Versions Compared

Old Version 7

changes.mady.by.user Emily Eisbruch (internet2.edu)

Saved on

compared with

New Version 8

changes.mady.by.user Emily Eisbruch (internet2.edu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

FICAM 1.0 spec and related documents focused on identity provider and credential practices.
Since the approval of FICAM 2.0, there are a few changes. FICAM 2.0 also encompasses:

...

Much progress in the discussions with FICAM. See slide 6 for progress on these issues.details.

componentized services

An important topic is componentized services (see slide 7 and 8 for details )

Issues Discussions with NIH and NSF

See slide #9

InCommon's discussions with NIH and NSF resulted in FICAM accepting our standardized attribute bundle (R&S) rather than the attributes FICAM had been requiring (which has included legal name and DOB)

See slide #

GSA (home agency for FICAM) has joined InCommon, Looks like GSA will be the focal point for other agencies.

We are piloting insertion of community tags into the metadata, and FICAM will have one of those early pilots.

That will be a powerful ability

This is in process, not announced yet

Componentized serivces ,

how can FICAM enable agencies to pick and choose, for example with

 for example a Kantara Approved Token Manager and a Safe BioPharma Approved Identity Services Manager and they work together to be a Credential Services Provider

there was a meeting in DC about this with intersted disucsion

interesting discussion about the major pieces

need to audit the glue between token manager and identity services manager

There are under 20 pieces that tie between the components.

Once audited that could be a full CSP

This would allow us to outsource pieces

If you had an adult distance learning service and need it be become a FICAM approved silver service

That could be considered an approved identity provider .

==

We are also working with

NIH and NSF in context of assurance and federation in general

They would like usage of InCommon Credentials to grow.

Many faculty are using Google Credentials

More difficult to address assurance and broader needs of the agencies.

Need persistence across the organization for the researchers

If they move from one organization to another

there are issues

NSF is piloting ORCD to adress moving/persistance

NIH sees a need for Bronzish

Silver without the Identity proofing

==

Community Profiles

There are community needs

...

Community Profiles

See Slide 10

  • In addition to the FICAM-based Bronze and Silver profiles, there are community needs, such as for an MFA profile.
  • Ability to assert Multi Factorness to a provider like Workday, would be triggered based on a need to access a financial record.
  • Also need to replace the POP approach of "Post your Practices" and have baseline practices

SteveD:Steve Devoti reported

  • The AAC is working to revise its charter

...

  • to do more than manage the assurance process for certification.

...

  • The AAC is looking at what needs to be modified to increase trust within the federation.
  • This does not expand a lot the AACs charge. But it is broader than managing a process.
  • We have received lots of feedback (from our SP partners) on the lack of usefulness of the POP and the lack of Compliance. Some InCommon participants are not updating their POPs.
  • We have talked about decomposing the assurance profiles into trust marks to drive incremental progress within the federation.

So not this big thing. Silver.

...

  • The goal is to get people on the road to higher trust and higher assurance.
  • There is work at GA Tech on Trust Marks

Can address what we have heard from community about the POP and about MFA.

...