incommon silver @ michigan state common solutions group, january 2011 matt kolb [email protected]
TRANSCRIPT
InCommon Silver @ Michigan State
Common Solutions Group, January 2011Matt Kolb <[email protected]>
Goals
Improve our Identity Management infrastructure Higher Levels of Assurance Better documentation of process and procedures
Enable collaboration Build trust with external partners Facilitate access to services
Initial Challenges
Difficulty interpreting the Bronze/Silver Identity Assurance Profile (IAP)
Infrastructure incompatibility (password policy)
Sorely lacking: Documentation Policy
Scope Taming wild provisioning processes
Where’s the killer app? (Motivation)
Approach
Work with other institutions (CIC, etc) Partner with campus stakeholders Identify a subset of the population for Silver Likely a pilot comprised of research faculty
Leverage our ID Office Verification process Credentialing
Investigating second credential (certificates) through iClass ID Cards
Reasons for Hope Flexible technical architecture
Solid person registry MIT Kerberos Shibboleth
ID Office Created in Central IT, migrated existing physical and digital provisioning activities
Cross functional campus participation Specifically strong commitment from Internal Audit
We’re not alone (CIC Partners)
Future State
Assert LoA Silver through our Shibboleth Identity Provider (IdP) Authentication-time calculated attribute
Continue to maintain a single IdP for all Levels of Assurance (we hope)
Implement multifactor Authentication This puts us on a track for Gold (someday)
Silver credential provisioning through ID Office
A Haiku; for InC Silver
Spring of assurancecollaboration the goal;Silver, together