- Created by David Walker (internet2.edu), last modified by Bill Kaufman on Feb 26, 2019
You are viewing an old version of this page. View the current version.
Compare with Current View Page History
« Previous Version 28 Next »
The InCommon Trusted Access Platform simplifies campus processes and advances inter-institutional collaboration and research through an integrated suite of open-source tool set and a set of campus architectural practices that answer the challenges posed by identity and access control at higher education institutions. The InCommon Trusted Access Platform provides tools, software and architectural patterns that enable institutions to manage access to institutional resources effectively and securely, to foster inter-institutional collaboration, and to facilitate access to cloud services. See TIER 101 for an overview.
The InCommon Trusted Access Platform is a continuation of the work that began in 2016 with the Trust and Identity in Education and Research (TIER) program. TIER was a three-year initiative to provide enhancements and sustainability for community-driven identity and access management software and services. Forty-nine campuses provided $1.25 million per year for three years to support the this effort to simplify campus processes and advance inter-institutional collaboration and research. With TIER's successful conclusion in 2018, the InCommon Trusted Access Platform was created with a sustainable funding model to ensure its benefits for the entire community into the future.
Solutions
The Trusted Access Platform technology is designed to be conformed into your institution's policies, practices, and organization for identity and access management. See below for help with that process.
- Reference enterprise architecture (business and technical) for IAM
- Documents describing how TIER components fit into the IAM architecture (i.e., solve IAM needs)
- Also, what's left to the institution
Reference Documentation
The components' web sites listed above provide voluminous information about use, deployment, and administration, as well as ways in which you can enhance the capabilities of the components and contribute to the community. The following are good starting points.
- Overall InCommon Trusted Access Platform Architecture
- Components
- While the primary goal of the InCommon Trusted Access Platform is an integrated Identity and Access Management (IAM) software suite for research and education, the components of that suite can be integrated into local IAM platforms. Those components are:
- Shibboleth - Single Sign-On that allows local, distributed, and cloud services to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner
- Grouper - Management of institutional and personal groups, roles, and permissions for use by project managers, departments, institutions, and end users.
- COmanage - A suite of products and resources that allow collaborative organizations to meet their objectives using standardized identity management tools and approaches.
- midPoint - A general-purpose identity management and governance system used by the Trusted Access Platform for its ability to synchronize and reconcile among multiple systems of record and sources of identity, as well as to provision and de-provision user accounts and groups into services.
- Shibboleth Metadata Management GUI - A graphical interface for the Shibboleth IdP that enables identity administrators to create Service Provider (SP) metadata files from "scratch, import metadata for an SP, and add entity attributes to that metadata to impact relying party settings such as required authentication context, what is signed, signature algorithm, encryption, forced authentication, etc.
- COmanage Match - A heuristic based system for matching identity records across multiple authoritative systems of record.
- While the primary goal of the InCommon Trusted Access Platform is an integrated Identity and Access Management (IAM) software suite for research and education, the components of that suite can be integrated into local IAM platforms. Those components are:
- Reference Implementations
- Deployment Guides
- Information for Developers
Other information, services, etc.
- Knowledge Base
- How to
- Tutorials
- Training
InCommon training
Trusted Access Platform training
COmanage training
Presentations
- Community Discussion
- Enhancement/Bug Tracking
- Links to related activities (e.g., CSP)
The Software
If you are familiar with the InCommon Trusted Access Platform and what it can do, you can go here to download the software. Otherwise, read on.
DRAFT - Please Provide Feedback
This page is a draft that will, eventually, become a "landing" page for the InCommon Trusted Access Platform, once all the pieces are in place. Please provide feedback by sending mail to NeedFeedbackAddress@internet2.edu. Comments of any kind are very welcome, although we are particularly interested in the following:
- Is this the right set of topics to cover?
- Is this the right structure?
- What are the gaps that need to be filled?
- Which documents need to be refreshed/replaced?
- No labels