1 / 30

How Do You Establish Student Identity Remotely: A Survey

How Do You Establish Student Identity Remotely: A Survey. Keith Hazelton, University of Wisconsin-Madison Ann West, Internet2/InCommon Federation. 2010 Fall Internet2 Member Meeting – Atlanta, Georgia. Topics. Identity Proofing Redux Survey Results Process Discussions. What’s the Question?.

Download Presentation

How Do You Establish Student Identity Remotely: A Survey

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. How Do You Establish Student Identity Remotely: A Survey Keith Hazelton, University of Wisconsin-Madison Ann West, Internet2/InCommon Federation 2010 Fall Internet2 Member Meeting – Atlanta, Georgia

  2. Topics • Identity Proofing Redux • Survey Results • Process Discussions

  3. What’s the Question? Recruit, admit, register, and award degrees to remote students But who are these people and how do you know they are who they say they are? No set of remote identity practices reviewed by key privacy and regulatory experts

  4. Thesis Statement The process by which you link the physical person to his/her identity information and to his/her credential is critical. If this is done poorly, there is little or no assurance that the person using that credential to authenticate and access services and information is who you believe them to be. It could be anyone, or multiple people over time. If this linking is weak, even the most complete personal information and the strongest credential will not improve the assurance of identity.

  5. Atomic Components Individual IdentityProofing Credentialing Credential Identity Record Credentialing

  6. The Actors • Identity Vetting is the process by which information about a person is gathered. Certain aspects are verified (like mail or email address). • Identity Proofing is the process by which the physical person is linked to his/her identity information. • Credentialing is the process where the user is linked to his/her credential (netid) and the credential is added to his/her identity record. • Authentication is verifying that the person seeking access to a resource is the one previously identified and approved. Proper authentication requires that the processes that precede it are not compromised.

  7. Financial Aid Info Received Admissions Registration Process IdentityAssured ✔ Third-party Info Received ACCEPTED REGISTERED/ORIENTATION FIRST CONTACT MADE APPLICATIONRECEIVED DEPOSIT PAID Your Certainty Identity Management On-boarding Identity Vetting Credentialing Identity Proofing

  8. Financial Aid Info Received Admissions Registration Process IdentityAssured ✔ Third-party Info Received ACCEPTED REGISTERED/ORIENTATION FIRST CONTACT MADE APPLICATIONRECEIVED DEPOSIT PAID ACCEPTED REGISTERED/ORIENTATION FIRST CONTACT MADE APPLICATIONRECEIVED DEPOSIT PAID Your Certainty Identity Management On-boarding Identity Vetting Identity Proofing Credentialing

  9. Financial Aid Info Received Admissions Registration Process IdentityAssured ✔ Third-party Info Received ACCEPTED REGISTERED/ORIENTATION FIRST CONTACT MADE APPLICATIONRECEIVED DEPOSIT PAID ACCEPTED REGISTERED/ORIENTATION FIRST CONTACT MADE APPLICATIONRECEIVED DEPOSIT PAID Your Certainty Identity Management On-boarding Identity Vetting Identity Proofing Credentialing

  10. Remote Proofing Survey • InCommon Federation and AACRAO • Survey of current practice • Focus on business process; not technology • Distance Education Audience • Degree-granting programs • Sent to 2,000 AACRAO Institutional Contacts • Preliminary results reflect 100 institutions

  11. Q4: When do you first learn about prospective students? • 22 Web queries • 10 Email queries

  12. Q 6: How do you establish an initial communications channel with the prospect? (Check all that apply.) • Other • Facebook • N/A • In person

  13. Q7: At what point is the first login credential chosen or assigned (e.g. email address, user id/password pair, etc.)?

  14. Q8: For what purposes are this initial login credential used? (Check all that apply.)

  15. Q10: If the initial login credential is assigned by a system, how do you communicate the credential to the remote person? (Check all that apply.)

  16. Q15: At what point is supporting documentation about an individual received from external third parties (e.g., testing service, etc)? (Check all that apply.)

  17. Q18: At what point do you perform primary identity proofing of the individual? (Definition)

  18. Q19: Which business office is involved in doing the identity proofing of remote individuals? (Check all that apply.)

  19. Q23: What document-related evidence do you require from the person to prove their physical identity and how is it sent to you?

  20. Q24: What other methods do you use to prove the physical identity of the person? (Check all that apply.) • Identify • Minister • Verisign • Exam Proctor • Principal • Transcripts • LMS Vendor • Pastor/Mentor • Background Checks

  21. Q27: If changes were proposed to the identity proofing process for distance education students, who would be involved in the decision? (Check all that apply).

  22. Random Comments • “When applying for financial aid, the FAFSA process has certain requirements and that is the documentation for most students. “ • “Doing something beyond what we currently do would be extremely inconvenient for students and prospects. It would also be very labor intensive for staff. “ • “My concern is access students allow parents, spouse and significant others without completing the proper consent to disclose forms for this access.” • “This information is extremely confidential, just as SS information is confidential. I am not sure anyone should look at this data except for key representatives within an assigned admission area….”

  23. Preliminary Conclusions • 1/3 not doing id proofing • 2/3 say they are id proofing – but are they?

  24. Ideas/Proposals: Off Campus In Person • Person submits an application and is accepted. There is third-party information on file. • Institution sends notary one-time password and identity information. • If subject provides convincing matching evidence to notary…. • Subject is linked to identity record. • Notary hands sealed envelope with a one-time token/URL to the individual so he/she can claim the credential. • Subject is linked to the credential.

  25. Ideas/Proposals: Third Party Information • By phone/website: Ask prospect knowledge-based questions on identity information obtained from third parties. • If they answer correctly, provide the subject with a one-time token/URL via email/mailing address in the identity record. • Subject is linked to the identity record. • Using an address in the identity record for delivery strengthens link between subject and identity record. • Subject is linked to credential.

  26. Ideas/Proposals: And This One? • Person submits an application and is accepted. There is third-party information on file. • Application is self-asserted information. • Subject is not linked to third-party information. • Institution provides a one time token/URL to the subject to their email/mailing address on record. • Credential is linked to identity record. • Subject is not linked to identity record.

  27. Resources • InCommon IAM Online – Remote Identity Proofing Webinar • http://internet2.na6.acrobat.com/p25014162 • InCommon Student Services Collaboration Group • https://spaces.internet2.edu/display/InCCollaborate/InC-Student

  28. Questions? • Keith Hazelton, UW-Madison • hazelton@doit.wisc.edu • Ann West, Internet2/InCommon • awest@internet2.edu

More Related