Versions Compared

Old Version 6

changes.mady.by.user Emily Eisbruch (internet2.edu)

Saved on

compared with

New Version Current

changes.mady.by.user Emily Eisbruch (internet2.edu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

...

Assurance Advisory Committee (AAC) Update

FCCX
Mary Dunker reported that Ann West was involved in a call with the FCCX (Federal Cloud Credential Exchange). FCCX is a gateway providing translation service between federated FICAM-approved IdPs (using OpenID and SAML2) and federal agencies. FCCX plans to work with the VA and with NIST.  Virginia Tech will most likely be involved in testing the gateway in the future. Ann will be organizing another call with FCCX to share more information. The AAC and InCommon will most likely suggest some agencies that we think are important for FCCX to work with, such as Dept. of Education, Dept of Energy, NIH, and NSF.  Ann hopes to get FCCX to do a webinar for the community.  FCCX hopes to be in production in January 2014.

...

AAC Membership
The AAC has some terms expiring, and will be looking for some seeking community members to join the AAC. Stay tuned for an email from Ann on this topic.

Counting Failed Login Attempts
Information on the Counting Failed Login Attempts work is found at

https://spaces.at.internet2.edu/display/InCAssurance/Failed+Authentication+Counter+Strawman
 
Brett reported that University of Nebraska has a working proof of concept that's collecting the authentication failures, using Splunk as the aggregator.
They are working on excluding the authentication attempts for invalid account names. Good progress is being made.

...

U. Chicago – audit is ongoing
Harvard – awareness of assurance is building
U. Wisc.-Madison – some resource issues, though compliance is around 80%
UCSF – there is talk about assurance among the UC Trust Federation

Nebraska – goal is to be bronze Bronze ready soon, working on management assertions for Bronze, counting failed authentication attempts is part of that.
There is a small group in the CIC talking about a CIC  Bronze Initiative.
It may make sense to join the CIC work with the Bronze Cohort Group that Ann is spinning up.

Virginia Tech – Have started the 1.2 documentation. Hope to submit alternative means for 1.2 soon.
Goal is to finish by end of year.