Trust, Identity & Middleware
Trust and Identity in Education and Research: Collaborative to the Core
Participating in a deeply collaborative community has allowed Internet2 institutions to collectively achieve much more than they could on their own. Internet2’s Trust and Identity in Education and Research (TIER) initiative encompasses the growing ecosystem of federated identity through the community's InCommon Federation service and open-source software development designed to provide technologies to support access, collaboration, and interoperable identity management infrastructures for the research and higher education communities. Our goal: ensuring that members of our community have access to the right services, at the right time, with the right protections and privacy considerations, while supporting easy collaboration globally.
Under the Internet2 identity and access management model, each system or application leverages the same identity and access infrastructure. This greatly simplifies the management and maintenance of identity data. When each system—student information, human resources, course management—has its own identity data, you end up with duplicate identity information distributed across campus.
Whether it’s accelerating research discoveries or helping higher education institutions more efficiently, securely and cost-effectively manage operational processes and deliver education in completely new ways, member success drives everything we do at Internet2.
Internet2's InCommon operates the identity trust federation for U.S. research and education, allowing for a secure and privacy-preserving trust fabric to enable the sharing of protected resources, and offering users single sign-on convenience.
The InCommon Certificate Service provides U.S. higher education with unlimited certificates for one fixed annual fee, including SSL, extended validation, client (personal), and code signing certificates.
The InCommon Assurance Program certifies campuses and non-profit sponsored partners and research organizations that meet the requirements of the InCommon Bronze and Silver assurance profiles (which are comparable to the NIST Levels of Assurance 1 and 2). These practices determine the confidence in the accuracy of a user's electronic identity and help mitigate risk for the service provider.
The InCommon Multifactor Authentication Program provides affordable solutions for various methods of achieving the additional security offered through using additional factors of authentication.
An open-source project that provides single sign-on capabilities and allows sites to make informed authorization decisions for the individual access of protected online resources in a privacy-preserving manner.
Handles groups and access management across applications and tracks information such as campus affiliations or roles.
COmanage (Collaborative Organization Management) is a software platform that allows collaborative groups to streamline and manage the identity-oriented requirements of common collaboration tools.
eduPerson and eduOrg are LDAP schema designed to include widely-used person and organizational attributes in higher education.
MACE administers the Uniform Resource Name (URN) Registry and the Object Identifier (OID) Registry.