Versions Compared

Old Version 31

changes.mady.by.user Michael Grady (unicon.net)

Saved on

compared with

New Version 32

changes.mady.by.user Michael Grady (unicon.net)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Multi-factor Authentication in Higher Education

The ScalePriv Project contains several major thrusts around identity and privacy, including a focus on promoting the adoption of Multi-factor Authentication (MFA) across Higher Education institutions. The ScalePriv Project includes three partially supported leadership deployments of MFA at MIT, the University of Texas System, and the University of Utah, as well as the commitment of building the MFA Cohortium.

...

  • Good privacy begins with good security, with several examples being:
    • better assurance that individuals with privileges to see and/or manage other's personal data are indeed the individuals intended to have such access,
    • a more secure account makes phishing harder,
    • privacy managers can leverage higher levels of assurance (i.e., ones requiring MFA) before authorizing the release of sensitive identity attributes.
  • A number of approaches to MFA involve biometric or other data (e.g. geolocation from an SMS 2nd factor activity) that has the potential of "privacy spillage". Having MFA behind a campus' Identity Provider (IdP), and then using federation to leverage that MFA for a broad spectrum of services, allows the advantages of MFA while gaining a potential "privacy firewall" in the form of the IdP.
  • It helps to minimize the number of Service Providers that might otherwise feel compelled to offer their own MFA implementations that don't have the advantage of the "IdP privacy firewall", and have the potential to confuse users with the multitude of approaches, devices, etc.

The MFA Pilot Institutions

The ScalePriv Project includes three partially supported leadership deployments of MFA at MIT, the University of Texas System, and the University of Utah, as well as the commitment of building the MFA Cohortium. As these pilots progress, more information about each will be added to this space and a page focused on the pilot deployments at each institution. The work and expertise of these three institutions will also be contributing to the broader MFA Cohortium initiative described next.

The MFA Cohortium

he Internet2 Scalable Privacy Project (ScalePriv) is seeking campuses to participate in the Multi-factor Authentication (MFA) "Cohortium". The MFA Cohortium will be a ScalePriv-supported group of institutions sharing their explorations, experiences, expertise, artifacts, and overall "journey" in learning about, planning for, and deploying multi-factor authentication for a variety of key use cases within each institution. It will be a facilitated and focused 15-month effort to help you (as a participating institution) make real progress towards MFA deployments. It will enable your institution, and higher education more broadly, to answer the questions "where do we need MFA?", "how do we deploy it?", and "what will it cost and what is our ROI?". And it will be focused on the research and education (R&E) community, dealing with issues and use cases of particular concern within R&E such as integrating MFA into WebSSO, sensitive data, cloud services, distance learners, bring-your-own-device, and the return on investment (ROI) within the R&E environment.

...