1

Leveraging Your Existing Campus Systems to Access  Resource Partners:

Federated Identity Management and Tales of Campus  Participation

Clair Goldsmith, Ph.D.

The University of Texas System Administration

&

Barry Ribbeck

Rice University

2

Identity Management FederationsAccess Management Federations

• Definition: A collaboration of independent entities that give up a certain degree of autonomy in pursuit of a a common set of goals that create a federation.

• Federations enable scalable, trustworthy, secure online partnerships.

• Federations set common policies, technical interoperability criteria, and provides central services to establish and maintain trust.

• Participants use existing identity management infrastructure for inter-institutional collaborations.

3

“To meet the increasing campus demand for using external applications and online resources, we developed and implemented solutions that efficiently use our existing information infrastructures securely and safely in such a way that we maintain control over the release of personal information for people at Penn State.

InCommon is a vitally important part of this infrastructure and helps put us in a position to provide a richer, easier to use, safer online experience for Penn State students, faculty, and staff.”

-Kevin Morooney

The Purpose for Federated Access within Higher Education

4

The Partnership Challenge

• Just like faculty and staff members, institutions have partners.

• Many of these partnerships revolve around sharing/using online resources.

• How many relationships do you manage?• How much time is spent on the differing

requirements for each partner?• How much risk do these relationships bring to

your network?

5

The Partnership ChallengeHigher education’s missions are realized in

increasingly collaborative relationships globally– Higher educations’ digital collections, data, and

resources– Commercial service and resource partners

• InCommon economizes the time and resources that otherwise would be spent on the differing “one off” requirements for each individual partner

• InCommon maximizes security and privacy of personally identifiable/sensitive information

• Users are not burdened by load times of log-in credentials

6

The Partnership Solution

• Wouldn't it be great if you were able to deal with each partner in the same way; saving time and reducing risk, all at once?

• This is what federations are created to do

7

Attributes: Anonymous ID, Staff, Student, …

Online Resource

Federated Access in 30 seconds

1. Single Sign On : Log In to existing home system

2. Federation-based Trust Exchange to establish and verify partners & locations

3. Privacy preserving exchange

Home Institution

metadata, certificates, common attributes & meaning, federation registration authority, Shibboleth, pinch of magic

4. If attributes are acceptable, Access is granted!

8

Why is Governance Needed?

• Oversight and Conflict Resolution• Establish and manage trust agreements• Determine direction and formulate policy• Ensure services meet business needs while

maintaining the appropriate security and compliance with legal requirements

• Establish and communicate scalable operational standards and processes

9

What is the Alternative?

• Collection of one-to-one agreements

• Conflicting agendas and no common goal

• No technology standards. One-off implementations for every application. Inconsistency in operating practices.

• No assurance of appropriate security and compliance with legal requirements

10

Federation Governance Models

Homogeneous Institutions• Operating Standards and

Practices may vary from institution to institution, but…

• Governance policies should be relatively consistent, and…

• Legal requirements should be similar if not the same

Considerations• Governance may be

more tightly structured

• Governance through Executive Committees or Governing Boards

• Key executives make decisions

11

Federation Governance Models (cont.)

Diverse Institutions• Operating Standards and

Practices vary from institution to institution, and…

• Governance policies are not consistent, and…

• No formal authority to force a decision, and…

• Legal requirements may not be similar at all.

Considerations• Governance may be

more loosely organized

• Reliance on advisory groups to formulate recommendations

• Guidance through Steering Committees

• Collegiality as opposed to strong governance

12

• The most common examples are:

Governance Models in Shibboleth Federations

Diverse Homogeneous

TestShib InCommon UT System U.S. EAF

13

Where Does The University of Texas System Fit?

• Homogeneous• Share a common

Mission• Same governance

body and consistent governance policies

• Same legal requirements

• And Also Diverse• Significant differences

in size and budgets• Significant differences

in culture• Institutions enjoy

considerable autonomy

• 16 “stovepipes”

16 Institutions16 Institutions• 9 General Academic institutions9 General Academic institutions• 6 Health institutions6 Health institutions• 1 System Administration1 System Administration

14

Where Does InCommon Fit?

