Per-Entity Metadata Pilot Study Opens
The InCommon Technical Advisory Committee seeks your participation in the Per-Entity Metadata Pilot Study. This six-month pilot is intended to "explore the utility of signed, per-entity metadata as an alternative to metadata aggregates."
Email list participants will discuss the feasibility of distributing metadata on a per-entity basis, rather than the batch-oriented model currently used. As the federation grows, and larger numbers of SPs and IdPs are introduced into InCommon metadata, the batch-oriented distribution model will become strained. While it is believed that the current distribution mechanisms will remain viable in the short to medium term, there has been progress on multiple fronts with respect to per-entity metadata.
The goal of this pilot study is to examine and experiment with these new techniques while mapping a strategy for metadata distribution that will carry us well into the future.
More information is available in the wiki. All discussion will take place on the email list. Please join us!
Internet2’s InCommon Community Welcomes its 200th Sponsored Partner
DocuSign joins trust federation for U.S. research and education community
Internet2 is proud to announce that InCommon—the trust federation for U.S. education and research institutions—has welcomed its 200th Sponsored Partner. DocuSign, the nation’s leading electronic transaction management company, has joined InCommon. DocuSign is welcomed to a community of 461 higher education institutions, 33 government and non-profit research centers and agencies, and 200 corporate and non-profit Sponsored Partners.
DocuSign’s digital transaction management platform helps organizations keep processes 100 percent digital from start to finish and allows for the secure electronic sending and signing of documents. In addition to joining InCommon, the company is also participating in the Internet2 NET+ program, where it is moving through the service validation phase.
“This year marks the 10th anniversary of InCommon whose significant growth continues to accelerate,” said Shelton Waggener, senior vice president of Internet2. “Hundreds of universities, institutions and companies have seen the benefit of a collaborative trusted, scalable approach to identity and access management. I invite all of the research and education community, and the commercial partners who serve them, to join this community-led approach to trust services.”
For more information on InCommon and a full list of participants, visit www.incommon.org
InCommon Affiliate Webinar Series: Aegis Identity
Wednesday, November 19, 2014
2 pm ET | 1 pm CT | Noon MT | 11 am PT
Join via Adobe Connect (slides and audio): http://internet2.adobeconnect.com/affiliate
Case Study in Just in Time Provisioning and ID Proxy Management
This webinar will look at technology developed in conjunction with a K-12 consortium to provide for a multi-tenancy proxy IdP with real-time provisioning for a common Shibboleth assertion. Coupled with the Federation Registry, which allows for tenant self-service on-boarding and SP request and approval, the consortium is setting their stage for intrastate K-12 federation.
Presenters:
Jim Faut, Director of Software Development, Aegis Identity Software, Inc.
Ames Fowler, Solution Engineering Manager, Aegis Identity Software, Inc.
Connnecting
Slides and audio will be available via Adobe Connect:
http://internet2.adobeconnect.com/affiliate
Dial-in back-up:
734-615-7474, or 866-411-0013
PIN: 0105266#
About Aegis Identity
Aegis Identity Software has multiple goals: (1) to provide contemporary identity management solutions, (2) align with open source identity management technologies (such as Shibboleth, CAS, Grouper), and (3) using the EDUCAUSE model of “collaborative sourcing” to deploy IdM solutions quickly and without incurring a large professional service expense to the university.
Designed specifically for higher education, TridentHE, provides an identity management platform to automate provisioning/de-provisioning, identity synchronization, password management and user self-service. Unlike legacy “full solution” suites, TridentHE is an IdM software solution designed with contemporary technology and SOA based open standard provisioning engines resulting in a solution with a focus on cost savings, compliance and optimal risk management.
About the InCommon Affiliate Webinar Series
InCommon Affiliates offer software, support, integration, and consulting related to identity and access management, and other trust services. This webinar series provides an opportunity for affiliates to share ideas and solutions with the community. You can learn more about the affiliates at www.incommon.org/affiliates.
IAM Online – Wednesday, November 12, 2014
2 pm ET / 1 pm CT / Noon MT / 11 am PT
www.incommon.org/iamonline
Turning Off NTLMv1 or How to Approach Turning Off Legacy Technology
Do you have legacy technologies that you would like to abandon . . . or at least turn off? How can you identify the potential impacts? And what does all of this have to do with an Active Directory Cookbook?
Nick Roy will introduce you to the Active Directory Silver Cookbook and Brian Arkills will discuss how the University of Washington successfully turned off NT LAN Manager - specifically NTLMv1 - and the strategies employed to avoid undesirable impacts and rollback hell. Brian will also note how other IT service managers might successfully approach turning off (or discouraging) legacy technology using similar strategies.
Brian suggests a portion of the the Active Directory Silver Cookbook, developed by members of the InCommon community, would make useful background reading (http://goo.gl/AuJjbI). This link takes you to the “Ensure IdP Authentication Secrets are Protected in Transit” section and the suggested configuration changes including turning off NTLMv1.
Speaker: Brian Arkills, University of Washington
Moderator: Nick Roy, Penn State
Connecting
We use Adobe Connect for slide sharing and audio: http://internet2.adobeconnect.com/iam-online. For more details, including back-up phone bridge information, see www.incommon.org/iamonline.
About IAM Online
IAM Online is a monthly online education series brought to you by Internet2’s InCommon community and the EDUCAUSE Higher Education Information and Security Council.