1 / 26

Project Presentation to: The Electronic Access Partnership July 13, 2006

The. Project Presentation to: The Electronic Access Partnership July 13, 2006 Presented by: Tim Cameron, Meteor Project Manager. What is the Meteor Project?. The Meteor Project. The Meteor Software The Meteor Network The Meteor Federation. The Meteor Software. Meteor Software Features.

kdickinson
Download Presentation

Project Presentation to: The Electronic Access Partnership July 13, 2006

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Project Presentation to: The Electronic Access PartnershipJuly 13, 2006 Presented by: Tim Cameron, Meteor Project Manager

  2. What is the Meteor Project?

  3. The Meteor Project • The Meteor Software • The Meteor Network • The Meteor Federation

  4. The Meteor Software

  5. Meteor Software Features • Information from multiple data providers is aggregated in real-time to assist the end user with the financial aid process, repayment and default aversion. • A one-stop, common, online customer service resource • Meteor is a collaborative effort utilizing leading-edge technology and access is provided at no charge.

  6. Types of Data Available • FFELP • Alternative/Private Loans • State Grants & Scholarships (Summer 2006) • Perkins (In development) • Direct Loans (Planned) • Pell Grants (Planned)

  7. Who Can Access the Meteor Network? • Meteor • Federated Model: Transitive Trust • Multiple points of access • User Roles • School • Student/Borrower • Customer Service Representatives • Lenders

  8. Reliability and Security • Data is sent directly from the data provider’s system and is not altered in any way within the Meteor software • All data is electronically transmitted securely using SSL encryption • Independent audit showed no serious vulnerabilities with the software

  9. Building Trust and Integrity • The Meteor Advisory Team sought input and expertise regarding privacy and security from the sponsoring organizations and the NCHELP Legal Committee. • Analysis was provided in relation to GLB and individual state privacy laws. • The analysis revealed that Meteor complied with GLB, FERPA, and known state privacy provisions.

  10. The Meteor Network

  11. The Meteor Process Access Providers Data Providers Users One Financial Aid Professional orStudent/BorrowerorAccess Provider RepresentativeorLender Two Index Providers Three

  12. Clearinghouse as Meteor Index • 100% of FFELP guarantee volume • Over 5.6 million Direct Loan Program accounts • Over 13.2 million FFELP servicer accounts • Over 1.6 million Perkins/Private/Alternative Loan servicer accounts (including some managed by schools themselves)

  13. Meteor Customization • Meteor screens can be customized to blend with the service providers current web services • Meteor allows a service provider to customize the use of the data provided in the Meteor Network • i.e. MYF Exit Counseling application • Not a standard Meteor implementation • Customized screens • Further integration is possible! • Meteor software can be used in other internal applications with approval from the MAT

  14. Meteor Usage • Meteor Usage • FAA Statistics • Usage has been increasing since FSA announcement about use of real time data • Borrower Statistics • Meteor…not just an inquiry network • In addition to providing access to and aggregation of financial aid award information, the Meteor software can also be used by organizations to enhance their current services. • MYF integration • Internal usage of the software at member organizations

  15. The Meteor Federation

  16. Meteor Authentication Model • Utilizes transitive trust model • No central authentication process • Each Access Provider uses their existing authentication model (single sign-on) • Level of trust assigned at registration • Authentication vs. Authorization • Authentication is the process of determining the identity of a user that is attempting to access a system. • Authorization is the process of determining what types of activities are permitted.

  17. Authentication and Authorization • Once you have authenticated a user, they may be authorized different types of access or activity. • Meteor Roles • Financial Aid Professional • Student/Borrower • Customer Service • Lender

  18. Creating the Federation – Challenges and Opportunities • Policy • Provider eligibility • Security and privacy • Removal from the network • Consensus Building • Over 40 providers (challenge!) • Collaboration • Over 40 providers (opportunity!)

  19. Meteor Authentication • Meteor model developed in conjunction with Shibboleth • a project of Internet2/Mace, • developing architectures, policy structures, practical technologies, and an open source implementation • supports inter-institutional sharing of web resources subject to access controls by developing a policy framework that allows inter-operation within the higher education community. • Project participants include Brown University, Ohio State, Penn State and many other colleges and universities.

  20. Levels of Authentication • Meteor Levels of Assurance • Level 0: Single piece of public information • Level 1: ID and one piece of public information • Level 2: ID and two pieces of public information • Level 3: User ID and Password • All providers are supporting Level 3 Authentication • National Institute of Standards and Technology (NIST) • Meteor Level 3 = NIST Level 2

  21. Authentication Process: • Student logs into Access Provider site (i.e. school, lender, servicer or guarantor) • Access Provider follows their local authentication procedures, assigns a role and retrieves the appropriate assurance level from the Meteor Registry • Access Provider builds the security assertion • AP Unique ID • User Role • End User Identifier • Authentication Process ID • Assurance Level

  22. Authentication Process: • Access Provider digitally signs the request and queries the Index Provider • Index Provider validates the provider (digital certificate) against the Registry; • Index Provider builds a response message and digitally signs and sends the request to the Access Provider • Access Provider receives the response and validates the provider against the Registry; validates the digital signature; validates assurance levels for Data Provider requirements; builds, signs, and sends the request message

  23. Authentication Process: • The same validation process continues for the Data Provider’s receipt and response and the Access Provider’s receipt and display of the Meteor messages.

  24. Current Production Participants

  25. Next Steps • Inter-Federation Authentication • Multi Factor Authentication • State Security Breach Reporting Legislation

  26. Contacts Tim Cameron Meteor Project Manager NCHELP 703-969-8565 meteor@nchelp.org or tcameron7185@bellsouth.net

More Related