The InCommon community announces the draft release of refined versions of the two documents that represent the foundations of its Identity Assurance program: The InCommon Identity Assurance Assessment Framework (IAAF) and the The InCommon Identity Assurance Profiles (IAP), also known as InCommon Bronze and Silver. These public review drafts of v1.1 are available for comment now through 5pm ET March 28th 2011. An overview and details on submitting comments follow.  The InCommon community is encouraged to give feedback.

The Need for Refinement

The InCommon Identity Assurance 1.0 document set published in 2008 was largely based on the no-longer-extant US federal government eAuthentication Credential Assessment Framework. The federal government's requirements and priorities have since changed. New materials regarding electronic authentication and trust frameworks were published by the government's Identity, Credential and Access Management (ICAM) initiative in 2009.

In addition, a group of early-adopter campuses has been working through the assessment process of the Silver Assurance Profile and developed a number of questions and recommendations, including important contributions from both IT and Audit staff.

Together these developments created strong motivation to simplify and clarify the InCommon Identity Assurance documents while retaining their basic structure and intent.  Both government requirements and real-world assessment experience from campuses have been incorporated.

An FAQ about the InCommon Identity Assurance Program is now available: https://spaces.at.internet2.edu/x/dQBvAQ

How to Comment on the v1.1 Public Review Drafts

The review committee welcomes feedback on the drafts until 5pm ET March 28th. All submitted feedback will be considered, and the final release of v1.1 is targeted for mid April.

The draft IAAF and IAP are available in PDF format in the call out box on this page.https://spaces.at.internet2.edu/x/4SM

We invite you to send your comments to ia-review@incommon.org. Please include a document line number prefacing each comment.

The community wishes to thank the schools that have been working on the Silver adoption process – the Committee for Institutional Cooperation (CIC)'s Silver Audit team, which includes the Big Ten plus the University of Chicago, along with the University of Washington and Virginia Tech. The University of California schools have also been engaged in a Silver review and in providing feedback. In addition, a group of member-institutions of SURA (Southeastern University Research Association) has recently started a Silver adoption process. Both of these collaborations will document their efforts, which will help all of us as we move to adopt Silver.  Members of ACUA, the Association of College and University Auditors, also provided significant comments.  We also wish to thank the review committee for their tireless and careful elucidation of the framework and accompanying profiles.

General information about the Assurance program can be found here:
http://incommon.org/assurance/


Identity Assurance Assessment Framework (IAAF)

  • [IAAF 1.1 Public Review Draft|http://incommon.org/docs/assurance] \[PDF\]

Identity Assurance Profiles (IAP) Bronze & Silver

  • [IAP 1.1 Public Review Draft|http://incommon.org/docs/assurance] \[PDF\]


Frequently Asked Questions About the Assurance Program and the Refinement Process

InCommon Assurance Web pagehttp://www.incommon.org/assurance/technical_procedures.html

*[Silver Report from the CIC: Phase 1|http://www.cic.net/Libraries/Technology/IdM_InCommonSilverPhase1.sflb.ashx]* \[PDF\] - A report from the first of three phases of the CIC effort to implement Silver.