Registrars are a Barrier to Collaboration: Truth or CIO Pretext?

Slides:



Advertisements
Similar presentations
Defining the Security Domain Marilu Goodyear John H. Louis University of Kansas.
Advertisements

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
1 UMass Dartmouth Conflicts of Interest Policies UMass Dartmouth Liz Rodriguez February 17, 2011.
IAM Online Friday, February 12, 2010 “Introduction to Federated Identity Management” John O’Keefe, Lafayette College Questions either via Adobe Connect.
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
1 The Evolving Definition of "Student": Identity Management at Duke University Klara Jelinkova Director, Computing Systems Office of Information Technology.
David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.
2/16/2010 The Family Educational Records and Privacy Act.
Information Resources and Communications University of California, Office of the President Current Identity Management Initiatives at UC & Beyond: UCTrust.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
FERPA Family Educational Rights and Privacy Act Presented by Bridget Blanshan Interim AVP for Student Affairs & Dean of Students Ext
The Business of Identity Management Barry R. Ribbeck Director Systems Architecture & Infrastructure Rice University
Enterprise Security. Mark Bruhn, Assoc. VP, Indiana University Jack Suess, VP of IT, UMBC.
Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.
1 EDUCAUSE Midwest Regional Conference Top Strategies for Working with Stakeholders: Synopses of Recommendations from the Identity Management Summit Mark.
Identity Management 2.0 George O. Strawn NSF CIO.
National Science Foundation Chief Information Officer CIO Fall Update for the Advisory Committee for Business and Operations: Identity Management 2.0 George.
The InCommon Federation The U.S. Access and Identity Management Federation
1 The Partnership Challenge Higher education’s missions are realized in increasingly global, collaborative, online relationships –Higher educations’ digital.
Annual Workshop February 5th, A Formal Approach to Analyze Privacy in Electronic Services MSEC Koen Decroix [Koen Decroix – MSEC - KU Leuven]
Exploring InCommon Getting Started with InCommon: Creating Your Roadmap.
Internet2 – InCommon and Box Marla Meehl Colorado CIO 11/1/11.
COMPDIRS NATHAN DORS APRIL 16, AGENDA  IAM – who we are, what we do  HRP Modernization & Workday  What’s new in IAM?  Identity.UW soft.
Belnet Federation Belnet – Loriau Nicolas Brussels – 12 th of June 2014.
UCLA Enterprise Directory Identity Management Infrastructure UC Enrollment Service Technical Conference October 16, 2007 Ying Ma
Federations 101 John Krienke Internet2 Fall 2006 Internet2 Member Meeting.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Using Levels of Assurance Well, at least thinking about it…. MAX (just MAX)
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.
University of Washington Identity and Access Management IEEAF – RENU Network Design Workshop Seattle - 29 Nov 2007 Lori Stevens, Director, Distributed.
Projecting Infrastructure to the CLOUD CSG discussion Fall Princeton University.
Identity Management, Federating Identities, and Federations November 21, 2006 Kevin Morooney Jeff Kuhns Renee Shuey.
Advanced research and education networking in the United States: the Internet2 experience Heather Boyles Director, Member and Partner Relations Internet2.
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.
IAM VISION OUR CREATIVE INSPIRATION IAM STRATEGY & ROADMAP TEAM JUNE 3, 2015.
NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.
SEPARATE ACCOUNTS FOR PROSPECTS? WHAT A HEADACHE! Ann West Assistant Director, InCommon Assurance and Community Internet2 at Michigan Tech.
Further Resources and Getting Involved Steven Carmody Ann West.
1 Identities and Federation: The Next IT Wave (The Canadian Access Federation) Rick Bunt President The Canadian University Council of CIOs (CUCCIO)
Ad-hoc Lists / Opt-In Problem Definition Access rules for many applications and services cannot be derived from an authoritative source and must therefore.
Leveraging Campus Authentication to Access the TeraGrid Scott Lathrop, Argonne National Lab Tom Barton, U Chicago.
Designing Identity Federation Policy, the right way Marina Vermezović, Academic Network of Serbia TNC2013 conference 4 May 2013.
1 EDUCAUSE Mid-Atlantic Regional Conference Top Strategies for Working with Stakeholders: Synopses of Recommendations from the Identity Management Summit.
© 2011 The University of Chicago Organizational Grouping, or Some New Authority & Risk Issues In Absentia: RL "Bob" Morgan, Kevin Morooney, Michael Gettes.
Tom Barton, Senior Director for Integration, University of Chicago
Secure Connected Infrastructure
Stop Those Prying Eyes Getting to Your Data
Update from the Faster Payments Task Force
Educause/Internet 2 Computer and Network Security Task Force
How to use the internet safely and How to protect my personal data?
How to use the internet safely and How to protect my personal data?
John O’Keefe Director of Academic Technology & Network Services
Higher Education’s Role in the Identity Ecosystem
InCommon Steward Program: Community Review
Identity & Access Management InCommon Research and Scholarship
Shibboleth Implementation in EZproxy
AACRAO Annual Conference April 15, 2013 __________________ MOOCs: What They are and What You Need to Know.
FERPA HEA Privacy Act: Protecting Students Data
North Carolina Community College Governance
Draft ETSI TS Annex C Presented by Michał Tabor for PSD2 Workshop
AACRAO Update.
Welcome to the FERPA training for Faculty and Staff.
PASSHE InCommon & Federated Identity Workshop
Internet law Business law.
Shibboleth as Attribute Delivery for Authorization
Electronic Services from a School's Perspective PESC Annual Conference on Standards in Higher Education Judith Nemerovski Flink Director of Student Financial.
IAM Online Friday, February 12, 2010 “Introduction to Federated Identity Management” John O’Keefe, Lafayette College Questions either via Adobe Connect.
Appropriate Access InCommon Identity Assurance Profiles
4th Annual Conference on Technology and Standards Washington
Presentation transcript:

