightAnswers, Inc)
We’ll be sending InCommon t-shirts to the site admins for each of these sites. Congratulations!
As of today (March 22, 2012), InCommon has 381 participants, 292 of which participate in the Federation. These organizations have deployed 231 identity providers (IdPs) and 771 service providers (SPs), for a total of 1,002 entities. You can find current lists of entities in metadata at https://incommon.org/federation/all-entities.html and you can see the growth over the past six-and-a-half years on the attached graph.
Since the beginning of 2011 to date, the Federation has seen a 38% increase in the number of IdPs and a whopping 74% increase in the number SPs. Almost 6 million individuals can now take advantage of the secure and privacy-preserving trust fabric offered by the InCommon Federation. Congrats to the community for making scalable identity and access management happen in a very big way.
Ann Arbor, Mich. – March 21, 2012 – Internet2 announced today that VASCO, a leading software security company specializing in authentication products, joined the InCommon Affiliate program.
InCommon, operated by Internet2, provides trust services for the U.S. education and research communities, including an identity management Federation Service and a Certificate Service. The 372 InCommon participants include colleges and universities, research organizations, agencies of the U.S. government, and private companies that offer web-based resources and services.
The Affiliate Program provides the research and education community with a way to safely and efficiently connect with partners that can help build the necessary underlying infrastructure that supports federated access.
VASCO offers strong user authentication to faculty, students, and staff while helping them to move away from complex passwords and reducing helpdesk costs. VASCO’s patented DIGIPASS technology can assist InCommon participants with achieving their desired InCommon certification through increased user access security. Scalability, flexibility, and simplified provisioning tools allow for a cost-effective way to deploy two-factor authentication to large user populations.
“Data integrity and availability of information pose a significant challenge for every organization. The combination of identity federation and strong authentication is a great step towards secure access to online resources for the higher education market,” declares T. Kendall Hunt, Founder, Chairman and CEO of VASCO Data Security. “Secure access to federated platforms is a high priority and this partnership creates a lot of opportunities for both parties involved.”
“We welcome VASCO to Internet2’s InCommon Affiliate Program,” said Jack Suess, chief information officer and vice president for information technology at the University of Maryland, Baltimore County and chair of the InCommon Steering Committee. “Two-factor authentication is of more and more interest to colleges and universities, as well as to InCommon as we begin to introduce higher levels of assurance. VASCO’s experience in strong authentication technologies can provide a key partnership link for our participants.”
The InCommon Federation provides a secure and privacy-protecting method for giving individuals access to protected or licensed online resources, such as library databases, multimedia content, research information, and services provided by government agencies. This shared management of identity and access simplifies online privacy and security. Researchers, students, faculty and staff can access protected or licensed online resources from other member institutions and third-party providers while safeguarding individual privacy.
For more information, and a list of current affiliates, go to www.incommon.org/affiliate.
About VASCO
VASCO is a world leader in strong authentication and e-signature solutions, specializing in online accounts, identities and transactions. As a global software company, VASCO serves a customer base of approximately 10,000 companies in over 100 countries, including more than 1,700 international financial institutions. In addition to the financial sector, VASCO's technologies secure sensitive information and transactions for the enterprise security, e-commerce and e-government industries. www.vasco.com
About Internet2
Internet2 ®, whose network is operated and led by U.S. research universities, is one of the worldʼs most advanced networking consortia for global researchers and scientists who develop breakthrough Internet technologies and applications, and spark tomorrowʼs essential innovations. Internet2 consists of more than 350 U.S. universities, corporations, government agencies, laboratories, higher learning, research and education networks, and other organizations.
About InCOMMON
InCommon ®, operated by Internet2, serves the U.S. education and research communities, supporting a common framework of trust services and operating the InCommon Federation, the U.S. trust federation for research and education, and the community-driven InCommon Certificate Service. The InCommon Federation enables scalable, trusted collaborations among its community of participants. The Certificate Service offers unlimited certificates to the U.S. higher education community for one fixed annual fee. For more information, see www.incommon.org.
A community comment period is now open for proposed changes to the definition for the Research & Scholarship Category. InCommon recently created this category to allow identity providers to release a minimal set of attributes by default to qualifying Service Providers, a simpler and more scalable approach than negotiating with each service provider.
What is the purpose for the proposed changes? Many services in the federation serve multiple goals. A wiki, for example, may support research and scholarship, but may also be used in teaching and learning. The proposed changes are intended to ensure that identity providers are confident that they are releasing a set of default attributes to defined research and scholarship applications, while not being overly restrictive to services that may have additional uses.
The proposed changes, including a DIFF between the current and proposed wording, are available at https://spaces.at.internet2.edu/x/woDEAQ. Comments may be made using the comment function on the wiki page (which requires logging in) or by emailing info@incommon.org. The comment period is open through March 30, 2012.
