Open Office Hours - October 7

Do you have a question about deploying or configuring Registry or Match? Want to get some input on a solution architecture design? Want to hear how your colleagues in the community are solving problems similar to yours? Each month you can bring your topics for discussion to the call. No need to register or spin up a presentation (but feel free if it suits you!); just show up! A short conversation starter kicks off each session to help get the discussion started.

Friday, October 7 at 12:00 PM (America/New York) (no registration necessary)

https://us06web.zoom.us/j/84743471575?pwd=d29QNFM1KzEwUFZvRFg0enJ1dlNmQT09 

IN YOUR TIMEZONE & link for your calendar

October's Topic Aperitif: COmanage Packaging

This month we will spend some time exploring the container packaging for the COmanage Project tools. Scott Koranda will review the resources available, and the best ways to use them. We will follow this 15 min chat with topics of your choosing. Bring your questions, comments, and suggestions about any topic to office hours with the COmanage project team.

COmanage Registry Person Vetting

Soon-to-be-released Registry v4.1.0 introduces the concept of Vetting, where a CO Person can be reviewed via one or more vetting processes (called Vetting Steps). Vetting is useful for purposes such as background checks or compliance, for example, checking a person’s home/business country of residence against a dictionary list of State Sponsors of Terrorism. Vetting Steps can be run on demand, or as part of an Enrollment Flow.

Vetting Steps can be configured for automatic or manual processing, and are implemented via Vetting Plugins. Vetting Steps are configured at the CO level, meaning in the current implementation the same Vetting Steps are applied to all members of the CO, regardless of COU memberships or other considerations. The data used for Vetting is specific to each Plugin.

Read more about Person Vetting in the COmanage Wiki.

COmanage News

This newsletter section is designed to provide additional transparency on the day-to-day workings of COmanage. Have ideas about other information that we should be including? Let us know on the #incommon-comanage slack channel or by emailing Laura!

UPCOMING OPEN OFFICE HOURS

The last Open Office Hours for 2022 (and their Topic Aperitifs) are on a different schedule:

• Thu, 27 OCT 3:00 ET: TOPIC: Pick a topic, with the latest training cohort
• Wed, 7 DEC 12:30 MT: Open Office Hours LIVE! at Technology Exchange. TOPIC: COmanage Registry 5.0.0 (PE) - an early preview!

Click the links above to see the meetings in your time zone and add them to your calendar.

COmanage REGISTRY TRAINING

Early bird rates end SEP 30! A COmanage Registry training workshop will be held on October 25-27. Learn the basics of administering Registry including connections to Source data, enrolling your population, passing information from Registry to your other systems, and lifecycle management. Register now. (The next Registry training workshop will be offered in Spring 2023)

COmanage AT TECHNOLOGY EXCHANGE IN DECEMBER!

We are so excited that several sessions will focus COmanage tools at Internet2’s Technology EXchange this December 5-9 in Denver, CO, USA:

Open Office Hours LIVE! (Newly Added!)

December’s Topic Aperitif: COmanage Registry 5.0.0 (PE)

COmanage Registry is undergoing a significant update with version 5.0.0. With a substantial upgrade to the underlying development framework, CakePHP, we are taking the opportunity to review current Registry uses and adjust the code and features to better align with how the system is being used today. For this month’s “topic aperitif” we will discuss the expected changes, share some exciting functionality and interface updates, and talk about timing. We look forward to your questions, comments, and suggestions, both about this update and any other COmanage topics. This session will be offered in person during a TechEx lunch session as well as our traditional online offering.

Making it Sticky: Offering Shared Services via InCommon Glue (Newly Added!)

Have services you want to offer schools in your state or region, but it’s tough to manage the individual access details? Want to help your member schools access those shared services and the world of academic collaboration?

The community has news for you! Join us to hear OARnet’s experience this year and learn how the InCommon community has been working on several initiatives to help a diversity of organizations to participate. There are also education programs and partner-provided tools to help bridge the gap. Please join us to explore resources available to support your needs.

Hands-on Introduction to COmanage Match

In this tutorial, you will learn how to set up matching rules, how to use dictionaries to set up more sophisticated matches, and techniques for testing and refining your match rules. Each participant will need a device with web browser capability. Tutorial limit: 20 participants.

Bridging the Divide: Dynamic MFA Using PrivacyIDEA, SATOSA, and COmanage

A growing number of Service Providers (SPs) require their users to sign in using Multi-factor Authentication (MFA) to ensure that SP-provided resources are securely accessed. However, federated Identity Providers (IdPs) are still evolving in their support for MFA. A flexible bridge solution is needed.

To address this challenge, the NIAID Discovery and Collaboration Platform (NDCP) developed a Dynamic MFA solution that uses campus MFA assertions when available and NDCP MFA when not. This solution combines three powerful tools: 1) PrivacyIDEA for token management and runtime authentication, 2) COmanage for NDCP MFA registration when IdPs don't provide MFA, and 3) SATOSA for SAML assertion and flow management. MFA-secured authentication from IdPs can be used directly even if the IdP does not signal it, and can automatically adjust when an IdP starts signaling MFA.

Join us to learn why Dynamic MFA is essential for Virtual Organizations looking to leverage federated MFA, and how to make it work. Presenters will cover implementation and code release, the MFA deployment process, and challenges/lessons learned along the way.

ACAMP: BYOCT

And, of course, we hope to collaborate with you as you Bring Your Own COmanage Topic (BYOCT) to Advanced CAMP - the unconference component of CAMP week at Technology EXchange.

That’s it for this month’s newsletter; keep an eye out for our next one scheduled for late October. We hope to welcome you during our Open Office Hours on October 7th!