IAM Primer Slated for ACUTA Winter Seminar
Our University of Wisconsin-Madison colleague Steve Devoti will lead a primer on identity and access management at the upcoming ACUTA Winter Seminar, January 25-28 in Anaheim. (Association for College and University Technology Advancement. More details about the seminar and ACUTA at www.acuta.org/ws15.
George Washington University Certified for Bronze
The George Washington University has become certified for the InCommon Bronze Identity Assurance Profile under the InCommon Assurance Program. GW used the representation of conformance method for qualifying for Bronze certification. This simplified approach requires no audit; the identity provider attests to compliance by signing the assurance addendum to the InCommon participation agreement.
"GW has had a formal Identity and Access Management (IAM) Program since 2010, with a vision to provide simplified, timely, secure, and consistent access to necessary IT resources for our constituents throughout their lifecycle,” said Asif Hafiz, director of identity and access management services at the university. “Identity Assurance is key component of GW’s IAM program. It helps determine, with some level of certainty, that electronic credentials representing an identity can be trusted to belong to the entity. At GW, we feel that the InCommon assurance program provides an identity assurance assessment framework suitable for the higher education environment."
InCommon currently has two identity assurance profiles that have been approved by the U.S. government: InCommon Bronze and Silver. Bronze is comparable to the National Institute of Standards and Technology (NIST) Level of Assurance 1. Silver, comparable to NIST’s Level of Assurance 2, requires proof of identity and has security appropriate for higher-risk transactions.
The InCommon Assurance Program supports InCommon’s mission to provide secure and privacy-preserving trust services for its participants. Enabling higher-value, higher-risk services requires increased trust by the organizations that run the identity and cloud services. The Assurance Program allows Identity Providers to demonstrate security and trust through the use of standards-based identity practices.
For more information about the Assurance Program please visit assurance.incommon.org. Campuses interested in the InCommon Assurance Program are invited to join the monthly Assurance calls, which are announced on the Assurance email list. To join this list, send email to sympa@incommon.org with the subject line: subscribe assurance.
The December 2014 issue of the InCommon Update is available. Highlights include:
- Are Passwords Passe? Deployment Strategies for MFA
- InCommon Reaches 700 Participants and Other Milestones
- Technology Exchange Highlights
- Harvard University Achieves Bronze
- nanoHUB New Research & Scholarship SP
- Grouper Releases Version 2.2.1
- Email lists, minutes, new participants, and more
Harvard University Certified for Bronze Assurance
Harvard University has become certified for the InCommon Bronze Identity Assurance Profile under the InCommon Assurance Program. The Assurance Program allows Identity Providers to demonstrate security and trust through the use of standards-based identity practices.
Harvard used the representation of conformance method for qualifying for Bronze certification. This simplified approach requires no audit; the identity provider attests to compliance by signing the assurance addendum to the InCommon participation agreement.
“InCommon participation and certification addresses several of our key tenets – simplifying the user experience, enabling research and collaboration, and protecting university resources,” said Scott Badner, senior technology consultant at Harvard. “This makes good on our vision goals of providing secure, easy access to applications via solutions requiring fewer login credentials, enabling collaboration across and beyond Harvard.”
InCommon developed the assurance program as part of its mission to provide secure and privacy-preserving trust services for its participants. Enabling higher-value, higher-risk services requires increased trust by the organizations that run the identity and cloud services.
InCommon currently has two identity assurance profiles that have been approved by the U.S. government: InCommon Bronze and Silver. Bronze, comparable to the National Institute of Standards and Technology (NIST) Assurance 1 level, has credential security associated with basic Internet interactions. Silver, comparable to NIST’s level of Assurance 2, requires proof of identity and has security appropriate for higher-risk transactions.
More information about the assurance program is at assurance.incommon.org.
IAM Online – Wednesday, December 10, 2014
2 pm ET / 1 pm CT / Noon MT / 11 am PT
www.incommon.org/iamonline
Are Passwords Passé? Deployment Strategies for Multi-Factor Authentication - Director's Cut
You may have heard them at the EDUCAUSE Annual Meeting, but David Walker and Mike Grady return on Wednesday, December 10 (2 pm ET) for a special appearance at IAM Online.
Increasingly, passwords alone cannot continue to protect online systems. A Cohortium or more than 40 institutions evaluating multifactor authentication alternatives (phone, certificates, and hardware-based tokens) to mitigate risks and increase security. In this talk, we will outline the issues an institution should consider when selecting and deploying a strategy for multi-factor authentication, including business drivers, policy concerns, and technical factors.
Speakers
Mike Grady, Unicon
David Walker, Internet2
Moderator
Chris Misra, University of Massachusetts
Connecting
We use Adobe Connect for slide sharing and audio: http://internet2.adobeconnect.com/iam-online. For more details, including back-up phone bridge information, see www.incommon.org/iamonline.
About IAM Online
IAM Online is a monthly online education series brought to you by Internet2’s InCommon community and the EDUCAUSE Higher Education Information and Security Council.