Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID


TIER Working Groups Refine Work Plans for 2018

Feb 14, 2018, by Bill Kaufman
Tags: Recent Posts, TIER, TIER Software, Trust & Identity, Trust and Identity in Education and Research

Logos of Internet2 and TIER (Trust and Identity in Research and Education) program This year marks the completion of phase 1 of the software component development and ramp-down of the campus-investor development funding for the Trust and Identity in Education and Research (TIER) program. The TIER working groups are identifying and prioritizing their work, focusing on issues related to sustainability and ease of adoption.

The TIER components are currently available as virtual machine images. The Shibboleth Identity Provider is also available in a Docker container and optimally configured for use in the InCommon Federation. By the end of 2018, all TIER components will be container-based applications.

The document, TIER Accomplishments by Thematic Groups, provides the state of the software components and remaining planned activities for 2018. Highlights include:

  • smooth runtime integration and mapping between SAML and OpenID/OAuth protected services
  • midPoint registry flows developed, installed and configured
  • finalize packaging for all components (Grouper, COmanage, Shibboleth IdP, and midPoint)

Toward the end of 2017, the working groups and TIER developers compared the initial key requirements of TIER with the progress made to date. They then identified the necessary projects and deliverables needed in 2018 to meet the requirements. The work includes involvement with the TIER Campus Success Program schools as they adopt TIER components and practices.

The work on tap for 2018 includes:

  • Defining SoR (System of Record) to registry data flows and use cases for identity on-boarding
  • Creating recipes for event-driven services and messaging using RabbitMQ and AMQP
  • The adoption of midPoint into the TIER architecture including integration with COmanage, Grouper, and widely-used applications such as Banner
  • The incorporation of an identity matching service (ID Match) to disambiguate new and/or existing identities
  • The development of the next update to the Grouper Deployment Guide including:
    • A Grouper security model
    • Account policy groups
    • Grouper training environment
  • Finalization of an initial set of schema specifications using OpenAPI 3.0 Schema model(s)
  • Updated and refined containers and configurations for Shibboleth, Grouper, COmanage and midPoint
  • A new Shibboleth graphical user interface (GUI) for ease of configuration and management of metadata

This is not an exhaustive list, however, it is intended to illustrate the key activities the TIER Working Groups believe will lead to a sustainable set of software tools and practices.

Working together with and supporting the TIER Campus Success schools is hoped to expand the set of examples and artifacts available to others as they begin their adoption plans.