Child pages
  • Call for Participation -- The Multi-factor Authentication (MFA) "Cohortium"

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0


cohortium: "Group of institutions sharing their explorations, experiences, expertise, artifacts, and overall journey", in this case of planning for and deploying multi-factor authentication.

  • Wiki Markup[Cohort|http: //]: _In statistics and demography, a cohort is a group of subjects who have shared a particular event together during a particular time span_ \ [cohort (statistics) from Wikipedia\].
  • -tium added to noun base to create abstract noun, "something connected with the act", could mean "act, condition, office of...".


A key deliverable of the Internet2 Scalable Privacy Project (ScalePriv) is the promotion of multi-factor authentication (MFA), under the tenet that "good privacy begins with good security". Just a few of the links between privacy and MFA are:

  • better assurance that individuals with privileges to see and/or manage other's personal data are indeed the individuals intended to have such access,
  • a more secure account makes phishing harder,
  • privacy managers can leverage higher levels of assurance before authorizing the release of sensitive identity attributes.

Establishing the MFA Cohortium will provide a supported and collaborative environment focused on advancing the use of MFA in higher education. The MFA Cohortium will be supported by ScalePriv project staff, who will facilitate all of the Cohortium activities and help the member institutions to learn from experts, early adopters, and each other about effective implementation of MFA. The Cohortium participants will be sharing their explorations, experiences, expertise, artifacts, and overall roadmap to learning about, planning for, and deploying multi-factor authentication for a variety of key use cases within each institution, as well as federated access to services. The Cohortium will unite a committed group of campuses in a focused 15-month effort to help you (as a participating institution) make real progress towards MFA deployments. It will enable your institution, and higher education more broadly, to answer the questions "where do we need MFA?", "how do we deploy it?", and "what will it cost and what is our ROI?". And it will be focused on the research and education (R&E) community, dealing with issues and use cases of particular concern within R&E such as integrating MFA into WebSSO, sensitive data, cloud services, distance learners, bring-your-own-device, and the return on investment (ROI) within the R&E environment.


Cohortium Goals and Outcomes

  • Help you get MFA deployed within your institution, and for federated services, where it is needed.
  • Identify a key body of use cases and applications where MFA deployment is particularly critical.
  • Identify and resolve technical and policy questions around the use and integration of MFA technologies with a variety of authentication frameworks, applications, cloud services, communities, and Bring Your Own Device (BYOD) environments, leading to a set of MFA deployment roadmaps for institutions.
  • Identify and resolve technical and policy issues related to federation of Identity Providers that have implemented MFA technologies.
  • Produce integration strategies and plugins for the effective use of MFA with the Shibboleth and CAS SSO solutions.
  • Leverage the experience and expertise of the pilot institutions, the work and support of the Cohortium, the technical work around MFA integration, and the licensing efforts of the Internet2 NET+ initiative to launch significantly more deployments of MFA across the spectrum of Higher Educational institutions.
  • Produce analyses and summaries of the experiences, success factors, lessons learned, and benefits and ROI of MFA based on the deployments of the pilot and Cohortium institutions. Including a focus on factors affecting MFA deployments within institutions such as the audience, scale of deployment, target applications and services, authentication frameworks (e.g SSO), MFA technology, large number of remote users/distance learners, and/or the existing environment (e.g. legacy MFA already in use).
  • Create a "MFA for Higher Education" web resource site that will provide a lasting and living set of resources and roadmaps that captures the richness of use cases, requirements, MFA technologies and integration strategies, costs and ROI, planning documents, implementation and deployment strategies, training and support plans and materials, and outreach examples (e.g. news releases, ads, videos, social marketing strategies) generated by the participants.
  • Summarize what you (your institution) got out of your involvement in the MFA Cohortium.

Program Expectations

  • One pager submission to identify your desire to join the Cohortium, key reasons why you wish to participate, and your willingness to share MFA plans and artifacts more broadly. (See the next section for more details on this "one pager".)
  • Must identify at least one individual who will participate in the MFA Cohortium on behalf of the institution. Ideally, a team of individuals, representing key stakeholders for MFA deployment within the institution, would participate. The number of participants from an accepted institution will not be limited.
  • Participate in bi-weekly calls (should have at least one representative on most bi-weekly calls).
  • Actively participate on the mailing list(s), wiki, etc.
  • Contribute artifacts (sample use cases, plans, strategies, planning documents, cost/benefit analyses, etc.) as appropriate.
  • Participating institutions must submit at least one MFA case study, or similar document or artifact, by the Wrap-up Meeting in June 2014.