Presentation is loading. Please wait.

Presentation is loading. Please wait.

Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State."— Presentation transcript:

1 Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State University Board of Trustees

2 Federation Federated Identity – Shibboleth – Identity provider (IdP) – your home institution – Authentication using IdP-provided credential extending beyond your IdP’s boundary, e. g. for access to a resource at another institution or external organization, i.e. Service Provider (SP) – Attributes released to SP – Requires trust between SP and IdP Federation – InCommon – Organization made up of identity providers, service providers, and other interested parties – Pre-establish a trust framework © Michigan State University Board of Trustees

3 Levels of Assurance NIST 800-63 – “Electronic Authentication Guideline” – Levels 1 - 4 Measure of reliability of a credential Identity proofing, strength of authentication technology, general best practices for security and identity management Use cases -- Federal grants InCommon Identity Assurance – InCommon Technical Advisory Committee – Identity Assurance Assessment Framework – Bronze/Silver Identity Assurance Profiles

4 CIC InCommon Silver Project CIC Identity Management, CIC Auditors – At the behest of the CIC CIOs Assert Silver LOA for at least some of our users by Fall, 2011 InCommon Technical Advisory Committee is participating Drivers for doing it as a CIC project – Share the work – Influence the TAC and upcoming drafts of the IAP Renee Shuey of Penn State is leading MSU team: – Steve Kurncz, Internal Audit – Matt Kolb, Academic Technology Services, – Jim Green, Academic Technology Services

5 InCommon Silver Assessment Factors Audit requirement General best practices – Risk management, configuration management, DR – Network security, physical security – Policies – privacy, terms and conditions, account revocation – Policies, processes, practices documented Identity verification – In person verification of DL or passport linked to credential Strong passwords and password rules – NIST entropy calculation -- – 2 factor authentication can mitigate – Forgot password process must be just as strong And …

6 Issues Scope Documentation lacking Need a new process – ID Office Passwords in clear text Password policies – Two factor authentication – Stronger rules for Silver users only

7 Resources Shibboleth -- http://shibboleth.internet2.edu/http://shibboleth.internet2.edu/ InCommon Identity Assurance – http://www.incommonfederation.org/assuran ce/ http://www.incommonfederation.org/assuran ce/ NIST 800-63 -- http://csrc.nist.gov/publications/nistpubs/800 -63/SP800-63V1_0_2.pdf http://csrc.nist.gov/publications/nistpubs/800 -63/SP800-63V1_0_2.pdf

8 Contact Jim Green Identity Management Academic Technology Services Phone: 432-7239 Email: jfgreen@msu.edu

Download ppt "Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State."

Similar presentations

FAME-PERMIS Project University of Manchester University of Kent London, July 2006.

FAME-PERMIS Project University of Manchester University of Kent London, July 2006.
PKI and LOA Establishing a Basis for Trust David L. Wasley PKI Deployment Forum April 2008.

PKI and LOA Establishing a Basis for Trust David L. Wasley PKI Deployment Forum April 2008.
Appropriate Access InCommon Identity Assurance Profiles David L. Wasley Campus Architecture and Middleware Planning workshop February 2008.

Appropriate Access InCommon Identity Assurance Profiles David L. Wasley Campus Architecture and Middleware Planning workshop February 2008.
Bronze and Silver Identity Assurance Profiles for Technical Implementers Tom Barton Senior Director for Integration University of Chicago Jim Green Manager,

Bronze and Silver Identity Assurance Profiles for Technical Implementers Tom Barton Senior Director for Integration University of Chicago Jim Green Manager,
Going for the Silver Winter 2010 CSG January 13, 2010.

Going for the Silver Winter 2010 CSG January 13, 2010.
InCommon Assurance Certification VA-SCAN October 3, 2013 Mary Dunker.

InCommon Assurance Certification VA-SCAN October 3, 2013 Mary Dunker.
Getting to Silver: Practical Matters for CIC Universities Tom Barton University of Chicago © 2009 The University of Chicago.

Getting to Silver: Practical Matters for CIC Universities Tom Barton University of Chicago © 2009 The University of Chicago.
Enterprise Architecture 2014 EAAF as a vehicle for LoA Using EAAF processes to incrementally approach InCommon/UCTrust certification.

Enterprise Architecture 2014 EAAF as a vehicle for LoA Using EAAF processes to incrementally approach InCommon/UCTrust certification.
The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer,

The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer,
Federated Identity, Shibboleth, and InCommon Tom Barton University of Chicago © 2009 The University of Chicago.

Federated Identity, Shibboleth, and InCommon Tom Barton University of Chicago © 2009 The University of Chicago.
Using Levels of Assurance Renee Shuey nmi-edit CAMP: Charting Your Authentication Roadmap February 8, 2007.

Using Levels of Assurance Renee Shuey nmi-edit CAMP: Charting Your Authentication Roadmap February 8, 2007.
Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.

Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST 24-27 May 2005, Edinburgh.

1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
Information Resources and Communications University of California, Office of the President Current Identity Management Initiatives at UC & Beyond: UCTrust.

Information Resources and Communications University of California, Office of the President Current Identity Management Initiatives at UC & Beyond: UCTrust.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.

Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
Mary Dunker Common Solutions Group January 12, 2010.

Mary Dunker Common Solutions Group January 12, 2010.
Www.incommon.org InCommon and Federated Identity Management 1 www.incommon.org.

InCommon and Federated Identity Management 1
Meeting InCommon Silver Profile Standards at UCD and UCB Bob Ono, UC Davis, Dedra Chamberlin, UC Berkeley, David Walker, UC Davis, Doreen Meyer, UC Davis.

Meeting InCommon Silver Profile Standards at UCD and UCB Bob Ono, UC Davis, Dedra Chamberlin, UC Berkeley, David Walker, UC Davis, Doreen Meyer, UC Davis.
Winter 2011 CSG Workshop: InCommon Silver January 12, 2011.

Winter 2011 CSG Workshop: InCommon Silver January 12, 2011.
User Authentication Recommendations Transport & Security Standards Workgroup December 10, 2014.

User Authentication Recommendations Transport & Security Standards Workgroup December 10, 2014.

Similar presentations

Ads by Google