|
In This Issue |
|
- November 9 IAM Online: Policy and Multifactor Deployment
- IAM Online: Have a Topic in Mind?
- Assurance Advisory Committee Nominations Open
- New and Emerging Methods of Metadata Distribution
- SIRTFI Proof of Concept
- Webinar Series Focuses on Cybersecurity for NSF Projects
- Shibboleth IdPv3 Hall of Fame
- Research & Scholarship Category
- Steering, TAC, and AAC Public Minutes
- Call for Proposals Open for 2017 Security Professionals Conference
- New InCommon Participants
- New InCommon Certificate Service Subscribers
- New Duo Security Subscribers
|
|
November 9 IAM Online: Policy and Multifactor Deployment |
|
|
Are you considering deploying multifactor authentication? Are you concerned about policy issues or buy-in from key stakeholders? Join us for IAM Online November 9 (2 pm ET) and learn about the policy
and political challenges faced by two recent deployers, and what those might mean for your campus. Matthew Dalton (University of Massachusetts Amherst) and Brendan Bellina (UCLA) will discuss MFA and the key issues to address prior to deployment. |
IAM Online: Have a Topic in Mind? |
|
|
We’re approaching the 7th anniversary of IAM Online, InCommon’s monthly webinar series, and want to encourage more community involvement in developing topics. As a first step, there is now a form on the wiki that you can use to suggest topics and speakers.
Please share your thoughts and ideas: https://spaces.internet2.edu/x/toX8 |
|
Assurance Advisory Committee Nominations Open |
|
|
Nominations (including self-nominations) are open for the InCommon Assurance Advisory Committee (AAC) for three-year terms beginning in 2017. The AAC is focusing on baseline expectations for InCommon Federation participants, multifactor implementation, and
other methods to increase trust and assurance. Please send nominations to Chris Spadanuda, AAC chair, at
. See the full nominations announcement and additional information on the AAC. |
|
New and Emerging Methods of Metadata Distribution |
|
|
Last month’s newsletter told you about InCommon’s new IdP-only metadata aggregate. Related to this, the InCommon Per-Entity Metadata Working Group is just now completing its work. Tom Scavo, InCommon’s operations manager, has written
a blog post describing why the IdP-only aggregate was deployed and what he sees coming with respect to per-entity metadata. |
|
SIRTFI Proof of Concept |
|
|
The international organization of research and education federation operators, REFEDS, has drafted a specification for a federated incident response framework called SIRTFI (Security Incident Response Trust Framework
for Federated Identity). It includes a list of assertions that would be self-attested by an organization. One key requirement is the listing of a security contact in metadata. The framework just completed its community review period and is nearing finalization.
A SIRTFI proof of concept is currently underway in InCommon. |
|
Webinar Series Focuses on Cybersecurity for NSF Projects |
|
|
The Center for Trustworthy Science Infrastructure has started offering a monthly webinar focused on cybersecurity for NSF projects. The monthly series takes place on the fourth Monday of the month at 11 am ET. Details are at http://trustedci.org/webinars. |
|
Shibboleth IdPv3 Hall of Fame |
|
|
There are now 207 InCommon IdPs using Shibboleth IdPv3, with 171 still on IdPv2. The latter reached end-of-life on July 31, 2016. See the Shibboleth IdP V3 Hall of Fame page on the wiki for details.
Have you upgraded? |
|
Research & Scholarship Category |
|
Five Service Providers were added to the Research and Scholarship (R&S) Entity Category during October, and three IdPs have declared their support. There are now 63 InCommon Service Providers
in the international REFEDS R&S category and 44 InCommon Identity Providers have declared that they release the appropriate attribute set to the category (see the lists here).
When an Identity Provider releases attributes to the category, every R&S Service Provider will receive those attributes - now and in the future.
The new R&S SPs include:
- University of Nebraska Medical Center SP API
- Smarter Agriculture
- Functional Accessibility Evaluator
- OSiRIS Portal
- DIBBs17 Workshop
The new IdPs are:
- Haverford College
- Naval Postgraduate School
- University of California Office of the President
|
Steering and TAC Public Minutes |
|
A reminder that the minutes of the InCommon Steering Committee and the InCommon Technical Advisory Committee (TAC) are available on the
wiki. You can also find information about all InCommon Working Groups on this wiki page. |
Call for Proposals Open for the 2017 Security Professionals Conference |
|
The 15th annual Security Professionals Conference will be held May 1–3, 2017 in Denver, Colorado. Submit a proposal to share future directions, best practices, stories on successful collaborations, or solutions to community-wide information security and privacy
issues of interest by Monday, November 14. http://www.educause.edu/sec17 |
New InCommon Participants |
|
As of November 3, InCommon has 891 participants taking advantage of one or more InCommon services. InCommon welcomed these organizations during October:
Higher Ed
Bentley University
SUNY College of Optometry
University of Toledo
Wichita State University
Sponsored Partners
3D Control Systems, Inc.
Center for Open Science, Inc.
Collaborative Institutional Training Initiative (CITI Program)
|
New InCommon Certificate Service Subscribers
|
|
As of November 3, 384 organizations subscribe to the InCommon Certificate Service, which provides unlimited certificates for all domains owned by a university at one annual fee. New
subscribers during October included:
Bentley University
Marist College
|
Duo Security Subscribers
|
|
As of November 3, 119 organizations subscribe to the Duo Security multifactor authentication service offered through InCommon. New subscribers during October included:
Tufts University
|
InCommon Update
