The InCommon community announces the draft release of refined versions of the two documents that represent the foundations of its Identity Assurance program: The InCommon Identity Assurance Assessment Framework (IAAF) and the The InCommon Identity Assurance Profiles (IAP), also known as InCommon Bronze and Silver.
The public comment period for drafts of v1.1 has closed; thank you to those who provided feedback. You can still see the review guideand the summary of changes proposed for v. 1.1.
The Need for Refinement
The InCommon Identity Assurance 1.0 document set published in 2008 was largely based on the no-longer-extant US federal government eAuthentication Credential Assessment Framework. The federal government's requirements and priorities have since changed. New materials regarding electronic authentication and trust frameworks were published by the government's Identity, Credential and Access Management (ICAM) initiative in 2009.
In addition, a group of early-adopter campuses has been working through the assessment process of the Silver Assurance Profile and developed a number of questions and recommendations, including important contributions from both IT and Audit staff.
Together these developments created strong motivation to simplify and clarify the InCommon Identity Assurance documents while retaining their basic structure and intent. Both government requirements and real-world assessment experience from campuses have been incorporated.
An FAQ about the InCommon Identity Assurance Program is now available: https://spaces.at.internet2.edu/x/dQBvAQ
The community wishes to thank the schools that have been working on the Silver adoption process – the Committee for Institutional Cooperation (CIC)'s Silver Audit team, which includes the Big Ten plus the University of Chicago, along with the University of Washington and Virginia Tech. The University of California schools have also been engaged in a Silver review and in providing feedback. In addition, a group of member-institutions of SURA (Southeastern University Research Association) has recently started a Silver adoption process. Both of these collaborations will document their efforts, which will help all of us as we move to adopt Silver. Members of ACUA, the Association of College and University Auditors, also provided significant comments. We also wish to thank the review committee for their tireless and careful elucidation of the framework and accompanying profiles.
General information about the Assurance program can be found here: