The InCommon Federation has released a pre-production test version of a new Discovery Service for federation participants. The InCommon Discovery Service will eventually replace the InCommon WAYF, providing compatibility with SAML V2.0 and Shibboleth 2.x, along with increased flexibility, privacy and security. Here is the projected timeline:
- Mon, Nov 30, 2010 - Pre-production Discovery Service released
- Wed, Dec 15, 2010 - Production Discovery Service released
- Wed, Feb 2, 2011 - Redirect from the WAYF to the Discovery Service
Once the redirect from the WAYF to the Discovery Service is installed (projected for Feb. 2), we will discontinue support for the InCommon WAYF. There is an FAQ on the InCommon Collaborate wiki, which includes details on configuring a Shibboleth SP to use the InCommon Discovery Service instead of the InCommon WAYF. https://spaces.at.internet2.edu/x/FgEFAQ
InCommon is seeking comments on the new InCommon Discovery Service, both from a usability standpoint and from an aesthetic viewpoint. The production version of the InCommon Discovery Service will be based on community feedback received during this pre-production test phase. Please send any comments or suggestions (by Dec. 10, 2010) to firstname.lastname@example.org.
Information about the InCommon Discovery Service, including a FAQ: https://spaces.at.internet2.edu/x/FgEFAQ
Testing the InCommon Discovery Service: https://service1.internet2.edu/test
Send comments and feedback to: email@example.com
IAM Online - Thursday, December 9, 2010
1 p.m. EST / Noon CST / 11 a.m. MST / 10 a.m. PST
Federated Access to Science Services and Infrastructures
Increasingly, virtual organizations (VOs) of scientists are collaborating across organizational boundaries, using large-scale cyberinfrastructure and hosted cloud services. For small- and medium-size VOs, the adoption burden is high to leverage such resources and enable secure access. This IAM Online will look at work being done to enable federated access to these services and infrastructures, and lower the barriers for such adoption.
Rachana Ananthakrishnan will present Globus Online, a fast, reliable and secure data movement service, hosted in the cloud, with a fire-and-forget ease of use for the scientists to manage their data transfer and sharing needs. Jim Basney will present cilogon.org, a service that uses federated authentication to provide certificates for access to cyberinfrastructure.
Rachana Ananthakrishnan, Principal Software Development Specialist, Argonne National Lab/University of Chicago
Jim Basney, Senior Research Scientist, National Center for Supercomputing Applications, University of Illinois
Tom Barton, Sr. Dir., IT Architecture and Integration, University of Chicago
We use Adobe Connect for slide sharing and audio: http://internet2.acrobat.com/iam-online.
For more details, see www.incommon.org/iamonline.
ABOUT IAM Online
IAM Online is a monthly online education series including essentials of federated identity management, hot topics from the EDUCAUSE Identity and Access Management Working Group, and emerging topics in IAM. Experts provide overviews, answer questions and lead discussions. IAM is brought to you by InCommon in cooperation with Internet2 and the EDUCAUSE Identity and Access Management Working Group.
At each Internet2 Fall Member Meeting, InCommon sponsors the InCommon Forum, as a place for participants to gather, learn the latest from InCommon, and discuss issues of interest or concern to the community.
At the 2010 Internet2 Fall Member Meeting, the forum was split in two - with separate technical and policy sessions. Notes from both the policy session and the technical session are available (both are PDF files). Notes from past forums, the semi-annual InCommon Update, case studies, slide decks, and more are also available on the InCommon Collaborate wiki.
Important documentation regarding the use of X.509 certificates in Federation metadata has been updated and expanded. In particular, a new document on certificate migration within the InCommon Federation describes how to systematically replace an old certificate with a new certificate in metadata. This is especially useful in the case of expired certificates, which often cause interoperability issues with other software. InCommon recommends that you plan ahead and migrate to
an unexpired certificate well ahead of your certificate's expiration date.
This information is part of InCommon's Technical Guide, located on the InCommon Collaborate wiki, that also includes such information as software configuration, technical profiles, and updates to InCommon operations.
InCommon News - November 3, 2010
In This Issue:
- InCommon Now Serves 5 Million on U.S. Campuses
- InCommon Library Collaboration Recommends Shib/EZproxy Hybrid
- Making the Case to Service Providers
- InCommon Expands Accreditation Options
- Cert Service Attracts 64 Campuses
- Shibboleth Workshop Series November 9-10
- New Participants
InCommon Serves 5 Million on U.S. Campuses
The InCommon Federation has achieved a milestone - its community now includes more than 5 million end users. The federation has 259 participating organizations - an increase of 30 percent since January 1 - including colleges and universities, research labs, agencies of the U.S. government, and private companies that offer web-based resources and services. See the full story at https://spaces.at.internet2.edu/x/EAMFAQ
Library Collaboration Recommends Shibboleth/EZproxy Hybrid
The InCommon Library Collaboration has released its recommendation for libraries that wish to move away from IP-based access to protected resources and have more fine-grain control of access. The collaboration has recommended a Shibboleth/EZproxy hybrid and has developed a number of resources for libraries to use to explore this option. Details are available at www.incommon.org/library
Making the Case to Service Providers
InCommon has just released a web page designed to make the value proposition for service providers, including cost savings, standardizing interactions with clients, improved security and privacy, and simplified operations. The page also includes links to additional resources of interest to service providers. Feedback is always welcome, including recommendations for additional resources or reasons for joining (email firstname.lastname@example.org). See the page at www.incommon.org/partners.
