Presentation is loading. Please wait.

Presentation is loading. Please wait.

State of e-Authentication in Higher Education August 20, 2004.

Published byRuby Martin Modified over 8 years ago

Similar presentations

Presentation on theme: "State of e-Authentication in Higher Education August 20, 2004."— Presentation transcript:

1 State of e-Authentication in Higher Education August 20, 2004

2 What is Meteor? Web-based universal access channel for financial aid information Aggregated information to assist Financial Aid Professionals, students and borrowers with debt counseling and the aid process in general Collaborative effort A gift to schools and borrowers

3 The Meteor Process One Two Access Providers Data Providers Financial Aid Professional or Student Three Index Providers

4 E-Authentication Worked with Shibboleth - Shibboleth, a project of Internet2/Mace, is developing architectures, policy structures, practical technologies, and an open source implementation to support inter-institutional sharing of web resources subject to access controls. In addition, Shibboleth will develop a policy framework that will allow inter-operation within the higher education community. Shibboleth project participants include Brown University, Ohio State, Penn State and many other colleges and universities.

5 Building Trust and Integrity The Meteor Advisory Team sought input and expertise regarding privacy and security from the sponsoring organizations and the NCHELP Legal Committee. Analysis was provided in relation to GLB and individual state privacy laws. The analysis revealed that Meteor complied with both GLB and known state privacy provisions.

6 Provide a flexible, easy to implement authentication system that meets the needs of the provider organizations and their clients. Ensure compliance with the Gramm-Leach-Bliley Act (GLBA), federal guidelines, and applicable state privacy laws. Authentication Objectives

7 Assure data owners that only appropriately authenticated end users have access to data. Ensure compliance to internal security and privacy guidelines. Authentication Objectives

8 Authentication Each Access Provider uses their existing authentication model (single sign-on) Level of assurance assigned at registration –Level 0 (Unique ID) –Level 1 (Unique ID & 1 piece of validated public data) –Level 2 (Unique ID & 2 pieces of validated public data) –Level 3 (Unique/User ID & shared secret)

9 User was required to provide an ID and a shared secret. Assignment and delivery of shared secret must be secure. Assignment of shared secret is based on validated information. Reasonable assurances that the storage of the IDs and shared secrets are secure. Authentication Requirements

10 Access provider must ensure appropriate authentication for each end user Access provider must provide authentication policy to central authority Access provider must provide central authority with 30 day advance notice of changes to authentication policy Access provider must agree to appropriate use of data E-Authentication Policies

11 End user authenticates at access provider site Access provider creates authentication assertion Access provider signs authentication assertion with digital certificate Control is passed to Meteor software Authentication Process

12 Index and data providers verify assertion using the access provider’s public key stored in the registry. End user is provided access to the aggregated data Authentication Process

13 Each participant is required to register, sign a participation agreement, and submit policies and procedures surrounding their authentication process. The Meteor Team Leads review the policies and procedures and assign a Level of Assurance Meteor uses a centralized LDAP server to contain: –Public keys of all participants –Network status information (active, pending, suspended) –Contact Information Registry

14 Role of end user Social Security Number Authentication Process ID Level of Assurance Opaque ID Additional SAML Assertion Attributes

15 Current Status 1 Index Provider 23 Data Providers 14 Access Providers Continue to monitor the development of XML, transport and authentication standards

16 Contact Information Adele Marsh (717) 720-2711 amarsh@aessuccess.org

Download ppt "State of e-Authentication in Higher Education August 20, 2004."

Similar presentations

The Role of the IRB An Institutional Review Board (IRB) is a review committee established to help protect the rights and welfare of human research subjects.

The Role of the IRB An Institutional Review Board (IRB) is a review committee established to help protect the rights and welfare of human research subjects.
Open Grid Forum 19 January 31, 2007 Chapel Hill, NC Stephen Langella Ohio State University Grid Authentication and Authorization with.

Open Grid Forum 19 January 31, 2007 Chapel Hill, NC Stephen Langella Ohio State University Grid Authentication and Authorization with.
Inter-Institutional Registration UNC Cause December 4, 2007.

Inter-Institutional Registration UNC Cause December 4, 2007.
Campus Based Authentication & The Project Presented By: Tim Cameron National Council of Higher Education Loan Programs.

Campus Based Authentication & The Project Presented By: Tim Cameron National Council of Higher Education Loan Programs.
5 th Annual Conference on Technology & Standards April 28 – 30, 2008 Hyatt Regency Washington on Capitol Hill www.PESC.org Electronic Data Exchange Standards.

5 th Annual Conference on Technology & Standards April 28 – 30, 2008 Hyatt Regency Washington on Capitol Hill Electronic Data Exchange Standards.
Summer 200811 IAVA1 NATIONAL INFORMATION ASSURANCE TRAINING STANDARD FOR SYSTEM ADMINISTRATORS (SA) Minimum.

Summer IAVA1 NATIONAL INFORMATION ASSURANCE TRAINING STANDARD FOR SYSTEM ADMINISTRATORS (SA) Minimum.
Grid Security Users, VOs, Sites OSG Collaboration Meeting University of Washington Bob Cowles August 23, 2006 Work supported.

Grid Security Users, VOs, Sites OSG Collaboration Meeting University of Washington Bob Cowles August 23, 2006 Work supported.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
Farm Business and Farm Household Survey Data Customized Data Summaries from ARMS for Statistical Analysis Philip Friend USDA ‘s Economic Research Service.

Farm Business and Farm Household Survey Data Customized Data Summaries from ARMS for Statistical Analysis Philip Friend USDA ‘s Economic Research Service.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.

1 eAuthentication in Higher Education Tim Bornholtz Session #47.
FARMINGTON AREA PUBLIC SCHOOLS SUMMER TECHNOLOGY ACADEMY AUGUST 18TH, 2010 Web 2.0 Tools.

FARMINGTON AREA PUBLIC SCHOOLS SUMMER TECHNOLOGY ACADEMY AUGUST 18TH, 2010 Web 2.0 Tools.
0-1 Team ?? Status Report (1 of 3) Client Contact –Point 1 –Point 2 Team Meetings –Point 1 –Point 2 Team Organization –Point 1 –Point 2 Team 1: Auraria.

0-1 Team ?? Status Report (1 of 3) Client Contact –Point 1 –Point 2 Team Meetings –Point 1 –Point 2 Team Organization –Point 1 –Point 2 Team 1: Auraria.
1 July 2005© 2005 University of Kent1 Seamless Integration of PERMIS and Shibboleth – Development of a Flexible PERMIS Authorisation Module for Shibboleth.

1 July 2005© 2005 University of Kent1 Seamless Integration of PERMIS and Shibboleth – Development of a Flexible PERMIS Authorisation Module for Shibboleth.
EAuthentication in Higher Education Tim Bornholtz Session 58.

EAuthentication in Higher Education Tim Bornholtz Session 58.
Extending Enterprise Authentication and Authorization in Higher Education: Building on the Success of Project Meteor.

Extending Enterprise Authentication and Authorization in Higher Education: Building on the Success of Project Meteor.
InCommon Policy Conference April 2005. 2 Uses  In order to encourage and facilitate legal music programs, a number of universities have contracted with.

InCommon Policy Conference April Uses  In order to encourage and facilitate legal music programs, a number of universities have contracted with.
Identity Management What is it? Why? Responsibilities? Bill Weems Academic Computing University of Texas Health Science Center at Houston.

Identity Management What is it? Why? Responsibilities? Bill Weems Academic Computing University of Texas Health Science Center at Houston.
Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.

Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.

Similar presentations

Ads by Google