Internet2 is investigating a security incident involving a compromise to a confluence server that affected https://spaces.at.internet2.edu on April 10, 2019, which was successfully mitigated on April 12, 2019. If you did not receive an email from us, it’s unlikely that any of the content you submitted to the Internet2 Spaces Wiki needs to be re-entered. We apologize for any inconvenience this may have caused. Should you have any questions or require further assistance, please email collaboration-support@internet2.edu.
Child pages
  • Proof of Concept - Phase Descriptions
Skip to end of metadata
Go to start of metadata

Phase 1 – Technical Demonstration LoA 1

Assumptions

-    Will not use production data or live transactions
-    Function as a tool to discuss architecture, workflow, and business models
-    Each participating organization prototypes their part of the flow
-    Develop wire frame to discuss usability and subsequent technical model
-    Develop proof of concept once phase 1 wire frame is completed

Goals

-    Prospect-driven relationships and service requests
-    Service Providers manage the account set up with AdmitMe behind the scenes based on the opt in by the student
-    Prospect ease of use
-    Authn done by AdmitMe or Service Organization being accessed
-    Simulate LoA 1 registration authority

Use Cases

New User at a Registration Authority (RA): Prospect accesses Service Organization 1 (SO1) and gives them identity information to receive that service. SO1, an approved registration authority for the AdmitMe Network, asks prospect to create account. Prospect provides userid/password and clicks on Create AdmitMe Authentication Account. SO1/RA communicates with Admit Me in the background and does matching to ensure no duplications. SO1/RA returns success re: new credentials. Authentication information is sent to the user via email to verify new account.

Registered-AdmitMe User Authentication: Prospect can authenticate with AdmitMe credentials to access an AdmitMe Service Organization service.

Registered AdmitMe User Attribute Aggregation: Prospect authenticates with AdmitMe credentials at SO2 and requests a new service. SO2 queries RA/SP1 for users identity information to populate their online form and user then supplies the remaining information required by SP2 to access the service.

Phase 2: Technical Demonstration LoA 2

  • No labels