Skip to end of metadata
Go to start of metadata

The InCommon Alternative IdPs Working Group finished its work in Q4 2014. The Working Group was chaired by Janemarie Duh of Lafayette College. The final report is here.

 

 

The mission of the InCommon Alternative IdPs Working Group was to:

  1. Increase the number of participating campuses that operate an IdP service by identifying and evaluating methods for making deployment easier.
  2. Increase the flow of attributes between IdPs and SPs. To date, strategies have focused on convincing campuses to release a standard attribute bundle (which includes PII) to all InCommon SPs and/or to support the Research & Scholarship Category.

The Working Group evaluated alternative approaches a campus could adopt for instantiating a SAML IdP, joining the InCommon Federation, and successfully interoperating with a variety of SPs. Current InCommon participants had typically installed and operated SAML IdP software on-premise. It was expected that future InCommon participants may not have the same local staff resources and expertise, and may have to resort to a variety of other techniques (including outsourcing).

 See the Announcement of the Alternative Identity Providers Working Group for additional background on this working group.

Working Documents

Membership

Membership in the Working Group is open to all interested parties. Members join the Working Group by subscribing to the mailing list, alternative-idp@incommon.org participating in the phone calls, and otherwise actively engaging in the work of the group. It is particularly important that the work group include schools, both large and small, that are perceiving hurdles to federating their institution. The goal is to make the process easier and that will require broad participation.

 

Deliverables

  1. Identify and evaluate a range of viable alternatives to a locally installed SAML IdP for campuses that desire an IdP that interoperates successfully within InCommon. The set of alternatives should include ADFS, various outsourcing and cloud-based options, and the use of gateways with and without social providers. Determine the relevancy of various options commonly deployed in Europe (e.g., hub and spoke models that support user consent).
  2. Deliver to the TAC a report describing the architecture, technologies, and functionality of various approaches. List the advantages and disadvantages of each of the identified approaches, including potential "enriching" functionality (e.g., support for MFA, ECP, entity categories, assurance, and user consent) and the effort required beyond the IdP itself. The intent is to make the report available to Steering, and ultimately to the general community. The body of the report should be useful to campus CIOs and Technical Directors. Technical details, if helpful, should be included in an appendix.

Expected End Date

The subcommittee is expected to complete all deliverables and either close or recharter by October 31, 2014.

Further information is available in the Alternative IdPs Working Group Charter.

Agendas and Call Notes

  • No labels