InCommon Federation Discussions About Online Student Services

[Ann West <>]

All,

Today is the last day for submitting an Educause Annual proposal, so I went 
ahead and drafted one and sent it in. See below.

I've included Mark and myself as placeholders, but we can decide who will be 
speaking closer to the time.

Best,

Ann



----- Forwarded Message -----
From: 

To: 

Sent: Tuesday, February 22, 2011 12:52:31 PM
Subject: EDUCAUSE 2011 Face-to-Face Meeting Proposal Submission Confirmation

Dear Ann,

Thank you for your response to the EDUCAUSE 2011 Call for Proposals. The
time and effort you took to prepare this material and your willingness to
participate are greatly appreciated.

The program committee will review all responses and you will be notified
in May 2011 regarding the status of your session proposal.

If you have any questions, please do not hesitate to contact the proposal
coordinator:

Leslie DeGrassi
EDUCAUSE Speaker Liaison
Phone: 303-939-0325
E-mail: 


**************************************************

Here is a copy of what you submitted for your records:

Presenter 1:
Ann West
Ann
Sr. Program Manager, Internet2/InCommon
Michigan Technological University
Department of Computer Science
1400 Townsend Dr., Rehki Hall, Rm 221
Houghton
MI
49931-1295
(906) 487-1726


Lead Presenter: Ann West

Presenter 2:
Mark McConahay
Senior Associate Registrar
Indiana University
Franklin Hall 113
601 East Kirkwood Ave.
Bloomington, IN, 47405-1223
812-855-2472



Proposed Session Title:
Remote Identity Verification: Do You Know Who Your Students Are?

Session Format:
Panel Discussion

Session Resources:
Standard slide deck (PowerPoint), Participant access to explore online
tools and resources

Rationale for format and session resources selections:
Each presenter will be discussing aspects of a project (described) below
that he/she worked on. In addition, there will be more background
available on a wiki site that will be open to anyone to access.

If your session is accepted, you may be asked to stream your session to
our online audience:
I agree to be streamed

Suggested Audience:
Chief information offers/senior IT leaders/campus
executives/administrators, IT directors and managers, Frontline
practitioners

The session I am proposing will most benefit people who:
Are new to this topic/content area

Program Theme - Preference 1:
Identity management and access

Program Theme - Preference 2:
Security, privacy, audit

Program Theme - Preference 3:
Process improvement

Domain Focus Areas:
Enterprise Information Systems and Services, Information Security and
Privacy Protection

Session Abstract:
With the increase in financial aid and academic fraud, knowing the
identity of your students is becoming increasingly important. Learn about
the IT/Registrar professionals who conducted a survey of identity
practices and developed a set of methodologies to address verifying the
physical identity of students at a distance.


Session Content 1. Statement of the problem or issue:
As stated in the abstract, IT and Student Services Professionals alike are
wrestling with how to determine the actual identity of students and other
audiences who never come to campus, but need access to protected online
resources. Anecdotal stories are growing in the areas of financial and
academic fraud. Privacy and higher education legislation requires that we
have a better handle on who our students are. Distance education program
managers are very interested in having a level of comfort that they are
awarding degrees to the right individuals. And there are broader
implications for identity proofing traditional students earlier in the
student life cycle to ensure an adequate level of security given the
sensitive information to which they have access.

Session Content 2. Description of activity, project, or solution:
The InCommon Student Group comprising campus representatives from
IT/Student Services, AACRAO, Internet2, and InCommon conducted a survey in
2010 of the AACRAO distance education community. Early findings (but not
practices) were reported on at the last EDUCAUSE Annual Conference, but
the group is now working on a more in depth survey analysis and
recommended methodologies. The group plans to vet these with IT and AACRAO
communities as well as FERPA experts. A synopsis of the report will be
published in the AACRAO College and University Journal this summer.

Session Content 3. Impact:
Campuses are looking for how to conduct remote identity verification to
increase security and enable the right people to access the right
resources. Currently, there is a misconception about what is sufficient
and therefore institutions are  (in many cases unknowingly) putting their
processes and resources at risk.

Session Content 4. Importance or relevance to other institutions:
Remote Verification requires the coupling of the 1) physical person, 2)
identity record maintained by the organization and 3) authentication
credentials such as login id and password. This is a triad where each one
of the three must be bound tightly to the other two to raise a level of
assurance that the person using the authentication credentials to login is
who they say they are.

Currently, schools bind the credential to the person and the record very
well, for the most part. The rub is the tying of the individual to the
identity record. This is where the recommended practices come in. The
group will present the use of 1) knowledge-based and 2) external
third-party verification practices, both of which have a number of
variations that schools can tailor use. The speakers will also present a
red herring example to show how common practice isn't sufficient for
higher-value/privacy-related transactions such as reviewing financial aid
information.

Session Content 5. Session Interaction:
The initial part of the presentation will be dedicated to providing
background for the attendees to bring them up to speed on the components
of remote identity verification and the survey findings. The
methodologies section will be discussion driven, so that the team can get
further feedback and implementation information to take back and use to
augment the wiki site for the project.

Session Content 6. Outcome:
The InCommon Student Services Group hopes to provide enough information
across the AACRAO/EDUCAUSE communities to help schools better understand
this issue, learn about acceptable practices, adopt and/or tailor one for
their needs, and increase their security and compliance as a result.



-- 
Ann West, Sr. Program Manager 
Internet2/InCommon/Michigan Tech 

 

 
office: +1.906.487.1726