Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID


Supporting Researchers: Enterprise Identity Provider Operators Share Success Stories and Lessons Learned at Upcoming TechEX 2018

Oct 09, 2018, by Sara Aly
Tags: 2018 Technology Exchange, Frontpage News, Higher Education, Identity Federation, InCommon, InCommon Assurance Program, InCommon Certificate Service, InCommon Federation, InCommon Multifactor Authentication, InCommon Participant, Internet2 Member, Recent Posts, Research, Trust & Identity

By Chris Spadanuda, associate director for enterprise services at the University of Wisconsin–Milwaukee

Many of us find that researchers are unaware that Identity Federation services exist to make their work easier by enabling seamless, faster, and better collaboration. As Identity Provider (IdP) Operators, how do we engage our research communities? How do we help them understand Identity Federation and the benefits it can bring? What types of outreach can we do?

The constraints on our time as operational staff are great. We need to maintain critical enterprise services, ensure systems are secure and compliant, complete application onboarding projects, and juggle other priorities that aren’t always related to the institution’s research mission. 

IdP operators can help the research communities at our institutions in many ways. For example, we can join the InCommon Federation, if not already a member. We can introduce and reinforce the use of the Research and Scholarship (R&S) Category which supports virtual organizations and other collaborative activities through the release of a minimal set of attributes designed to be simpler and more scalable than releasing attributes to individual service providers. This is a time saver for both of us as IdP operators and the communities we serve. 

We can also help research collaborations by implementing SIRTFI, the Security Incident Response Trust Framework for Federated Identity. This is a set of assertions that an organization can make to coordinate incident response across federated organizations, thus increasing the level of trust of your organization. 

The InCommon Baseline Expectations are also a very important key to increasing assurance and trust levels within the federation. They set a minimum requirement for how we operate within the InCommon Federation. 

One of the most important ways we can help our researchers is through outreach. We need campus partners to know what resources are available to them. We need them to understand that there are solutions to the issues they are experiencing. Educational outreach activities can solve this problem by communicating the benefits of federated identities. 

We can enlist the help of others, such as campus champions, research deans, and campus leadership to help promote the utilization of federated identities. A recent paper by the group Federated Identity Management for Research (FIM4R) outlines specific examples and ways we can improve federated identity management and engagement.

I would like to encourage you to attend the TechEx 2018 session "Why Should Enterprise IdP Operators Care About Federation and Research?” on Tuesday, October 16 at 1:40 p.m. ET. The session will focus on why IdP Operators should care about research and how they can increase the knowledge and benefits of federation within their institutions. 

My colleagues — David Kelsey from GÉANT, Bradley Beddoes from AARNet, Dana Brunson from Oklahoma State University, Thomas Jordan from the University of Wisconsin-Madison — and I will share our success stories and lessons learned. We welcome you to join us for this exciting conversation!