1 / 14

Vetting, Proofing and Registration Authority

11/16/2007. Vetting, Proofing and Registration Authority. Participants. Masume Assaf , Office of international Programs Jason Gilham , University Outreach Paula Hamaty , University Outreach Tom Irwin , Commonwealth Campus Cindy Kellerman , HFS, ID+ Office. Steve Kellogg , ITS, AIT

una
Download Presentation

Vetting, Proofing and Registration Authority

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. 11/16/2007 Vetting, Proofing and Registration Authority

  2. Participants. Masume Assaf, Office of international Programs Jason Gilham, University Outreach Paula Hamaty, University Outreach Tom Irwin, Commonwealth Campus Cindy Kellerman, HFS, ID+ Office Steve Kellogg, ITS, AIT Linda Klimczyk, University Libraries Jerry Mihally, ITS, Digital Credential Services Steve Selfe, OHR Jim Smith, OPP Neal Vines, College of Ag Sci

  3. Objectives Develop our working definitions for VPRA Make specific recommendations wrt. VPRA policies, procedures and processes.

  4. Glossary Vetting: The process by which data is acquired on someone and, to the extent possible, the data is validated and/or verifired for authenticity. (Re-vetting) Proofing The act of aligning the data on record for someone to the actual person, most notably at the time of issuance of credentials.

  5. Glossary Credentialing: The act of issuing the token that will be used to establish the digital identity of someone to computer applications. Re-credentialing: The act of reissuing a token to a previously credentialed individual. eg. password reset, not just a password change

  6. Glossary Registration Authority: The organization that applies and executes the policies and procedures established by the institution to affect the collection and validation of end-user data and the issuance of credentials to end-users. Root RA

  7. Glossary Delegated Registration Authority: Appropriately authorized by the root RA to perform the duties of the RA to collect and validate information and issue credentials. Will only issue credentials to the loa that they are authorized.

  8. Glossary Person Registry: A single, authoritative system of record that defines all affiliates. Holds the digital profile of the person/affiliate

  9. Continuum of VPRA Elements to LOAs Vetting Data acquisition Data validation Proofing Local Remote

  10. Continuum of elements Credentialing and re-credentialing Local Remote

  11. Recommendations Establish a policy that restricts the use of Access Account userids to systems that only authenticate via PSU password store. Eliminate multiple passwords at Penn State Merge FPS and Access Accounts into one identity domain

  12. Recommendations Find another way to acknowledge adherence to policy. Eliminate sig stations and signature forms. Provide online mechanisms for acknowledging acceptance of policies or agreements. Provide a self-service password reset mechanism Probably lower LOA in the process.

  13. Recommendations Delegated RA will be certified to a certain LOA and only for specific affiliates With real consequences for noncompliance DRA's should go through a vetting and certification process which includes a formal/online training program. SecureID token should come under the purview of the Root Registration Authority

  14. Recommendations Limit the number of DRAs Make DRA's a role so that role is lost quickly if person changes jobs or leaves. Strengthen the I-9 Process

More Related