CIC News

RSS Feed Icon Subscribe to the CIC News RSS feed

View All Articles

CIC Providing Leadership in Identity Management

Federated Identity represented as people figures standing next to a server rack

The Identity Management Taskforce works to simplify the sharing of services and resources through technology that allows inter-institutional access using existing campus usernames and passwords. The IdM project directly supports the academic and research missions of CIC member institutions by working on lowering the requirements and time-to-implementation of collaborative activities. 

The IdM taskforce focuses on two projects: InCommon Silver, and Research Cyberinfrastructure. Each of these projects includes several activities that are garnering national attention and helping to shape the IdM landscape in higher education, which is a strategic priority of the CIC Chief Information Officers.

InCommon Silver

InCommon Silver Assurance Profile

All 13 CIC schools have committed to attaining InCommon Silver, a higher Level of Assurance providing for increased security and tighter policies on data and identity information. Asserting Silver allows CIC universities to collaborate on higher-stakes federated activities.

  • The IdM taskforce partnered with CIC Auditors as well as the InCommon Federation to develop and evaluate the Assurance Profile that provides the framework for sharing at a higher level of security and assurance.
  • The IdM taskforce also partnered with representatives from University of Florida, Virginia Tech, University of Washington, and Brown University to develop policies and practices that will provide value beyond the CIC, ensuring the investment in this effort would contribute positively to CIC recommendations being widely adopted.

Asserting Silver

The IdM taskforce conducted a survey on each University’s current readiness and timeline to implementation in August 2011. The results will be presented in the “Report to the CIC CIOs on the Status of InCommon Silver Compliance Efforts,” which will be published in December, 2011.

  • InCommon will be prepared for campuses to begin applying for Silver in January 2012.
  • 7 schools involved in the CIC project will be ready to apply for Silver by Q2 2012, with 1-2 hoping to be prepared to apply as soon as InCommon is ready, which would make the CIC among the earliest adopters.
  • PSU reps are leading a conversation between the CIC and the NIH as a service provider to test the technical implementation of Silver in order to begin federating a Silver-enabled service in the CIC quickly.

AD Cookbook

The IdM taskforce's work has been highlighted as a model for InCommon implementation. They created a step-by-step process for meeting requirements of Silver in a particular technical environment (Microsoft's Active Directory) and it's been contributed to Internet2's InCommon Silver wiki. This setup is commonly used at many universities, and the CIC will serve as a resource for others interested in federating in this environment.

Research Cyberinfrastructure

Federated Security Incident Response Policy

As federated identity matures, a coordinated approach to solving operational and security issues becomes increasingly important for individual institutions and for InCommon. The IdM taskforce led the development of a Federated Security Incident Response Policy, which provides a codified set of roles and responsibilities for managing security incident workflow in a federated context. The policy lays out a “do for others as you would do for yourself” approach, guiding organizations to examine local incidents for possible impacts outside their organization and collaborating with other affected organizations to contain incidents. InCommon does not yet have a policy implemented as part of the standard agreement, so CIC development of a policy is leading in this area, and continued open dialogue with InCommon may influence future national policy.

Cloud Services

Internet2’s Net+ services provide a number of cloud-based resources (including Box.net, which several CIC schools will be piloting). By exploring these opportunities early and considering the possibilities for federation, the IdM taskforce continues to seek ways to increase the ease of access and collaborative potential for researchers in the CIC.

More information on the work of the CIC Identity Management Task Force can be found on their webpage:
http://www.cic.net/Home/Projects/Technology/IdMgmt/Introduction.aspx

Posted by CIC Communications on Dec 22, 2011

Category: Identity Management

Facebook Twitter DZone It! Digg It! StumbleUpon Technorati Del.icio.us NewsVine Reddit Blinklist Add diigo bookmark