Presentation is loading. Please wait.

Presentation is loading. Please wait.

Campus Based Authentication & The Project Presented By: Tim Cameron National Council of Higher Education Loan Programs.

Published byJamil Downton Modified over 9 years ago

Similar presentations

Presentation on theme: "Campus Based Authentication & The Project Presented By: Tim Cameron National Council of Higher Education Loan Programs."— Presentation transcript:

1 Campus Based Authentication & The Project Presented By: Tim Cameron National Council of Higher Education Loan Programs

2 The Meteor Story

3 What is Meteor? Web-based network for aggregated real-time inquiry of financial aid information Web-based network for aggregated real-time inquiry of financial aid information One stop, online web service One stop, online web service Collaborative effort of the FFELP community Collaborative effort of the FFELP community Freely available software and access to the network Freely available software and access to the network Customization options are available Customization options are available

4 In the beginning…. Pre-Meteor Environment (1980’s & 1990’s) Pre-Meteor Environment (1980’s & 1990’s) Lenders, Guarantors, Servicers, Schools and others all offered independent web services Lenders, Guarantors, Servicers, Schools and others all offered independent web services Required multiple logins Required multiple logins Low level of security: Low level of security: Many required only SSN and DOB to access financial aid award data! Many required only SSN and DOB to access financial aid award data!

5 In the beginning…. Department of Education Modernization Plans Department of Education Modernization Plans Performance Based Organization approved with Higher Education Amendments in 1998 Performance Based Organization approved with Higher Education Amendments in 1998 Modernization Blueprint Modernization Blueprint Released September 30, 1999 Released September 30, 1999 Second Edition - 2000 Second Edition - 2000 Third Edition – 2001 Third Edition – 2001 Fourth Edition – 2002 Fourth Edition – 2002

6 In the beginning…. FFELP Providers Solution FFELP Providers Solution Spring 2000: CEO meeting sponsored by NCHELP Spring 2000: CEO meeting sponsored by NCHELP Critical decisions: Critical decisions: Create an information network to provide aggregated financial aid information. Create an information network to provide aggregated financial aid information. Foundation Principles Foundation Principles Open Source Open Source Open Collaboration Open Collaboration Freely Available Freely Available Controlled Participation Network Controlled Participation Network

7 Increasing Importance for Access to Distributed Databases

8 Legislative Changes Ensuring Continued Access to Student Loans Act (ECASLA) Ensuring Continued Access to Student Loans Act (ECASLA) Loan Participation Purchase Program Loan Participation Purchase Program Loan Purchase Commitment Program Loan Purchase Commitment Program

9 Growth of Split Servicing Student used multiple lender/guarantor combos to take advantage of benefits Student used multiple lender/guarantor combos to take advantage of benefits Student consolidated while in-school Student consolidated while in-school Student transferred to a new school Student transferred to a new school School switched from FDLP to FFELP or vice versa School switched from FDLP to FFELP or vice versa Lender suspended student loan offerings Lender suspended student loan offerings

10 Impact to Borrower Payment schedule complications Payment schedule complications Multiple payment due dates Multiple payment due dates Differing payment amounts Differing payment amounts Multiple payment methods Multiple payment methods Potential loss of extended repayment options Potential loss of extended repayment options Deferment and forbearance complications Deferment and forbearance complications Inconsistent deferment documentation standards Inconsistent deferment documentation standards Inconsistent forbearance period maximums Inconsistent forbearance period maximums

11 Coping with the Impact Each of these inconveniences is easily overcome so long as the borrower knows who their lenders/servicers are and how to get in touch with them.

12 Meteor Today 14 Points of access to the Network 14 Points of access to the Network 20 Data providers 20 Data providers School Authentication Agents School Authentication Agents Several custom implementations Several custom implementations

13 Meteor Participant Types Organizations that implement the Meteor software Organizations that implement the Meteor software Access Providers (AP) Access Providers (AP) Authentication Agents (AA) Authentication Agents (AA) Data Providers (DP) Data Providers (DP) Index Providers (IP) Index Providers (IP)

14 The Meteor Process One Two Access Provider Data Providers Student/Borrower or Financial Aid Professional or Access Provider Representative or Lender Three Index Provider Users Federated Authentication Process

15 Each participant is required to register, sign a participation agreement, and submit policies and procedures surrounding their authentication process. Each participant is required to register, sign a participation agreement, and submit policies and procedures surrounding their authentication process. The Meteor Team Leads review the policies and procedures and assign a Level of Assurance The Meteor Team Leads review the policies and procedures and assign a Level of Assurance Meteor uses a centralized LDAP server to contain: Meteor uses a centralized LDAP server to contain: Public keys of all participants Public keys of all participants Network status information (active, pending, suspended) Network status information (active, pending, suspended) Contact Information Contact Information The Meteor Registry

