Versions Compared

Old Version 3

changes.mady.by.user Emily Eisbruch (internet2.edu)

Saved on

compared with

New Version 4

changes.mady.by.user Emily Eisbruch (internet2.edu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Draft Minutes Assurance Implementers Call 4-Sept-2013

Attending:
Ann West, InCommon/Internet2
Mary Dunker, Virginia Tech
Karen Harrington, Virginia Tech
Steve Devoti, University of Wisc.
Dave Langenberg, U. Chicago
David Walker, Independent
Mark Rank, UCSF
Kevin Dale, UCSF
Marlena Erdos, Harvard
Brett Bieber, Univ. of Nebraska, Lincoln
Jeff Capehart, University of Florida
Emily Eisbruch, Internet2, scribe

...

Assurance Advisory Committee Update

FCCX
Mary Dunker reported that Ann West was involved in a call with the FCCX (Federal Cloud Credential Exchange). FCCX is a gateway providing translation service between federated FICAM-approved IdPs (using OpenID and SAML2) and federal agencies. FCCX plans to work with the VA and with NIST.  Virginia Tech will most likely be involved in testing the gateway in the future. Ann will be organizing another call with FCCX to share more information. The AAC and InCommon will most likely suggest some agencies that we think are important for FCCX to work with, such as Dept. of Education, Dept of Energy, NIH, and NSF.  Ann hopes to get FCCX to do a webinar for the community.  FCCX hopes to be in production in January 2014.

Cloud Security Controls Matrix
The AAC had a call during August with Bob Brammer of the Internet2 Net+ Cloud Security Initiative. This initiative was launched to develop cloud security guidance that could be consistently applied to meet the needs of higher ed. The Net+ Cloud Security Initiative formed an alliance with the Cloud Security Alliance (CSA), a consortium of 150 largely corporate members https://cloudsecurityalliance.org . The Net+ Cloud Security Initiative is working on a cloud security controls matrix, customizing a matrix originally developed by CSA. The Net+ Cloud Security Initiative wants the AAC to help provide an identity management perspective to be explicitly covered in the controls matrix.  The AAC will be scheduling another call with Bob Brammer and may be soliciting input from the community.

AAC Membership
The AAC has some terms expiring, and will be looking for some community members to join the AAC. Stay tuned for an email from Ann on this topic.

...

In addition, as part of Phase 2 of  the CommIT project, there may be an effort to spin up a digital notary service for the CommIT credential.
Currently in the drafting stage.   
Could eventually fit in with federal agencies and provide an LOA2.

SHA-256https://spaces.at.internet2.edu/display/InCAssurance/Transition+to+SHA-2Image Removed
Ann reported that the InCommon TAC is investigating the SHA-256 issue. There are 3-4 campuses doing testing.

...