Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
Please go to the InCommon Trusted Access Platform Library
Info | ||
---|---|---|
| ||
You can download the software here. |
The InCommon Trusted Access Platform provides tools, open source software, and architectural patterns that enable institutions to:
- foster inter-institutional collaboration and research
- manage access to institutional resources effectively and securely
- facilitate access to cloud services.
while adhering to institutional policies governing identity and access management. See TIER 101 for an overview.
Background
The InCommon Trusted Access Platform is a continuation of the work that began in 2016 with the Trust and Identity in Education and Research (TIER) program. TIER was a three-year initiative to provide enhancements and sustainability for community-driven identity and access management software and services. Forty-nine campuses provided $1.25 million per year for three years to support the this effort to simplify campus processes and advance inter-institutional collaboration and research. With TIER's successful conclusion in 2018, the InCommon Trusted Access Platform has been created with a sustainable funding model to ensure its benefits for the entire community into the future.
Solutions
The InCommon Trusted Access Platform technology is designed to be conformed into your institution's policies, practices, and organization for identity and access management. See below for help with that process.
- Reference enterprise architecture (business and technical) for Identity and Access Management (IAM)
- Documents describing how TIER components fit into the IAM architecture (i.e., solve IAM needs)
- Also, what's left to the institution
Reference Documentation
The components' web sites listed below provide information about use, deployment, and administration, as well as ways in which you can enhance the capabilities of the components and contribute to the community. The following are good starting points.
- Overall InCommon Trusted Access Platform Architecture
- Components
- While the primary goal of the InCommon Trusted Access Platform is an integrated Identity and Access Management (IAM) software suite for research and education, the components of that suite can be integrated into local IAM platforms. Those components are:
- Shibboleth - Single Sign-On that allows local, distributed, and cloud services to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner
- Shibboleth Metadata Management GUI - A graphical interface for the Shibboleth IdP that enables identity administrators to create Service Provider (SP) metadata files from "scratch, import metadata for an SP, and add entity attributes to that metadata to impact relying party settings such as required authentication context, what is signed, signature algorithm, encryption, forced authentication, etc.
- Grouper - Management of institutional and personal groups, roles, and permissions for use by project managers, departments, institutions, and end users.
- COmanage - A suite of products and resources that allow collaborative organizations to meet their objectives using standardized identity management tools and approaches.
- midPoint - A general-purpose identity management and governance system used by the Trusted Access Platform for its ability to synchronize and reconcile among multiple systems of record and sources of identity, as well as to provision and de-provision user accounts and groups into services.
- COmanage Match - A heuristic based system for matching identity records across multiple authoritative systems of record.
- Shibboleth - Single Sign-On that allows local, distributed, and cloud services to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner
- While the primary goal of the InCommon Trusted Access Platform is an integrated Identity and Access Management (IAM) software suite for research and education, the components of that suite can be integrated into local IAM platforms. Those components are:
- Reference Implementations
- Deployment Guides
- Information for Developers
- Why DevOps and Containers? See The Landscape of DevOps
- TIER Container Preview Release Program
Other information, services, etc.
- Knowledge Base
- How to
- Tutorials
- Learning and Support
Presentations
- Community Discussion
- Enhancement/Bug Tracking
- Links to related activities (e.g., CSP)
- How to Get Started in the InCommon Federation, subscribe to newsletters, and generally get involved in the community
- Technical Documentation for InCommon Participants
Info | ||
---|---|---|
| ||
If you are familiar with the InCommon Trusted Access Platform and what it can do, you can go here to download the software. Otherwise, read on. |
Info | ||
---|---|---|
| ||
If you need help with the Trusted Access Platform software click here. |