16 Meteor Authentication Objectives & Process

17 Provide a flexible, easy to implement authentication system. Provide a flexible, easy to implement authentication system. Ensure compliance with the Gramm-Leach- Bliley Act (GLBA), federal guidelines, and applicable state privacy laws. Ensure compliance with the Gramm-Leach- Bliley Act (GLBA), federal guidelines, and applicable state privacy laws. Assure data owners that only appropriately authenticated end users have access to data. Assure data owners that only appropriately authenticated end users have access to data. Ensure compliance to participant organizations internal security and privacy guidelines. Ensure compliance to participant organizations internal security and privacy guidelines. Meteor’s Authentication Objectives

18 The Meteor Authentication Model Each Access Provider uses their existing authentication model (single sign-on) Each Access Provider uses their existing authentication model (single sign-on) Meteor levels of assurance are assigned at registration Meteor levels of assurance are assigned at registration Meteor Level 3 complies with the NIST Level 2 Meteor Level 3 complies with the NIST Level 2

19 User is required to provide an ID and a shared secret. User is required to provide an ID and a shared secret. Assignment and delivery of shared secret must be secure. Assignment and delivery of shared secret must be secure. Assignment of shared secret is based on validated information. Assignment of shared secret is based on validated information. Reasonable assurances that the storage of the IDs and shared secrets are secure. Reasonable assurances that the storage of the IDs and shared secrets are secure. Meteor’s Authentication Requirements

20 Access provider must ensure appropriate authentication for each end user and provide traceability back to that user Access provider must ensure appropriate authentication for each end user and provide traceability back to that user Access provider must provide authentication policy to central authority Access provider must provide authentication policy to central authority Access provider must provide central authority with 30 day advance notice of changes to authentication policy Access provider must provide central authority with 30 day advance notice of changes to authentication policy Access provider must agree to appropriate use of data Access provider must agree to appropriate use of data Meteor’s Authentication Requirements

21 End user authenticates at access provider site or through a Meteor approved third party Authentication Agent End user authenticates at access provider site or through a Meteor approved third party Authentication Agent Access provider creates authentication assertion (SAML) Access provider creates authentication assertion (SAML) Access provider signs authentication assertion with digital certificate Access provider signs authentication assertion with digital certificate The Meteor Authentication Process

22 Role of end user Role of end user Social Security Number Social Security Number Authentication Process ID Authentication Process ID Level of Assurance Level of Assurance Opaque ID Opaque ID Organization ID and Type Organization ID and Type SAML Assertion Attributes

23 Meteor and the National Student Clearinghouse: Campus Based Authentication

24 Campus Based Authentication Schools that have entered into an electronic services agreement with the Clearinghouse will act as Authentication Agents. Schools that have entered into an electronic services agreement with the Clearinghouse will act as Authentication Agents. Students campus issued credentials will be utilized to access Meteor and other Clearinghouse services via Student Self- Service Web site Students campus issued credentials will be utilized to access Meteor and other Clearinghouse services via Student Self- Service Web site

25 The National Student Clearinghouse Student Self-Service Meteor is integrated into the Clearinghouse’s Student Self-Service Application Meteor is integrated into the Clearinghouse’s Student Self-Service Application For schools that wish to provide students with Meteor access, Meteor loan detail is incorporated into the LoanLocator display For schools that wish to provide students with Meteor access, Meteor loan detail is incorporated into the LoanLocator display

26

27

28

29

30

31 What’s Next?

32 Online Award Letter Pilot Will serve as a debt management tool Will serve as a debt management tool Borrowing history presented BEFORE a new award is accepted Borrowing history presented BEFORE a new award is accepted Ensures that borrower is aware of the potential impact of increasing his aggregate loan(s) amount Ensures that borrower is aware of the potential impact of increasing his aggregate loan(s) amount Total current outstanding Total current outstanding New total outstanding with the addition of the new loan New total outstanding with the addition of the new loan Repayment scenarios based on aggregates Repayment scenarios based on aggregates

33 For More Information…. Interactive Web Site Launched www.MeteorNetwork.org Interactive Web Site Launched www.MeteorNetwork.org www.MeteorNetwork.org Audio presentation Audio presentation Interactive demonstration version of the software Interactive demonstration version of the software Link to the Meteor project site Link to the Meteor project site Project Documentation www.NCHELP.org/Meteor.htm Project Documentation www.NCHELP.org/Meteor.htm www.NCHELP.org/Meteor.htm Implementation Information Implementation Information Current Provider List Current Provider List User Guide and other documentation User Guide and other documentation

34 Tim Cameron NCHELP Meteor Project Manager meteor@nchelp.org Tim Cameron NCHELP Meteor Project Manager meteor@nchelp.org meteor@nchelp.org Contact Information

Download ppt "Campus Based Authentication & The Project Presented By: Tim Cameron National Council of Higher Education Loan Programs."

