Blog from March, 2014

April 2014 InCommon Newsletter
Dean Woodbeck (internet2.edu) posted on Mar 31, 2014

April 2014 InCommon Newsletter

The latest issue of the InCommon Update newsletter has been published. Items include:

  1. InCommon, Middleware sessions at the Internet2 Global Summit
  2. IAM Online April 30: Multi-Context Broker and Multifactor Authentication
  3. Cirrus Identity Affiliate Webinar April 23
  4. Cirrus Identity Joins Affiliate Program
  5. Shibboleth Installation Training Scheduled in July, September
  6. New Members and Expanded Role for InCommon Steering
  7. Federation Deploys New Metadata Aggregates
  8. 2013 InCommon Accomplishments Published
  9. InCommon Welcomes Harvey Mudd as 600th Participant
  10. New Certificate Service Subscribers
  11. New InCommon Participants
  12. Featured Affiliates: Aegis Identity, Fischer International, Unicon
  13. Thumbnails of New Sponsored Partners
InCommon Publishes 2013 Accomplishments
Dean Woodbeck (internet2.edu) posted on Mar 19, 2014

InCommon Publishes 2013 Accomplishments

InCommon has published a list of accomplishments for the calendar year 2013. The InCommon leadership thanks the community for their work and their commitment, which made all of these achievements possible.

Multi-Context Broker Eases the Integration of Multifactor Authentication
Dean Woodbeck (internet2.edu) posted on Mar 18, 2014

Multi-Context Broker Eases the Integration of Multifactor Authentication

Is your campus considering the implementation of multifactor authentication to bolster security beyond passwords? Are you considering implementing multiple local or InCommon Assurance profiles? If so, and you use Shibboleth single sign-on software, your job just got easier.

The Internet2 community has released an extension to the Shibboleth software, the Multi-Context Broker (MCB) that significantly eases the integration of multifactor authentication technologies and the management of InCommon Assurance Profiles.

With the MCB, organizations can easily support single sign-on for multiple authentication methods. No custom code is needed. Once configured, MCB automatically selects appropriate authentication methods, based on service provider requests, user certifications, user choice, and hierarchies of assurance profiles like InCommon Bronze and Silver. The MCB currently supports username/password, X.509 client certificates, and Duo Security as authentication methods, and more methods are in the works.

Internet2 funded the MCB development through InCommon and the Scalable Privacy Project, which is supported by a grant from the National Strategy for Trusted Identity in Cyberspace (NSTIC). The University of Chicago, the University of Illinois, and the University of Toronto provided testing for the MCB.

The Multi-Context Broker plug-in and detailed documentation for installation and configuration are available at the Shibboleth Project wiki, and source files are available at GitHub. For details, see the MCB wiki page. This page also includes a complete description of the MCB and sample configurations for support of Duo Security, InCommon Silver, and a SafeNet USB-format token.