You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Subject: Updated InCommon Identity Assurance Documents Available for Public Review

The InCommon community announces the draft release of updated versions of two foundational documents of its Identity Assurance program: The InCommon Identity Assurance Assessment Framework (IAAF) and The InCommon Identity Assurance Profiles (IAP). These public review drafts of v1.2 are available for comment now through 5pm ET May 7th 2012. An overview and details on submitting comments follow.  The InCommon community is encouraged to give feedback.

The Need for Update

Simplifying Bronze for Rapid Deployment - Federal Identity, Credential, and Access Management (FICAM), the team that reviews and approves trust frameworks for use with federal services, is interested in getting broad deployment of Bronze (Level of Assurance 1) across InCommon Identity Providers to facilitate federation with federal agencies using an approved profile. This means that Identity Providers federating with NIH or NSF should be making concrete plans to support Bronze in the next 6 to 9 months. 

To that end, FICAM asked us to review the Bronze profile and consider where we could reduce our requirements and still adhere to theirs. The changes in v1.2 primarily address this need for rapid ubiquitous deployment and we are interest to hear your thoughts about the 1) specific changes and 2) whether the new Bronze will enable you to implement this profile more quickly and what that timeframe would be. Most notably, Identity Provider Operators now have an option to sign a Representation of Conformance in lieu of doing a specific Bronze audit.

Clarifying Audit Reporting - InCommon has updated section 4.2 of the IAAF to reflect specific guidance on the type of audit report to submit with your application for Silver certification. This new language clarifies requirements. Also included is a process for adopting new versions of the Assurance specification documents. 

How to Comment on the v1.2 Public Review Drafts

The review committee welcomes feedback on the drafts until 5pm ET May 7th. All submitted feedback will be considered, and the final release of v1.2 is targeted for mid June.

The draft IAAF, IAP and Represntation of Conformance (required in lieu of Bronze Audit) are available in PDF format here: URL

We invite you to send your comments to ia-review@incommon.org. Please include a document line number prefacing each comment.

The community wishes to thank the schools that have been working on these updates – the Committee for Institutional Cooperation (CIC)'s Silver Audit team, which includes the Big Ten plus the University of Chicago, along with the University of Washington and Virginia Tech. The University of California schools have also been engaged in providing audit feedback. We also wish to thank the review committee for update of  the framework and accompanying profiles and the auditor representatives on the Assurance Advisory Committee for providing guidance for their peers.

General information about the Assurance program can be found here:
http://incommon.org/assurance/

Sincerely,

Mary Dunker, Chair
Assurance Advisory Committee

Jack Suess, Chair
InCommon Steering Committee

  • No labels