Similar presentations

Where Did My Loan Go? Presenters: Amy Kerwin Great Lakes Higher Education Guaranty Corporation Tim Cameron National Council of Higher Education Loan Programs.

Where Did My Loan Go? Presenters: Amy Kerwin Great Lakes Higher Education Guaranty Corporation Tim Cameron National Council of Higher Education Loan Programs.
- 1 - Defense Security Service Background: During the Fall of 2012 Defense Security Service will be integrating ISFD with the Identity Management (IdM)

- 1 - Defense Security Service Background: During the Fall of 2012 Defense Security Service will be integrating ISFD with the Identity Management (IdM)
Effective Entrance and Exit Counseling Maria Luna-Torres Director of Education Finance Initiatives TG.

Effective Entrance and Exit Counseling Maria Luna-Torres Director of Education Finance Initiatives TG.
Presented by: Doug Falk National Student Clearinghouse Student Access to Federal Loan Data and Other Online Student Services.

Presented by: Doug Falk National Student Clearinghouse Student Access to Federal Loan Data and Other Online Student Services.
Split Servicing: Tools and Strategies to Help Track and Manage Debt Presented by: Tim Cameron The Meteor Project Manager National Council of Higher Education.

Split Servicing: Tools and Strategies to Help Track and Manage Debt Presented by: Tim Cameron The Meteor Project Manager National Council of Higher Education.
5 th Annual Conference on Technology & Standards April 28 – 30, 2008 Hyatt Regency Washington on Capitol Hill www.PESC.org Electronic Data Exchange Standards.

5 th Annual Conference on Technology & Standards April 28 – 30, 2008 Hyatt Regency Washington on Capitol Hill Electronic Data Exchange Standards.
ECASLA Programs Participation Program PUT Program SLGFA Annual Conference Crowne Plaza Hotel March 10 th, 2009 Wanda Hall Theresa McDuffee Edfinancial.

ECASLA Programs Participation Program PUT Program SLGFA Annual Conference Crowne Plaza Hotel March 10 th, 2009 Wanda Hall Theresa McDuffee Edfinancial.
U.S. Department of Agriculture eGovernment Program February 2004 eAuthentication Integration Status eGovernment Program.

U.S. Department of Agriculture eGovernment Program February 2004 eAuthentication Integration Status eGovernment Program.
Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (http://www.ag-nbi.de)http://www.ag-nbi.de.

Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (
1 eAuthentication in Higher Education Tim Bornholtz Session #47.

1 eAuthentication in Higher Education Tim Bornholtz Session #47.
Www.lumension.com © Copyright 2008 - Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.

© Copyright Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.
Academic Services Interactive Media Managing the Web with Java JA-SIG Winter 2002 Robert Sherratt Academic Services, Interactive Media.

Academic Services Interactive Media Managing the Web with Java JA-SIG Winter 2002 Robert Sherratt Academic Services, Interactive Media.
Great Lakes Loan Servicing NCASFAA Conference September 2011.

Great Lakes Loan Servicing NCASFAA Conference September 2011.
PROACTIVELY IDENTIFYING POTENTIAL IMPACTS OF PUT LOAN TO BORROWERS Creating A Positive Customer Experience NCHELP Program Operations Update May 26, 2009.

PROACTIVELY IDENTIFYING POTENTIAL IMPACTS OF PUT LOAN TO BORROWERS Creating A Positive Customer Experience NCHELP Program Operations Update May 26, 2009.
EAuthentication in Higher Education Tim Bornholtz Session 58.

EAuthentication in Higher Education Tim Bornholtz Session 58.
Extending Enterprise Authentication and Authorization in Higher Education: Building on the Success of Project Meteor.

Extending Enterprise Authentication and Authorization in Higher Education: Building on the Success of Project Meteor.
SAS 112: The New Auditing Standard Jim Corkill Controller Accounting Services & Controls.

SAS 112: The New Auditing Standard Jim Corkill Controller Accounting Services & Controls.
Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.

Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.
Session 41-2 Session 41 Services on the Web for Schools.

Session 41-2 Session 41 Services on the Web for Schools.
Student Financial Assistance. Session 40-2 Session 40 Web Tools: SFA Self-Assessment/ Compliance Modules.

Student Financial Assistance. Session 40-2 Session 40 Web Tools: SFA Self-Assessment/ Compliance Modules.

Similar presentations

Ads by Google