Trust & Identity
The Internet2 Trust and Identity Infrastructure
View the 2017 Trust and Identity Accomplishments Report
Internet2 provides the community-built and community-driven trust and identity infrastructure that supports faculty and staff, researchers and scholars, and access to services across the U.S. and globally.
The Internet2 identity and access management model centers on InCommon, the identity management federation that provides the policy and technical backbone for secure interactions, and allows single sign-on convenience for individuals. Under this model, colleges and universities manage the identity infrastructure and provide access to services—such as collaboration tools, business applications, course management solutions, and others—in a secure and privacy-preserving way.
Internet2 also provides the TIER program (Trust and Identity in Education and Research). TIER is both an open-source toolset and a campus practice set. The TIER software includes a packaged suite of identity and access management components with ongoing development and a regular cadence of improvements and upgrades. In addition to providing software, the community collaborates on key practice sets needed to ensure interoperability, usability and cross-organizational trust and security. Important resources found on the wiki include the list of Trust and Identity working groups and the Trust and Identity Document Repository.
Our goal: ensuring that members of our community have access to the right services, at the right time, with the right protections and privacy considerations, while supporting easy collaboration globally.
The TIER software includes a packaged suite of identity and access management components and APIs with ongoing development and a regular cadence of improvements and upgrades. Built by and for the community, ongoing collaboration on key practice sets needed to ensure interoperability, usability and cross-organizational trust and security.
Internet2's InCommon operates the identity trust federation for U.S. research and education, allowing for a secure and privacy-preserving trust fabric to enable the sharing of protected resources, and offering users single sign-on convenience.
The InCommon Certificate Service provides U.S. higher education with unlimited certificates for one fixed annual fee, including SSL, extended validation, client (personal), and code signing certificates.
The InCommon Community Trust and Assurance Board (previously known as the Assurance Advisory Committee) has developed Baseline Expectations for Trust in Federation, to improve the security and interoperability of the InCommon Federatoin. The InCommon Assurance Program also certifies campuses and non-profit sponsored partners and research organizations that meet the requirements of the InCommon Bronze and Silver assurance profiles. These practices determine the confidence in the accuracy of a user's electronic identity and help mitigate risk for the service provider.
The InCommon Multifactor Authentication Program provides affordable solutions for various methods of achieving the additional security offered through using additional factors of authentication.
An open-source project that provides single sign-on capabilities and allows sites to make informed authorization decisions for the individual access of protected online resources in a privacy-preserving manner.
Handles groups and access management across applications and tracks information such as campus affiliations or roles.
COmanage (Collaborative Organization Management) is a software platform that allows collaborative groups to streamline and manage the identity-oriented requirements of common collaboration tools.
eduPerson and eduOrg are LDAP schema designed to include widely-used person and organizational attributes in higher education.
The eduroam service provides instant, authenticated and encrypted network access to the users of all participating institutions.
Internet2 administers the Uniform Resource Name (URN) Registry and the Object Identifier (OID) Registry.