1 / 8

(Inter)Federation as Identity Management Policy Driver? RL "Bob" Morgan University of Washington

(Inter)Federation as Identity Management Policy Driver? RL "Bob" Morgan University of Washington. US E-Authentication Initiative. Infra for authentication for web-based apps for most (24) USG agencies, e-auth is how users (both intra- and extra-gov) will authenticate

emmly
Download Presentation

(Inter)Federation as Identity Management Policy Driver? RL "Bob" Morgan University of Washington

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. (Inter)Federation as Identity Management Policy Driver? RL "Bob" Morgan University of Washington

  2. US E-Authentication Initiative Infra for authentication for web-based apps for most (24) USG agencies, e-auth is how users (both intra- and extra-gov) will authenticate e-auth-using apps supposed to be running now a few in use now, eg Fidelity users and SSA CAF defines IdM requirements for IdPs 4 levels of assurance, higher 2 require user certs 3 schools (UW, PSU, Cornell) evaluated for L2 came to halt due to EAI participation agreement

  3. InCommon and Interfed InCommon Federation for US Higher Ed 20 campus IdPs, 10 or so SPs, growing IdPs only have to publish practices, SPs evaluate Interfederation GSA won't assess a zillion campuses so InC and EAI interfederate don't know how it will work yet could go both directions

  4. Policy Issues are USG apps motivation to modify campus IdM? ID proofing, passwords, division of pop into LoAs role of InCommon in audits, assurance? just use USG-defined LoAs? or make some more for our purposes?

  5. Low-Assurance IdP in InCommon? Apps would like to federate, but not all users are from participating IdPs so, add "consumer-style" IdP with email signup could let campuses avoid running one what would apps require from it? does it "dilute" federation quality?

More Related