Building Identity Trust Federations
Wednesday, February 18 at 4:00pm ET
Bridge Number: 877-944-2300
- Chuck Hedrick, Rutgers
- Mark Schieble, NC STate
- George Laskaris, NJEdge
- Sujay Daniels, NJEdge
- Ron Janz, Rutgers
- Renee Shuey, Penn State
- Harper Johnson, Northern AZ
- Andy Rosenzweig, Merit
- Mary Fran Yafchak, SURA
- Linda Hilton, Vermont State Colleges
- Randy Stout, Kan-ed Network
- John Krienke, Internet2
- Gary Crane, SURA
- Ann West, Internet2
- Grace Agnew, Rutgers
- Ben Oshrin, Rutgers
- Ana Preston, Internet2
- Steve Carmody, Brown/Internet2
- Kevin Morooney, Penn State
- Ken Kligenstein, Internet2
- John Krienke, Internet2/InCommon
Renee Shuey, InCommon Technical Advisory Committee cochair, Penn State delivered a presentation on InCommon and Federations.
- Are there plans for InCommon to include K12? Yes. NC State Federation pilot will be sponsoring a couple of K12 districts into the InCommon federation. For more information about the longer term, see the Futures discussion below.
- What happens when we need to send an attribute that isn't defined by InCommon? One can certainly define/agree upon additional attributes among partners and pass those as well among the orgs in your consortium. It's not a technical issue; it's a governance issue and defining what you need on top of InCommon to do your work together. That's basically the model of the UC Trust federation.
Kevin Morooney, CIO of Penn State and Vice Chair of InCommon Steering Committee discussed the InCommon Futures Group, a newly formed committee looking at InCommon future membership, funding and organization models. InCommon is growing relatively rapidly and expanding services such as rolling out new trust levels. Longer term, who should it serve and how, and what's it role in the US and internationally? The Futures Group must develop effective and scalable mechanisms to get feedback from broad stakeholders, such as this group. Where does InCommon belong? It's an Internet2 operation, but longer term, should it stay with this organization? Kevin then asked this group to collectively provide feedback to the Futures discussion.
RI: They are dealing with no child left behind and related testing, and there are many K12 districts are using SIS to track the results. We are also using networked-based services to communicate with parents and develping the ability to have student portfolios which must be access years after graduation. We're experiencing growing identity related problems that span cradle to grave.
Morooney: How does InC-Futures Group engage K12? Maybe through this or the StateNets group?
NJ: The main issue with InCommon for including K12 is cost. For those who can't run their own Shibboleth service, how does that play into dues structure of InCommon? If we had a collaborative of K12 schools, libraries, museums, historical societies, would that fit into the membership model? For the NJ project, InCommon may not be doable in phase one, but it seems like InC is in the future. We're suveying the constituents, but still need to get a better feeling of the Shibboleth readiness in the state. NJ may drive new membership models.
NC: Agrees with RI. NC is running a pilot with K12 and higher ed and sponsoring 2 K12 districts into InCommon. So far, they are primarily focused on Shibboleth training and joining process, but they still have questions about who will be the identity providers for these districts? They do have an IdM for the larger districts, but concerned about smaller onews. Also what are the privacy issues and how can we control access so that the second graders don't get access to materials beyond their years. What are the privacy issues in K12 as well? They expect to have a stricter attribute release policy. In addition, students move around the state so having an identity in one district isn't as useful; they may want ot track across the state.
Internet2/InCommon: UK is dealing with this too and they are looking a regional agregation. There are other membership models being considered that would better accommodate K12. The UK does have a single federation for higher education and K12, but they make it look like two: one managed by BECTA and the other by JISC. Also, federations are technical/business process and user experience thing. In the future, the user experience will be transparent: folks won't need to know who's a member of what and won't care as long as it works.
NC: Identity standards in the UK can be pushed centrally too and more quickly achieve standardization across their institutions.
AZ:SIF, a schema and set of protocols for moving data, is a very common standard in K12 to integrate various systems in that community. We could use that. SIF has wide spread adoption and good ability to exchange information about students.