20 June 2012

Building Identity Trust Federations Conference Call

June 20, 2012

1) In Attendance

• Suresh Balakrishnan (University System of Maryland)
• David Bantz (University of Alaska)
• Oleg Chaikovsky (Aegis)
• Ames Fowler (Aegis)
• Michael Hodges (University of Hawaii)
• George Laskaris (NJEDge.Net)
• Greg Monaco (Kansas State University)
• Rodney Petersen (EDUCAUSE)
• Chad Rabideau (Aegis)
• Mark Scheible (MCNC)
• Valerie Vogel (EDUCAUSE)
• David Walker
• Ann West (Internet2/InCommon)
• Dean Woodbeck (InCommon)
• Janet Yarbrough (Aegis)

2) Aegis White Paper: Trends in IAM Solutions in Higher Education Institutions

• Speakers: Ames Fowler, Oleg Chaikovsky, and Janet Yarbrough
• Aegis Identity Survey White Paper (PDF)
• Aegis Presentation: Trends in Identity and Access Management in Higher Education to US Federations (PPT) (PDF version)

• Originally established this third-party survey because Aegis provides resources and services to the higher education community and they wanted to make sure they truly understood the current business challenges higher ed is facing. As they developed the survey and received responses, it was apparent that there were valuable results. Aegis felt that it was compelling and their responsibility to share the info and allow the community to see the benefits of info gleaned from the survey.
• Survey background
  • Conducted survey over 3 month period in 2 week increments (Jan. 1 – Mar. 15, 2012)
  • Made over 8,000 phone calls with 165 live calls/interviews. 96 fully completed surveys.
  • The data and analysis focused on
    • Use of IAM technologies
    • Drivers of the utilization
    • Challenges on campus or in pursuing the technology
  • Focused on foundational IAM (provisioning/pw management)
  • Direct inferences can be made in federation
• Findings and Implications
  • Internal SSO is highly utilized on campuses. Fewer had low-no plans indication. (well adopted)
  • PW management used in about half of the campuses (generally adopted)
  • Provisioning used in about 1/3 of institutions. (low adoption rate and 30% of campuses had no plans to adopt provisioning)
  • Developing campus policies and procedures was a challenge in over 60% of responses
  • Question: How many significant security incidents related to user identification, authentication, or authorization has your institution experienced in the past 2 years. Combining one or more than one incident, 25% of institutions have experienced this.
• Inferences in IAM (and tying that to federation)
  • SSO is utilized and the benefits achieved
  • Directory is deployed and ready for IAM
  • PW management deployed but benefits have not been as strong
  • Provisioning is underutilized but drivers indicate benefits could be gained
  • Federation is emerging – further study is probably warranted (27% did not disclose)
  • Institutional support exists
  • New campus technologies will impact IAM
• FYI: ECAR Identity Management in Higher Education Report, 2011http://www.educause.edu/library/resources/identity-management-higher-education-2011-report
  • Rodney noted that campus policies and procedures declined significantly as a challenge in the recent EDUCAUSE ECAR IdM study.
• Federation Emergence
  • Survey indicates equal numbers of use and no use, as well as no answer
  • Clearly a topic but not viewed as strategic (57% in the survey have no plans or did not disclose info)
  • Possibly tied to concerns for management, policy, and user convenience
  • Busy with other technical activities
  • Not a lot of hard data regarding federations