Notes from the 2013 Quilt InCommon Federation Workshop
David's asks ("shopping list") on behalf of Alaska:
1. flexible model of partners: no layer 3 REN for Alaska; still makes sense to create identity federation & identity services (hosted by UA or…)
2. hierarchical federation w/ InC - our state/regional Fedation is IdP in InC that in turn trusts constiuent's IdPs and can relay assertions up the chain to InC SPs.
3. road show to convey the value of identity federation: a realistic working "demo" to illustrate the value (don't understand without seeing; chicken/egg…)
4. generic support & tools with wide application so that we don't have to re-invent them multiple times and can interoperate at higher level of functionality:
- 4.1 appropriate discovery tools to ease moving down a hierarchical federation tree (Education:AlaskaK12:Fairbanks)
- 4.2 eduPerson extensions (minimal necessary to meet needs, such as grade level, over or under 13 years old,...),
- 4.3 collaborative development sprints to deploy pilots within regions or states,
- 4.4 IdP in a box, hosted IdP, & other models to provide direct support to smaller schools
a "cloud starter pack"
Discussion at my (email@example.com) table of bundling services requiring federated identities to be attractive to K12s:
- Desire2Learn for portfolio management in the cloud (as well as other learning tools)
- Canvas [alternative to D2L?]
- Box as having great tools for ad hoc collaboration of great interest to teachers
- GAE as providing appropriately filtered access to YouTube and other apps (as well as email, etc.)
- Content: …(anticipate content providers much more willing to provide with standard-based identities)
- Virtual desktops (though this might be problematic for low-bandwidth high latency connections in AK communities)
- SIS cloud service (including parental access) mentioned, but no specific provider identified.
Idea is to bundle these services as part of federating, and focus more on these end user services than the underlying enabling technologies of federated identities and SSO.