Registrars are a Barrier to Collaboration: Truth or CIO Pretext? AACRAO Technology and Transfer Conference New Orleans, July 11, 2017

Join us in the bar…

Mark McConahay Associate Vice Provost and Registrar Indiana University Playing the role of Registrar KWM

Dennis Cromwell Works in IT @ Indiana University Playing the role of CIO today One spot above Brad Pitt on IMDB’s best looking actor list

Ann West AVP, Trust and Identity, Internet2 Playing the role of InCommon Community Engagement Rep

Ann, What’s InCommon About? Non-profit consortium of US higher ed, research, and their partner organizations Agree on standards, technologies, policies and practices to make it easy and more secure for faculty, staff and students to collaborate and do their work with colleagues at other places. Over 40 other “trust and identity federations” exist around the world and we work closely together to ensure integration so that faculty at IU can access collaborations and services where ever they are. A good analogy is the payment card industry. InCommon is like Mastercard helping the community to agree on the rules and putting them in place. Campuses identify individuals and give them online credentials for access like the banks. Service Providers allow access leveraging the authentication/identification done by the campuses.

The CIO Needs Help… Researchers and Scholars (and their students) can’t collaborate with national projects because of YOUR staff

A Researcher Needs Help Sally Feldman in Humanities has a NSF grant to work with the Modern Language Association and Hathi Trust Research Center. We’re all participating in this Trust Federation, but to enable this access, IU has to release some information about her at run-time (called attributes) so that MLA knows who she is and can give her appropriate access.

Sounds Great, But It’s Not The Registrars Problem… It affects Sally’s graduate and undergraduate students participating in the work. It affects the collaboration and projects because they must support two different approaches for faculty and students unless the Registrar agrees to the release. Faculty can use their IU credentials; Students have to set up separate accounts.

We Want To Support Collaboration, But This Is Concerning… Friends, do you all know about the InCommon Trust Federation? If so, what do you do for attribute release?

What Attributes Are Released? For qualifying Research and Scholarship services, campuses release: Name Email Address Affiliation (e.g. student@iu.edu) One non-reassigned Identifier for look up (either netid@iu.edu or pseudonymous identifier)

That Looks Like Directory Information To me… Yes, for many schools it is.

Wow, So We Release This To Any Service That Requests It? No The service must be in the InCommon Trust Federation and adhere to the Research and Scholarship policy. The user must first request access to the specific service.

Oh! That’s Disclosure… Yes! That’s right. But we need agreements/consents in place for that! Governing the InCommon Trust Federation is a participation agreement that has provisions for preserving privacy and respecting intellectual property. Every organization has to sign it. Trust Federations in other countries have this too.

This Requires Strong Authentication Too…who Does That? The organizations that identifies their users and issues electronic credentials to them also performs the authentication. In our case, IU is authenticating the user. This role is called identity provider.

If This Is So Important, Why Haven’t I Heard About This Before If This Is So Important, Why Haven’t I Heard About This Before? Why Haven’t The Faculty Brought This Up? If it doesn’t work, the projects do a work around to get the collaborator up and running quickly. Speed is important because they have very short windows for funding. So the person creates another account or worse, uses their google credentials that reveal where the researcher is going and inform the company’s profile on the person. Erodes privacy, security and usability. We don’t expect faculty to understand the details of how the network works or how access is handled on campus.

What About Students That Have Suppressed Disclosure Rights Under FERPA? We can build in the ability to block releasing attributes for students wishing to restrict disclosure.

Wouldn’t This Be Better To Get The Student To Consent To The Release Of Each Attribute? Consent to release all or none of the attributes is included in the technology now. Future plans include more granular release.

Next Steps Find out if your school is an InCommon Participant. Have a discussion about how you approach Research and Scholarship in the Trust Federation. Support this policy Add the release to the annual disclosure for students. Join a task force to provide guidance on this issue to your colleagues.

Thank You! Dennis Cromwell, dcromwel@iu.edu Mark McConahay, mcconaha@indiana.edu Ann West, awest@internet2.edu

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.