MOREnet provided the information below in April 2014
Missouri Research and Education Network (MOREnet)
Quilt InCommon Pilot Goals
MOREnet seeks to build a state-wide identity infrastructure for all of its members including K-12 students and faculty, community college students and faculty, higher education students and faculty, and public library staff. We would like to eventually expand the identity infrastructure to the rest of our membership - city and county government staff and administration, healthcare staff and administration not already integrated through the universities and other affiliate members.
To this end, MOREnet proposes a pilot project to bring together a smaller set of MOREnet members to use an integrated set of participants in three scenarios – dual-credit high school students, multi-institution faculty and access to the NET+ services.
Today, dual-credit high school students must maintain multiple identities at their own high school and each higher education institution to which they matriculate for college credit. MOREnet proposes to provide an infrastructure to allow a dual-credit student to use a single identity to authenticate at each of their dual credit institutions.
Faculty are teaching at multiple institutions, sometimes in teams from different institutions. In other situations, two institutions cooperate to deliver a single class or curriculum. Currently, such faculty are required to maintain multiple identities – one for each institution. MOREnet proposes to enable institutions to accept the credentials from another institution to authenticate faculty and students.
As an incentive to participate, MOREnet proposes to offer pilot participants access to set of mutually-acceptable NET+ services requiring the use of federated identity infrastructure.
Five community college and university institutions have expressed interest in a phase 2 pilot. If the pilot goes forward, we will have the appropriate institutions contact their associated K-12 schools. MOREnet will work to integrate the pilot participant and their associated K-12 school district into our identity infrastructure. MOREnet will work with the pilot institution and the institution(s) with which they intend to collaborate on multi-institution faculty and multi-institution classes.
Starting with 5 institutions and then recruiting their associated districts and other community college, college and university partners, MOREnet expects the pilot to expand to 15 or 20 different institutions over the 2 year pilot.
While the higher education institutions will likely have both IdP’s and SP’s, the K-12 districts will likely only have a single IdP. MOREnet expects to integrate its own SP’s (and IdP) into the pilot project. MOREnet has tested the technology to integrate all but the largest K12 districts into single IdP structure.
MOREnet currently supports several on-line resources for membership - http://search.more.net/available-databases . EBSCOhost is common to both InCommon and MOREnet.
In addition to online resources, MOREnet offers a series of in-house services (http://www.more.net/content/services-alphabetical) including LMS-hosting, E-mail hosting, virtual machines, colocation, training which would be simplified with a statewide or federated Identity Management solution.
But the focus of the proposed pilot is creating a trusted federation between in-state institutions – K-12, community colleges, colleges and universities.
We have looked at the NJEdge academic library service – NJVid. This pilot would expand and test our statewide identity infrastructure and allow us to federate for NJVid and other R&E services.
MOREnet expects to select a subset of NET+ services as an enticement for organizations to participate in the pilot. As I understood the first round pilots, there was a subset of NET+ services that would be available to the pilot sites and MOREnet would work to understand the set of NET+ services of interest to the pilot sites. I presume the final set of NET+ services to be mutually acceptable to both groups.
MOREnet has an established Participation Agreement with each member:
Generally, it is the responsibility of each member to determine which privacy and policy requirements are relevant and ensure compliance with those requirements. Certainly, a robust identity structure would allow a more granular implementation of appropriate privacy and policy requirements but MOREnet may not be ready to take on such responsibility from a legal standpoint.
Each potential membership applies using one of two applications. The general application is found at:
The public libraries have a separate process and application:http://www.more.net/sites/default/files/REAL%20Application%2013.pdf
The general terms of service are contained in the Service Policies:
Specific terms and conditions for each service are delineated in the Terms and Conditions by Service:
ImCommon Membership and Policy Requirements
Part of the incentive for this project participation was built on the expectation of access to a specified set of Net+ services during the pilot.
MOREnet is concerned about creating membership expectations only to find that the costs will discourage adoption. MOREnet was an original Internet2 SEGP member and has maintained this membership. MOREnet has an interest in assuming the lion’s share of responsibility for the federated identity management in order to keep the costs to InCommon down. We have expressed interest in Model 4 – Full Service Steward.
