The Partnership Challenge Higher educations missions are realized

The Partnership Challenge • Higher education’s missions are realized in increasingly global, collaborative, online relationships – Higher educations’ digital collections, data, and resources – External services and resource partners • How many relationships do you manage? • How much time is spent on the differing, oneoff requirements for each partner? • How much risk do these one-off implementations bring to your network, to the control of private data? 1

The Partnership Solution Wouldn’t it be great if we could: • developed and implemented solutions that efficiently use our existing information infrastructures securely and safely • In. Common economizes the time and resources that otherwise would be spent on the differing “one off” requirements for each individual partner deal with each partner in the same way; saving time and reducing risk • In. Common maximizes security and privacy of personally identifiable/sensitive information • richer, easier to use, safer online experience for Penn State students, faculty, and staff. ” • securely and safely in such a way that we maintain control over the release of personal information for people • This is what federations are created to do 2

Identity Management Federations aka Access Management Federations • A definition of Federation: A collaboration of independent entities that give up a certain degree of autonomy to a central authority in pursuit of a common set of goals. • Identity Management Federations set common policies, technical interoperability criteria, and provide central services to establish and maintain trust (Central Authority) • Identity Management Federations enable scalable, trustworthy, secure online partnerships (Common Goals) 3

Federated Access in 30 seconds Online Resource 4. If attributes are acceptable, access is granted! 3. Authorization: Privacypreserving exchange of agreed upon attributes 2. Federation-based Trust exchange to verify partners and locations Attributes: Anonymous ID, Staff, Student, … Metadata, certificates, common attributes & meaning, federation registration authority, Shibboleth, pinch of magic 1. Authentication: Single-Sign -On to existing Home Institution 4

The Value of In. Common Broadly Put • Identity Providers (Home Institutions) control user accounts and the release of personal information • Online services get to focus maintaining online resources – and standards-based access controls to them – and not on user account management • Partners can quickly and securely deploy new collaborations and service relationships 5

The Value of In. Common Finely Put • Governance by a Representative Steering Committee – – • Legal Agreement – • In. Common issues server certificates to Participants for secure communications Standards for Policies and Practices – • In. Common verifies & aggregates security information for each participant’s servers, systems, and support contacts Certificate Authority – • In. Common verifies the identity of organizations and their delegated officers; Trusted Metadata – • Basic Responsibilities, Official Signatory and Establishment of Trust, Conflict and Dispute Resolution, Basic Protections Trust “Notary” – • Formulates policy and shared direction Ensures services meet business needs with appropriate security levels and legal requirements Establishes and communicate scalable operational standards and practices Establishes a common set of attributes and definitions How high is the bar? Right now, each Participant decides. Participants self-declare their practices to other Participants Technical Interoperability (Technical Advisory Committee) – In. Common defines shared attributes, standards (SAML), software (Shibboleth) 6

In. Common Governance Steering Committee Representative of Higher Ed & its Partners Direction Technical Advisory Committee Advice Nominations Committee Federation Operator & Business Office Candidate Approvals Internet 2 7

45 Current In. Common Participants Sponsored Partners (15) Higher Education (36) • • • • • • • • • Case Western Reserve University Clemson University Cornell University Dartmouth Duke University Florida State University Georgetown University Indiana University Miami University Michigan State University New York University Ohio University Penn State University Stanford University Stony Brook University SUNY Buffalo Texas A&M University The Ohio State University The University of Chicago The Johns Hopkins University of Alabama at Birmingham Uniuversity of California, Davis University of California, Irvine University of California, Los Angeles University of California, Merced University of California, Office of the President University of California, Riverside University of California, San Diego University of Maryland Baltimore County University of Maryland, Baltimore University of Rochester University of Southern California University of Virginia University of Washington University of Wisconsin - Madison • • • • Cdigix EBSCO Publishing Elsevier Science. Direct Houston Academy of Medicine - Texas Medical Center Library Internet 2 JSTOR Napster, LLC OCLC Ohio. Link - The Ohio Library & Information Network Protect. Network Ref. Works, LLC Symplicity Corporation Thomson Learning, Inc. Turnitin Web. Assign NEXT? • U. S. e. Authentication Federation and Agencies: – – – • NSF (Fast. Lane, …) NIH (Grants Administration, …) Dept. of Education (Student Financial Aid, …) Federations within the In. Common Federation – – University Systems Coalitions of Universities organized around Networks, Grids, others… 8