Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

Your organization not listed? Create a local account to use Internet2 services.

Create SiteID

TIER Newsletter - June 2016

Welcome to the TIER June Newsletter

Welcome to the TIER (Trust and Identity in Education and Research) Newsletter for June. The purpose of this e-newsletter is to keep you informed on what's happening in the TIER project.

About TIER

TIER is a community-initiated effort, coordinated by Internet2, to develop a consistent, rationalized approach to identity and access management that simplifies campus processes and advances inter-institutional collaboration and research. TIER is both an open source toolset and a campus practice set.

From the TIER Community Investor Council:
Common Principles, Sustainability Key to TIER Success

By Klara Jelinkova, VP & CIO, Rice University and Chair, TIER Community Investor Council

Before I talk about TIER, I want to add my congratulations to Scott Cantor (pictured below), who GÉANT recently honored with its 2016 Community Award (you can read the details in the GÉANT announcement and this Internet2 blog).

Scott’s contributions to our community are immeasurable; it is rewarding to see an acknowledgement of this from our friends and colleagues in Europe.

The recent 2016 Internet2 Global Summit in Chicago provided an opportunity for the many community members and Internet2 staff involved with TIER to gather, discuss the first release, and plan for the next steps. More broadly, there was the opportunity to understand the direction for the new Internet2 Trust and Identity portfolio, which is under the leadership of Vice President Kevin Morooney.

Read the full blog here.

TIER Contributors Profile: Tom Jordan, James Babb & Jon Miner, UW-Madison

This month, we focus on a trio of TIERcommunity members from the University of Wisconsin-Madison  - Tom Jordan, James Babb and Jon Miner (pictured below) - who have contributed to development efforts across the TIER API, Entity Registry and Packaging working groups. Read the full blog here.

TIER Developers and Working Group Members Meet Face-to-Face in Chicago

A month after the first release of the TIERsoftware, TIER developers and working group members participated in a productive face-to-face meeting the day after the Internet2 Global Summit in Chicago. 

The May 19 meeting included 35 participants representing campuses, regional networks, industry partners, and Internet2 staff. 

“The TIER meeting was a great opportunity to meet and work together face-to-face with members of all of the teams involved in the TIER project,” said Harry Samuels, Northwestern University. “I was especially struck by the deep expertise that has been brought together for this project and re-charged by the experience.” 

Read more about the May TIER meeting and see photos here.

Working Groups Updates

  • TIER Packaging  - The TIER Packaging Working Group, chaired by Jim Jokl, University of Virginia, has recently focused on evaluating tests of TIER Release 1 as well as feedback from community members who have deployed the release. If you have tested any of the components, please find the time to submit a feedback form. The results received to date on Release 1 have been used to reprioritize and document many changes for the next set of component package builds. Other areas of recent activity include work in the component usability space to specify needs for a campus metadata management tool and embarking on the process to specify high availability (HA) capacity for TIER, beginning with the formation of a subgroup to focus on requirements for this area. 
  • TIER Data Structures and APIs  - After some discussion on open source solutions for account provisioning and other ongoing management needs, the Data Structures and APIs Working Group is investigating leveraging Grouper’s capacity for provisioning and access management. This will build on previous efforts by the MACE-Paccman Working Group (co-chaired by Tom Dopirak, Carnegie Mellon University, and Keith Hazelton, University of Wisconsin-Madison), as well as new work being led by Bill Thompson and others at Lafayette College. The working group is also forging ahead on crafting additional TIER-conformant Grouper APIs.
  • TIER Registries - The TIER Entity Registry Working Group, co-chaired by Warren Curry (University of Florida) and Benn Oshrin (Spherical Cow Group), has been investigating the viability of using midPoint, an open source tool from Evolveum, for entity registry and provisioning functionality. The group is working on the specification for a “Demonstration Sandbox” of TIER IAM infrastructure that would follow individuals from arrival on campus through accessing a learning management system. The use case begins with the arrival on campus of a new student and a new hire, recording their basic demographic and affiliation information in the core entity registry, and running an identity match process to determine if the person is already in the registry. After being provided with credentials and provisioned into LDAP with appropriate affiliation groups from Grouper, the final step is for the student and faculty member to access a learning management system (using the Shibboleth-backed Web single sign-on) and being directed to pages appropriate to their affiliations. This proof-of-concept is the simplest possible first iteration of an integrated TIER package. Each subsequent iteration will add functionality, provide additional flexibility, and become more production-ready.
  • TIER Security and Audit  - The TIER Security and Audit Working Group, chaired by Helen Patton (The Ohio State University), is updating best practices for a secure development process, which will be presented to developers for additional refinement. Also, group member Richard Biever is leading the development of a threat assessment of TIER with the goal of sharing the findings with the developers and leadership.  
  • TIER Component Architects - The TIER Component Architects Group holds regular meetings, which focus on alignment of TIER processes, including the common core of technology platforms and tools. Steve Zoppi (Internet2) leads the group. Component architects include Scott Cantor, Ohio State University (Shibboleth); Chris Hyzer, University of Pennsylvania (Grouper); Benn Oshrin, Spherical Cow Group (COmanage); Ken Klingenstein, Internet2 (Consent); and Nick Roy, Internet2 (InCommon). TIER working group chairs: Keith Hazelton, University of Wisconsin at Madison leads APIs and Data Structures; Warren Curry, University of Florida, co-chair with Benn Oshrin in Entity Registry Work; Helen Patton, The Ohio State University, leads Security and Audit; Ken Klingenstein, Internet2 leads consent; Nick Roy, Internet2, InCommon Federation; and key participants from these areas and more also join the calls.  Recent discussions have centered on information sharing by TIER working group chairs, default configurations for the TIER deliverables, instrumentation (long and short term) for management, quality and performance, and TIERresourcing issues.

TIER-Related Events

IAM Online July 13: Grouper Access Management Case Studies 

The next IAM Online webinar will feature campus case studies on the use of the Grouper Enterprise Access Management system, along with an update from the Grouper team. You can tune in July 13 at 2 pm ET. IAM Online is a monthly webinar produced by InCommon and sponsored by Internet2 and the EDUCAUSE Higher Education Information Security Council.

TIER at Internet2 Technology Exchange in Miami

Plans are underway for TIER sessions and meetings at the 2016 Internet2 Technology Exchange in Miami, Sept. 25-29.
More details will be available in the July and August TIER Newsletters.

Find TIERResources

Stay Social with TIER

Twitter enthusiasts: follow #internet2TIER for latest news and follow @Internet2, @InCommonUS, Ann West @hawthornewestand Nick Roy @nckroyfor articles, updates and the latest on the TIERcommunity.


Follow us on Twitter

Like us on Facebook

Connect on LinkedIn

Key Internet2 identity initiatives are supported in part by National Science Foundation grants. For more information, see specific software sites.

Copyright © 2016 Internet2, All rights reserved.

How can I stay plugged in?

  • is for all general, non-technical discussions about TIER and may be used to contribute any thoughts about the direction or shape of TIER (open to everyone; authentication required).
  • generally focuses on the implementation goals and technologies required to make identity components work well within and across participating institutions. Although mainly of interest to technology architects and identity management professionals, the list is open to everyone (authentication required).
  • To subscribe to the lists and : Send an email to with the subject (case insensitive): subscribe <list-name>