In February, the InCommon Steering Committee approved revisions to the InCommon Federation Operating Policies and Practices (FOPP). Modifications were made for four main reasons:
• Additions for the Assurance program (which opened last week)
• Additions related to the relatively new third category of InCommon Participants: Research Organizations
• Deleting irrelevant material related to our no-longer-in-use self-rooted InCommon CA
• Other small modifications to keep the document current
The revised FOPP is available on the InCommon website, along with a file showing the modifications adopted on February 13.
The InCommon Assurance Program has opened for business.
More than 15 campuses already plan to apply for Silver certification in 2012, anticipating the use of applications from the National Institutes of Health, the National Student Clearinghouse, and other service providers. There is also a group of campuses working on a cookbook for using Microsoft’s Active Directory to comply with the Silver Profile.
The assurance program certifies campuses, research organizations and not-for-profit sponsored partners that meet the identity and credential management requirements for specific profiles or practices.
InCommon has two published sets of practices, Bronze and Silver, which align with the US government’s NIST levels 1 and 2, respectively. Bronze has a security level that slightly exceeds the confidence associated with a common Internet identity. Silver has a security level appropriate for financial transactions.
Central to the certification process is the Assurance Advisory Council, comprised of community members that will make certification recommendations to the InCommon Steering Committee.
An archived webinar (originally conducted on Feb. 29, 2012), includes details on the program, the certification process, and the Assurance Advisory Council. Details are also available at assurance.incommon.org.
InCommon Confab: Scaling Community Trust
April 26 (8 am – 5 pm), April 27 (8 am – noon)
Crystal Gateway Marriott, Arlington, Virginia
www.incommon.org/confab2012.html
REGISTRATION: Registration is now open for the 2012 InCommon Confab, April 26-27, in Arlington, Virginia.http://events.internet2.edu/2012/spring-mm/registrationintro
TOPICS: This fast-paced, information-filled workshop will give you the opportunity to learn how the InCommon community is using trust services to enhance users’ experiences and scale online relationships.
AT THE InCOMMON CONFAB, you can explore one-and-a-half days of sessions covering the gamut of topics related to federated identity, certificates, assurance, and who’s doing what. After each topic, you’ll hear more about how to get involved and connect up with others. This is a great opportunity to compare notes with colleagues working in the same area and learn what they are doing.
NEW TO THE FEDERATION and want to know more about recommended practices? We’ll have an entire track just for you as well as a track for those who use federation extensively.
PARTICIPANTS AT ALL POINTS on the adoption curve--from those who are just getting started with InCommon to those who have been active for years--will benefit from in-depth discussions and fast-paced presentations.
Topics will include:
- Getting Your Return on Investment: Scaling the Federation
- Connecting collaborators in research and the academy.
- Using InCommon Recommended Practices
- Understanding assurance in identity
- Deploying stronger authentication
AUDIENCE: InCommon higher education, research and corporate participants are encouraged to send technologists, IT leadership, and leadership from closely-aligned areas to learn about these issues together and leave with plans for furthering efforts back home.
REGISTRATION: Registration is now open at the Internet2 Spring Member Meeting website. Please note that you DO NOT have to attend the Spring Member Meeting to attend the Confab.http://events.internet2.edu/2012/spring-mm/registrationintro
HOTEL and TRAVEL: The meeting will take place at the Crystal Gateway Marriott in the Crystal City area of Arlington, Virginia. The hotel is just one Metro stop from Washington National Airport. http://events.internet2.edu/2012/spring-mm/hoteltravel
QUESTIONS? Email info@incommon.org
Securing Campus Active Directories for InCommon Silver Assurance - A Collaborative Effort
Wednesday, March 14, 2012
3 pm ET / 2 pm CT / 1 pm MT / Noon PT
internet2.adobeconnect.com/iam-online
Does your campus use Microsoft's Active Directory? Are you interested in the InCommon Assurance Program; specifically, making the move to the Silver level of assurance? Join us to learn about a community project and case studies from two campuses who are doing both.
A number of InCommon participant institutions are preparing for certification for the InCommon Silver level of assurance. In their gap analysis work, they identified several challenges with supporting the Silver practice set (or profile) using Microsoft’s Active Directory Domain Services (commonly referred to as “Active Directory” or “AD”). Now, almost a year later, the group has finished their work on a “cookbook” for configuring AD for compliance with the technical requirements of InCommon Silver.
Speakers
Nick Roy, University of Iowa
Mark Rank, University of Wisconsin-Milwaukee
Chris Spadanuda, University of Wisconsin-Milwaukee
Moderator
Ann West, InCommon Assurance Manager
http://internet2.adobeconnect.com/iam-online
Back-up phone bridge for audio:
Dial-in numbers:
(734) 615-7474, or
(866) 411-0013 (toll-free US/Canada)
Access code: 0157272#