1 / 7

InCommon Silver @ Michigan State

InCommon Silver @ Michigan State. Common Solutions Group, January 2011 Matt Kolb < mk@msu.edu >. Goals. Improve our Identity Management infrastructure Higher Levels of Assurance Better documentation of process and procedures Enable collaboration Build trust with external partners

zenia-chan
Download Presentation

InCommon Silver @ Michigan State

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. InCommon Silver @ Michigan State Common Solutions Group, January 2011 Matt Kolb <mk@msu.edu>

  2. Goals • Improve our Identity Management infrastructure • Higher Levels of Assurance • Better documentation of process and procedures • Enable collaboration • Build trust with external partners • Facilitate access to services

  3. Initial Challenges • Difficulty interpreting the Bronze/Silver Identity Assurance Profile (IAP) • Infrastructure incompatibility (password policy) • Sorely lacking: • Documentation • Policy • Scope • Taming wild provisioning processes • Where’s the killer app? (Motivation)

  4. Approach • Work with other institutions (CIC, etc) • Partner with campus stakeholders • Identify a subset of the population for Silver • Likely a pilot comprised of research faculty • Leverage our ID Office • Verification process • Credentialing • Investigating second credential (certificates) through iClass ID Cards

  5. Reasons for Hope • Flexible technical architecture • Solid person registry • MIT Kerberos • Shibboleth • ID Office • Created in Central IT, migrated existing physical and digital provisioning activities • Cross functional campus participation • Specifically strong commitment from Internal Audit • We’re not alone (CIC Partners)

  6. Future State • Assert LoA Silver through our Shibboleth Identity Provider (IdP) • Authentication-time calculated attribute • Continue to maintain a single IdP for all Levels of Assurance (we hope) • Implement multifactor Authentication • This puts us on a track for Gold (someday) • Silver credential provisioning through ID Office

  7. A Haiku; for InC Silver Spring of assurance collaboration the goal; Silver, together

More Related