• Homogeneous• Share a broad

common Mission• Governance only wrt

inter-institutional collaboration (InCommon)

• Legal requirements are similar for specific federation use

• And Also Diverse• Size & Budgets• For Profit, Non-Profit• Bi-lateral agreements

also govern collaborations

• Autonomy: Policy and Practices are “Post and Tell” – Descriptive rather than Prescriptive

45 Participants45 Participants• 31 General Academic institutions31 General Academic institutions• 13 Online Service Partners13 Online Service Partners• 1 Independent Identity Management Partner1 Independent Identity Management Partner

15

Internet2Internet2

InCommon Governance

FederationBusiness

& Operations

FederationBusiness

& Operations

TechnicalAdvisory

Committee

TechnicalAdvisory

Committee

NominationsCommittee

NominationsCommittee

Steering CommitteeRepresentative

of Higher Ed & its Partners

Steering CommitteeRepresentative

of Higher Ed & its Partners

Directio

nD

irection

Directio

nD

irection

CandidateApprovals

AdviceAdvice

16

InCommon Trust Fabric• InCommon verifies the identity of all participating

organizations and issues server certificates for secure communication

• Participants agree to the Federation operational principals and share among themselves their own resource and identity management operational principals

• Each resource manages access based on the agreed-upon user identity attributes

• Each home organization manages user accounts and the release of personal information(identity and privacy management)

17

The Value of InCommon

• Scalability– InCommon is the trust broker

• InCommon verifies the identity of organizations and their delegated officers;

– Metadata• InCommon aggregates trusted information pointing to each participant’s

servers, systems, and technical contacts;

– Certificate Authority• InCommon issues participant server certificates

– Technical Interoperability• InCommon defines shared attributes, software, operational policies

• Personal Information remains under the control of the home organization

• Resource providers can focus on standards-based access controls and not on account management

18

45 Current InCommon Participants• Case Western Reserve University• Clemson University• Cornell University• Dartmouth• Duke University• Florida State University• Georgetown University• Miami University• New York University• Ohio University• Penn State• Stanford University• Stony Brook University• SUNY Buffalo• The Ohio State University• The University of Chicago• University of Alabama at Birmingham• University of California, Irvine• University of California, Los Angeles• University of California, Merced• University of California, Office of the President• University of California, Riverside• University of California, San Diego• University of Maryland• University of Maryland Baltimore County• University of Maryland, Baltimore• University of Rochester• University of Southern California• University of Virginia• University of Washington• University of Wisconsin - Madison

• Cdigix• EBSCO Publishing• Elsevier ScienceDirect• Houston Academy of Medicine - Texas Medical

Center Library• Internet2• JSTOR• Napster, LLC• OCLC• OhioLink - The Ohio Library & Information Network• ProtectNetwork• Symplicity Corporation• Thomson Learning, Inc.• Turnitin• WebAssign

Higher Education (31) Sponsored Partners (14)

19

Houston Academy of MedicineTexas Medical Center Library

• Located in Houston

• Not a typical higher education library

• Shared resources between 44+ institutions

• Operated independent of schools

• Resource for medical schools, health sciences schools, hospitals, medical researchers and providers

20

NMI-EDIT ETR Grant

• RFP – do something useful with federating technology

• Context: Library serves as an identity provider for 44+ institutions for access to online digital content

• Problem: Access is based on loose coupling of individuals to an institution

• Managing appropriate access is difficult

21

Scenario

• Employee of one of the 44+ institutions is issued a credential for online access to digital resources.

• Employee leaves the TMC institution • Library credential looses value and is

compromised• Content provider’s resources become

compromised • Very difficult for the Library to track down the

user

22

Diagnosis

• Library credential is vulnerable to attack• Credential has little value to the owner and is

therefore commonly shared• Very low probability of maintaining the link

between the credential and the rightful owner (LOW LOA)

• Overhead to track down and resolve compromises is outside of the resources and scope of the library, but must be done to honor their contract.

23

Resolution

• The largest contributors and users of the library are 3 higher education institutions. Each of these institutions performs identity management by issuing, managing and revoking electronic credentials to their employees and students.

• Why not leverage these resources using federated technology.

24

ETR Grant Pilot

• Employ Sibboleth Resource (EZProxy) to front the online web based digital resources.

• Install a Shibboleth IdP to manage the small number of credentials not managed via institutions using federated access.

• Leverage the institutional credentials of the largest library members to grant access.

25

Parts

• 4 new servers

• Library Joins InCommon

• Demonstration: Pilot included a demonstration of access to the HAM-TMC Library resources from UTHSC, Baylor CoM, UT Systems and Brown University.

• Presentation to the Library Director.

26

Where are we now

• Federations – InCommon and UT Fed

• FOO?

• Production planning

• How will Federations Federate?

• Proof of concept for FOO

• Participants: TBD

27

Next for InCommon

• Federation Partnering: Inter-Federating– US Govt eAuthentication Federation

• Raising the bar: higher levels of trust• Mapping to federal levels of assurance

1 and 2

• InCommon Bronze (L1)• InCommon Silver (L2)

– Other Federations: Federal Agencies, State Federations, Countries, …