You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Building Identity Trust Federations Conference Call

April 15, 2009

In attendance:
Sujay Daniels,NJEdge.Net
John Krienke, Internet2/InCommon
Craig Stevensen, WiscNet
Andy Rosenzweig, Merit
Renee Frost, Internet2
Steve Carmody, Brown/Internet2
Gavin Hogan, SUNY
George Laskaris, NJEdge.Net (chair)
Ann West, Internet2
Garret Sern, EDUCAUSE
Mark Sheible, NC
StateSteve Thorpe,  MCNC

For this month's call we will focus on developing efforts to build a statewide federation in North Carolina and have asked Mark Scheible from NC State University describe the state's strategies and approaches as well as lessons learned in deploying a statewide federation.

Strategies from North Carolina

Mark Scheible, NC State

  • Two federation efforts in NC.
  • U of NC Identity Federation is stand alone, similar to U of Texas.
  • NC Trust is pilot that uses InCommon.
  • Some members overlap both federations.
  • Additional technical challenges in participating in both.

U of NC Federation

  • System wide with inter-institutional course application was the first "original" application to use the system.
  • Stakeholders primarily 16 universities and citizens.
  • Sponsor is the online North Carolina systems team and system president.
  • Similar model to the U of Texas.
  • Created a certificate authority, signing CSRs, running the metadata.
  • UNC provided support by creating virtual providers on separate machines.
  • Scrips were provided to provide backup.
  • Future applications include: federation creation and management application; a virtual computing lab; RAMSEYs research administration tool.

NC Trust Federation K-20 Pilot

  • Includes public and private participants, including hospitals, state government network
  • Later this month all K-12 school districts will be connected to the federation via NCREN
  • Stakeholders are the entire state educational system
  • Results of this pilot will produce recommendations how to create statewide K-20 ID federation
  • High ed participants provide sponsorship for non-higher ed participants
  • Benefits of higher ed sponsorship - connection to InCommon, legal support
  • Internet2 and InCommon administering common cert authority
  • Pilot ends Dec. 2009

Observations

  • Both had similar challenges: getting organizations to sign MOU; legal councils from each institutions had issue with legal contract with InCommon; some technical challenges for smaller schools; volume of information was overwhelming to some of the participants. Current plan is to work closely with tech staff to get IDP's working properly.
  • Last month's presentation from John Chapman from BECTA has good information and some ideas how to address access issues on K-12 level, support from identity providers.
  • Virtual computing lab ideal service provider for the pilot application because the front-end participants included members from university system, that provide services to community colleges. Other applications will include:
  • NC Live - searchable collection of periodicals and books
  • NC Trust Convalesce site

Lessons Learned and Recommendations

  • Because we were running a pilot, we may not have done things in the best order or planned properly.
  • Developing high-profile use cases helps get support and exposure.
  • Attribute release policy is important, but not critical
  • Making sure tech people are on board to administer program is essential.
  • Read what's out there; talk with colleges to see what they are using.
  • Consider how to scale into statewide federation.
    Will continue the development of inter-federation to help with stakeholders

Questions
Who sponsored K-12 at InCommon?
A. UNC at Chapel Hill

What challenges did you run with K-12?
A. Student identifiers have been an issue, especially when they transfer from schools. Having an NC identifier for the entire state will allow students to change school districts and eliminating numerous ids.
This begs the question whether there should be a national identifier, despite the "big brother concerns".

Which communities are you trying to identify during the pilot? Teachers? Students? Other communities?
A.    Initial thought is for the students.

How far down will you go with the students having accounts they log-in with?
A.    Don't know, but probably varies by school district.

Sounds like this is managed at the LEA level.
A.    Varies widely by part of state you are in. Appears that every student in RI is assigned a unique identifier, which is used to track them from one district to another.

Sponsored K-12 with InCommon - how does that work? Is his something new?
A.  Basic premise for InCommon participation is higher ed are the gatekeepers and the criteria for being a sponsored partner is that a higher ed institution needs their collaborations to grow in a particular direction. That had not occurred until the NC pilot. No separate MOU, same participation agreement.

Are you planning on putting a more formal presentation?
A.    Yes, by the I2 meeting.

Importance of having a common attribute release policy? Can you address that?
A.    Trying to develop one based on the community you are dealing with. Attribute release is something people are looking for recommendations on and something our community needs a few more use cases under our belts.

Chair's Concluding Remarks
Notes having BECTA back on another call. May be worth asking them specific areas we would like them to drill down on. In particular, scalability of K-12 IDPs and how they managed the rollout not only from a technical perspective, but how they manage the users.
Please send us a list of questions to share with BECTA.

  • No labels