You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 21 Next »

Introduction

The original purpose of this survey was to understand what other institutions are doing or planning to do in response to the requirement in Section 495 of the HEOA (2008). This states that accrediting agencies must require an institution that offers distance education or correspondence education to have processes through which the institution establishes that the student who registers in a distance education or correspondence education course or program is the same student who participates in and completes the program and receives the academic credit.

However, the challenge of remote credentialing does not only exist in Distance Education. Most incoming students at an institution go through an admissions process that requires their access to campus applications or services prior to their arrival on campus. In some cases, these applications deal with FERPA protected or financial data that needs to be protected from inappropriate access. The question is how comfortable are institutions that their process for granting access to these resources is secure - namely, that the campus credential they issue to the "student" is really going to the right person.

This survey will focus on the identity proofing and credentialing of students "at a distance", whether they are in a formal Distance Education or a Corespondence Program or are students pursuing a more traditional on-campus education, but prior to their arrival on campus.

Terms

Authentication - The process of identifying an individual, usually based on username and password. Authentication merely ensures that the individual is who he or she claims to be, but says nothing about the access rights of the individual.

Credential - An object that authoritatively binds an identity (and optionally, additiional attributes) to a token possessed and controlled by a person.

Credentialing - The process whereby users are given electronic credentials to ensure that they are coupled with the correct digital identity information.

Digital Identity - The representation of a human identity that is used in a distributed network interaction with other machines or people.  The purpose of the digital identity is to establish the level of comfort and confidence in a digital environment that is associated with face-to-face human interactions.

Identifier - usually a permanent, persistant number assigned to a student.  Frequently a replacement for SSN.  (StudentID number).  Usernames are also identifiers but may not be persistent.

Identity Proofing - The process of verifying the identity of an individual either "in person" by presenting a government issued photo ID or through challenge-response questions that contain information about the individual being "proofed" that would not be available to the general public. Usually performed in conjunction with the credentialing process.

Identity Vetting - The process of thorough examination and evaluation of an individual's identity data.

Prospective Student - a person who has expressed interest (or in whom the institution has expressed interest) in submitting an admission application.   

Matriculated Student - a student who is admitted and enrolls at the institution (precise definaitions may vary by nstitution).

UserID - account/login ID (NetID).  Can be name-based or not.  May or may not be permanent, persistent.

Demographic Information and Environment

  1.  Main focus of survey answers:
    1. Traditional  Education (Students On Campus)
    2. Distance/Correspondence Education
  2. Department of the person completing the survey:
    1. Admissions
    2. Registrar
    3. Distance Education / Correspondence Education
    4. Information Technology
    5. Other ______________________
  3. Institution size, location, mission, etc.
    1. Name of Institution (This will not be published in the survey results but will be used for correlating answers)
    2. What is the size of the student population?
    3. Do you have a distance education program(s)?
      1. How many students are in the program(s)?
    4. Our admissions and registration function across campus (check one)
      1. Spread across multiple schools or colleges
      2. Consolidated in one administrative unit.
      3. Other____________________________
    5. Responsibility for the information technology is (check one)
      1. Spread across multiple schools or colleges
      2. Consolidated in one administrative unit.
    6. Decision making, change management, and implementation question here.
    7. Does your institution maintain records identifying all programs serving remote students?

Remote Identity Proofing and Credentialing of Students

Include these questions from earlier draft?

  1. How do you begin your recruiting process(check all that apply)?
    1. Internal aggregation of "Suspects" (Inquiries, camp attendees, etc)
    2. Obtain potential "suspects" from third Party
  2. When do you first learn about prospective students? (Check all that apply.)
    1. Test score Referrals
    2. High School Meetings
    3. Alumni/other "gatherings"
    4. Phone Inquiries
    5. Other - Please explain
  3. How do students make initial contact? (Check all that apply.)
    1. Submit an application
    2. Email Inquiry
    3. Inquiry through Campus Portal
    4. Phone Inquiries
    5. Request for Site Visit
    6. Response to CRM Campaign
    7. Other
  4. How do you establish a communications channel? (Check all that apply.)
    1. Use the user supplied email address
    2. Establish/use institutional email address.
    3. Parent/Guardian email address
    4. US Mail
    5. Voice Contact
          • end additional questions
  5. At what point do you first issue a login credential?
    1. we don't. We accept existing credentials from services like Google, Facebook, Twitter, OpenID, Shibboleth/SAML IdPs
    2. first contact from prospect and request for information
    3. initial application
    4. completed application portfolio
    5. admitted 
    6. received deposit/earnest money
    7. registration completed
    8. Other
  6. Is this institutional credential persistent throughout the student's tenure?
      If yes, skip the next question.
     
  7. If another credential is issued, please indicate at what point the permenant credentials are established?
    1. first contact from prospect and request for information
    2. initial application
    3. completed application portfolio
    4. admitted 
    5. received deposit/earnest money
    6. registration completed
    7. Other
  8. How are these credentials communicated to the client?
    1. USMS
    2. e-mail
    3. email/web-page authentication
    4. email token (often a URL) sent from web form that client must click to confirm control of the email account
    5. other
  9. Upon first login, is the client requried to change the password?
    1. Yes
    2. No
    3. Other
  10. At what poiint are credentials about an individual received from external third parties (e.g., testing service, etc)?
    1. first contact from prospect and request for information
    2. initial application
    3. completed application portfolio
    4. admitted 
    5. received deposit/earnest money
    6. registration completed
    7. Never
  11. If third party materials are received, does their reciept result in increased confidence about the identity of the client? At that point do you provide more sensitive information and services?
    1. Yes
    2. No
    3. It makes no difference
  12. At what point is the stduent's identity proofed (May need more explanation here)?
    1. first contact from prospect and request for information
    2. initial application
    3. completed application portfolio
    4. admitted 
    5. received deposit/earnest money
    6. registration completed
    7. Other  
  13. How is the student's identity "proofed" remotely?
    1. USMS
    2. Visit to trusted agent (e.g., notary)
    3. Notary via USMS
    4. Other
  • No labels