Chip Byers of MOREnet is participating in the Pilot Definition process to understand the roles, responsibilities, resulting policies and the business case to ensure the production model will be helpful and appropriate to R&Es and other regionals.
If we understand the meaning of “commercial service-related” pilot, MOREnet does not anticipate the involvement of commercial identity vendors at this time.
We understand that there are currently two MOREnet members who are already InCommon members. The University of Missouri System (our parent organization) is already an InCommon member – they have offered to help but do not intend to participate in the pilot. A.T. Still University is currently an InCommon member but we understand that they are unsure of their current implementation. They have expressed interest in joining the pilot and ensuring that they are correctly and fully implemented as an entity within the statewide structure.
We are aware of a third institution which was considering an InCommon membership but is waiting to see if this pilot will happen. They have expressed interest in this pilot.
MOREnet believes that the effective utilization of a services comes from ease of use, clear benefit, secure environment, training/professional development and ready support. MOREnet intends to deliver all of these elements to each member. For this pilot, MOREnet will work with each pilot participant to on-board them and ensure their contact and identity information is keep current by the participant.
MOREnet will seek guidance on common meta-data structures and best practices before establishing the pilot.
After on-boarding MOREnet as the regional participant, we would like to see tier 2 support for technical and administrative issues, access to relevant forms and training materials. We will likely welcome help with outreach to MOREnet members for the Net+ services after a discussion between InCommon and MOREnet to identify services we want to offer to the pilot participants.
While certain institutions may wish to “on-board” early, MOREnet looks to finalize the administrative and technical environment in late spring and begin on-boarding participants over the summer. Technical and administrative bugs will be worked out and best practices developed during the next school year. MOREnet expects to conduct the pilot in a near-production environment during the second year. We would like to expand the pilot during the second year based on the pilot’s success and emerging business and legal frameworks emerging from the pilot definition efforts.
MOREnet is very interested in performing much of InCommon’s current role in Federation Operations for our members. We already have a formal legal relationship with each of our members as well as administrative and technical relationships. MOREnet has been participating in the Quilt efforts to define the legal, administrative and financial models to share the Federation Operations responsibilities. MOREnet has been building in-house expertise and does not anticipate bringing in partners to assist with identity management, federated identity technologies or as strategic resources. We do, however, anticipate strong interactions with InCommon to insure that our designs and implementations are compatible with the models that InCommon will support for the long run.
MOREnet is interested in starting with Model 4 – Full Service Steward. At this point in our understanding of the models, we do not have any additional requirements. That said, as the models evolve and are formally adopted; MOREnet may find itself in a position to require additional changes or requirements.
While we may not fully understand all the ramifications of this question, our current approach is to perform all functions to provide full MD management and be responsible for the exchange between the “Regional” and InCommon.
MOREnet expects to perform the existing RA functions including registration of IdPs and SPs using the tools provided by InCommon and in compliance with InCommon’s published rules and standards.
At this point, MOREnet expects to generate MD files, both Private and InCommon MD aggregates using tools or standards provided by InCommon and in compliance with InCommon’s published rules and standards.
What are you Offering/Providing
As noted above, MOREnet already has legal, administrative and technical requirements which govern our relationship with each MOREnet member as well as the legal, administrative and technical resources to maintain current documents, assist the member (or RO), host and administer servers, and adopt/adapt InCommon tools or continue to refine our own tools.
What are your Needs?
MOREnet expects to review a deeper technical design with InCommon and other interested Pilot-Definition Regionals. We presume there will be an audit by InCommon of legal, procedural and technical approach and implementation before activating the pilot. We hope that there are existing tools or documentation for use by the pilots to boot-strap the project in compliance with InCommon’s existing policies, practices and systems.
MOREnet seems to be joining the majority of “regionals” in the Model 4 – Full Service Steward approach and would expect to share our efforts, issues and concerns. We suspect many of the other “regionals” or R&E’s to adopt this model – our pilot experiences, tools and documentation could be leveraged by the other regionals.