InCommon Assurance Community Wiki

InCommon Assurance Webinar, Wed. Sept. 3, 2014

Successful Security Practices: Counting Failed Login Attempts
Wed., Sept. 3, 2014 at Noon ET

Looking to change your security practices by counting failed login attempts and locking accounts after the agreed-upon threshold has been reached? Interested in finding out how two institutions plan to do that? While monitoring unusual login activity is considered good security practice, counting failed logins is also part of the strategy for addressing the requirements of InCommon Bronze and Silver Identity Assurance Profiles.

Join us for an informal one-hour webinar presentation to hear how two campuses are approaching this issue and what they have under development.

Moderator: Jacob Farmer, University of Indiana

Speakers:
-Brett Bieber, University of Nebraska-Lincoln
-Benn Oshrin, University of California-Berkeley

Connection Information:
Adobe Connect:
URL: http://internet2.adobeconnect.com/assuranceimplementerscall

InCommon Silver with Active Directory Domain Services Cookbook for 1.2 Released

The final version of the InCommon Silver with Active Directory Domain Services Cookbook is available now! For an overview of the important bits, see the webinar recording (http://internet2.adobeconnect.com/p260zhrz2ea/​). 

Reading Bronze: Understanding the InCommon Profile (recordings available)

InCommon sponsored a community reading of the Bronze InCommon Assurance Profile to aid in the understanding and intent of the requirements. There were four calls during Dec. 2013 and Jan. 2014.  The calls have now concluded. Thanks to all who participated for the excellent comments and questions.

Recordings are available at this link.

Assurance Program

Specification Documents

  • [Identity Assurance Assessment Framework;|^IAAF-V1.2-Feb2013.pdf] Version 1.2 Feb 2013 \[PDF\]
  • [Identity Assurance Profiles;|^IAP-V1.2-Feb2013.pdf] Version 1.2 Feb 2013 \[PDF\]
  • Alternative Means; Multi-factor Authentication for Silver certification
  • DIFFS with 1.1: Framework and Profiles
  • Deprecated Versions

Project Status: Shibboleth Identity Provider Enhancements (Multi-Context Broker)

The MCB v1.0 for development of Assurance Enhancements for the Shibboleth Identity Provider has been completed and is available now for use. For more information and a project status, see Shibboleth Enhancements - Project Status.

See  news on the Multi Context Broker.

See slides from IAM Online on the Multi-Context Broker (April 30, 2014)

Community Resources

Toolkits

Technical InterOp

Community Contributions

Webinars and Presentations

  • Successful Security Practices: Counting Failed Login Attempts PDF slide Deck, Webinar recorded Sept. 3, 2014
  • Better Practices Build Better Systems: Identity Assurance, recorded presentation by Ann West, Internet2, and Ron Thielen, U. Chicago, at EDUCAUSE Security Professionals Conference, May 2014 
  • Open for Business: InCommon Identity Assurance Program (PDF Silde Deck. Webinar recorded February 29, 2012)
  • Grab the Bronze and Silver Ring: Identity Assurance Progress (PDF Slide Deck. Webinar recorded June 15, 2011)

InCommon Assurance Web page

InCommon Certified Identity Providers

Federal ICAM Approved Identity Providers

Add yourself to our email list by sending an email to sympa@incommon.org with this in the subject: subscribe assurance

Join our monthly Implementers calls scheduled for Noon ET on the first Wednesday of every month. 
+1-734-615-7474 
+1-866-411-0013 (toll free US/Canada Only)
PIN: 0113802#

9 Jul 2014
19 March 2014 (presentation on Multi-Context Broker)
12 Feb 2014
4 Dec 2013
6 Nov 2013
2 Oct 2013
4 Sep 2013
7 Aug 2013
10 July 2013
5 June 2013
8 May 2013
3 April 2013
6 March 2013
13 Feb 2013
9 Jan 2013
12 Dec 2012