Trust, Identity & Middleware
Collaborative to the Core
Participating in a deeply collaborative community has allowed Internet2 institutions to collectively achieve much more than they could on their own. The Internet2is a compelling case in point. It has focused on developing interoperable identity and access management infrastructures for research and higher education to ensure the right people access the right services at the right time. In the past, this was implemented system by system with duplicate identity data distributed across campus. Adding another service required adding the identity infrastructure to go with it, as well as the associated management functions, duplication of effort (and duplication of data), and the distributed security issues.
Under the Internet2 identity and access management model, each system or application leverages the same identity and access infrastructure. This greatly simplifies the management and maintenance of identity data. When each system—student information, human resources, course management—has its own identity data, you end up with duplicate identity information distributed across campus.
Whether it’s accelerating research discoveries or helping higher education institutions more efficiently, securely and cost-effectively manage operational processes and deliver education in completely new ways, member success drives everything we do at Internet2.
Internet2's InCommon operates the identity trust federation for U.S. research and education, allowing for a secure and privacy-preserving trust fabric to enable the sharing of protected resources, and offering users single sign-on convenience.
The InCommon Certificate Service provides U.S. higher education with unlimited certificates for one fixed annual fee, including SSL, extended validation, client (personal), and code signing certificates.
The InCommon Assurance Program certifies campuses and non-profit sponsored partners and research organizations that meet the requirements of the InCommon Bronze and Silver assurance profiles (which are comparable to the NIST Levels of Assurance 1 and 2). These practices determine the confidence in the accuracy of a user's electronic identity and help mitigate risk for the service provider.
The InCommon Multifactor Authentication Program provides affordable solutions for various methods of achieving the additional security offered through using additional factors of authentication.
An open-source project that provides single sign-on capabilities and allows sites to make informed authorization decisions for the individual access of protected online resources in a privacy-preserving manner.
Handles groups and access management across applications and tracks information such as campus affiliations or roles.
COmanage (Collaborative Organization Management) is a software platform that allows collaborative groups to streamline and manage the identity-oriented requirements of common collaboration tools.
eduPerson and eduOrg are LDAP schema designed to include widely-used person and organizational attributes in higher education.
MACE administers the Uniform Resource Name (URN) Registry and the
Object Identifier (OID) Registry.