Internet2

close
Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

Your organization not listed? Create a local account to use Internet2 services.

Create SiteID

Blogs

TIER Security Focus

Mar 15, 2017, by Meredith Lovelace
Tags: TIER, Trust & Identity, Trust and Identity in Education and Research

Klara Jelinkova by Klara Jelinkova, VP & CIO of Rice University and Chair of the TIER Community Investor Council

Identity and Access Management (IAM) systems play an important role in assuring the security of applications provided either on campus on in the cloud. The TIER project provides both campus and external-campus federated IAM functionality. Because of the critical role these services play, it's extremely important that organizations have confidence in how campus-related and federation operations software are developed and tested.

With the evolving security and risk profile on campuses it is important that we build security deliverables into TIER. In response to this need, the TIER Security and Audit Working Group was formed in January 2016. Chaired by Helen Patton, CISO, The Ohio State University, the group was charged with identifying and reviewing security and audit standards and best practices for the TIER application suite, as well as the delivery of the TIER as a software as a service for higher education customers.

As of February, the working group has developed the following:

  • Focused analysis of the TIER development pipeline security testing to ensure there is vulnerability testing including the VMs and Docker containers
  • A security work plan for 2017 including best security practices in how campuses engage with TIER products

As you will find, this work is extremely important to ensure the development and implementation of TIER components addresses campus security requirements. Now we need the help of the security leads on campus to shape the deliverables and participate in these activities. To get involved please email
Helen Patton at patton.91 [at] osu.edu .

Thank you!