| Section | |
|---|---|
|
...
|
The ScalePriv Project contains several major thrusts around identity and privacy, including a focus on promoting the adoption of Multi-factor Authentication (MFA) across Higher Education institutions. The ScalePriv Project includes three partially supported leadership deployments of MFA at the Massachusetts Institute of Technology (MIT), University of Texas System, and University of Utah, as well as the commitment of building the MFA Cohortium (see below).
Promoting the adoption of MFA fits into the overall ScalePriv Project in multiple ways:
- Good privacy begins with good security, with several examples being:
- better assurance that individuals with privileges to see and/or manage other's personal data are indeed the individuals intended to have such access,
- a more secure account makes phishing harder,
- privacy managers can leverage higher levels of assurance (i.e., ones requiring MFA) before authorizing the release of sensitive identity attributes.
- A number of approaches to MFA involve biometric or other data (e.g. geolocation from an SMS 2nd factor activity) that has the potential of "privacy spillage". Having MFA behind a campus' Identity Provider (IdP), and then using federation to leverage that MFA for a broad spectrum of services, allows the advantages of MFA while gaining a potential "privacy firewall" in the form of the IdP.
- It helps to minimize the number of Service Providers that might otherwise feel compelled to offer their own MFA implementations that don't have the advantage of the "IdP privacy firewall", and have the potential to confuse users with the multitude of approaches, devices, etc.
The MFA Pilot Institutions
...
cohortium: "Group of institutions sharing their explorations, experiences, expertise, artifacts, and overall journey", in this case of planning for and deploying multi-factor authentication.
Wiki Markup - -tium added to noun base to create abstract noun, "something connected with the act", could mean "act, condition, office of...".
...