A new related page also collects information of use for higher education institutions working with vendors, including sample language for RFPs and contracts, is at http://www.incommonfederation.org/partners/working_sp.html
InCommon Expands Accreditation Options
A greater diversity of colleges and universities are eligible to join the InCommon Federation and benefit from single sign-on secure access to dozens of third-party services. InCommon has announced that it now recognizes accreditation from a much larger range of accreditation agencies - all recognized by the U.S. Department of Education. For details, visit https://spaces.at.internet2.edu/x/xIb8
Cert Service Attracts 64 Campuses
The InCommon Cert Service has 64 subscribing campuses, as of October 31, 2010. The service provides unlimited SSL certs and, soon, will offer unlimited personal certs. Details are available at www.incommon.org/cert
Shibboleth Workshop Series November 9-10
The Shibboleth Workshop Series will offer one-day training sessions for installing, configuring, and running the identity provider and service provider packages. The IdP training will take place November 9, with the SP training on November 10. Both sessions will take place at Lafayette College in Easton, Pennsylvania. For details, including technical requirements and costs, visit www.incommon.org/educate/shibboleth.
New Participants in October
InCommon added eight participants in September and now has 259 participants (up from 199 at the beginning of 2010). These are the participants that joined in October.
- Boise State University (www.boisestate.edu)
- Florida International Unviersity (www.fiu.edu)
- Fort Lewis College (explore.fortlewis.edu)
- Ohio Northern University (www.onu.edu)
- University of Massachusetts Boston (www.umb.edu)
Government and Non-Profit Laboratories
- Fermi National Accelerator Laboratory (www.fnal.gov)
- HighWire Press (www.highwire.stanford.edu)
About HighWire Press
HighWire Press, a division of the Stanford University Libraries, provides online site development and hosting solutions to the scholarly publishing community. HighWire produces the definitive online versions of high-impact, peer-reviewed journals and other scholarly content in many disciplines. Since 1995, HighWire has partnered with influential societies, university presses, and other publishers to create a vast database of the finest, fully searchable research, medical, and social science literature available on the Internet. The HighWire community shares ideas and innovations in publishing through regular meetings, discussion forums, and through the service of its unique blend of highly qualified staff. http://highwire.stanford.edu
InCommon News is published by the InCommon Federation (www.incommon.org) for its participants and other interested parties. InCommon is an LLC of Internet2. Send feedback or comments to email@example.com.
This newsletter is sent to firstname.lastname@example.org. To subscribe or unsubscribe, send an email to email@example.com with one of these messages in the subject: subscribe incommon-announce or unsubscribe incommon-announce. You can also subscribe to the InCommon RSS news feed, which includes this newsletter, by visiting www.incommon.org/contacts.cfm.
Ann Arbor, Mich. - November 3, 2010 - The InCommon Federation has announced the achievement of a milestone - its community now includes more than 5 million end users. The federation has 259 participating organizations - an increase of 30 percent since January 1 - including colleges and universities, research labs, agencies of the U.S. government, and private companies that offer web-based resources and services.
"It is gratifying to see that the federation continues to gain traction within higher education, with research labs and consortia, and with agencies of the U.S. government," said Kevin Morooney, chair of the InCommon Steering Committee and chief information officer and vice provost for information technology at Pennsylvania State University. "At Penn State, we've built this into our information technology infrastructure and it saves us time and money."
InCommon provides a secure and privacy-protecting method for giving individuals access to protected or licensed online resources, such as library databases, multimedia content, research information, and services provided by government agencies. This works because all participating organizations agree on standard policies, practices and technology standards for all interactions.
Individuals use their university credentials to access protected resources, with the higher education institution managing the identity information, providing the authentication, and guarding user privacy. The service provider authorizes access to the online resource based on information passed from the university.
As a result, the service provider no longer needs to provision user accounts, significantly reducing help-desk calls, and eliminates the custom integration work each time a new customer comes on board. All parties benefit from the increased security of leveraging one database, rather than maintaining multiple databases or giving multiple organizations access to the university database (which can results in data spills or compromise).
InCommon includes two types of members - research and higher education institutions, and companies that deliver some type of online resource, such as a library database or a course management system. When these entities join InCommon, they agree on a set of shared policies, processes, and technology standards, greatly streamlining the collaboration process.
InCommon also operates a certificate service, providing participating higher education institutions with unlimited SSL and, soon, personal certificates at one low annual fee.
For more information on InCommon and a full list of participants, visit www.incommon.org
About InCommon(R) The InCommon Federation (www.incommon.org), operated by Internet2, provides a privacy-preserving, secure method for higher education institutions and their partners to offer single sign-on convenience to their faculty, researchers, students and staff. Through InCommon, individuals no longer need to maintain multiple passwords and usernames and online service providers no longer need to maintain user accounts. The educational institution manages the level of privacy and security for its constituents. InCommon also offers the InCommon Cert Service, providing unlimited SSL and, soon, personal certificates to colleges and universities at one low annual fee.
InCommon has just released a web page designed to help participants make the case for joining InCommon to potential service providers. The page (www.incommon.org/partners) makes the value proposition for service providers, including cost savings, standardizing interactions with clients, improved security and privacy, and simplified operations.
The page also provides a screen-capture video that provides an overview of the benefits of joining, and gathers additional resources in one location. Feedback from InCommon participants is always welcome, including recommendations for additional resources or reasons for joining (email incommon-info AT incommon DOT org).