Presenter’s Name

InCommon•Approximately 80 members and growing steadily

•More than two million “users”

•Most of the major research institutions (MIT joining soon)

•New types of members• Non usual suspects – Lafayette, NITLE, Univ of Mary Washington, etc.• National Institute of Health• Student service providers• Energy Labs• MS, Apple

•Steering Committee chaired by Clair Goldsmith of Univ of Texas; Technical Committee chaired by Renee Shuey of Penn State

Presenter’s Name

Uses

• Access controlled wikis• Access to academic content, such as Elsevier• Access to popular content, such as Cdigix• Access to Microsoft• Access to services, such as student travel agencies,

testing services, • Access to Grid computational resources, portal

providers, recruitment services, etc• (Trust base for dynamic circuit

authorization/accounting)• (Google Apps for Education)

Presenter’s Name

InCommon•Impacts of federation are real

• Dreamspark - Microsoft delivery of developer kits, source code, etc to students https://downloads.channel8.msdn.com/; over 50% of all download traffic from Microsoft was federation-enabled one week after announcement.

• {Federation + persistent, opaque identifier + attributes with consent} addresses international privacy requirements.

•InCommon Silver, a new profile is now being deployed to serve higher assurance applications•Federated Sharepoint, federated wikis are proving to be killer apps….•www.incommonfederation.org

Presenter’s Name

Federation Soup

• Workshop to held early June• Bringing together all manners of federation to figure out

federation relationships• InCommon, JISC, state federations, library federations,

university system federations, grid federations, etc.• Topics include alignment of policies, technologies, attributes,

metadata, etc.

• Approaches include peering, nested, leveraged, and a whole lot of ad hoc

• Outputs may include best practices, multi-homing, etc.

Presenter’s Name

Capabilities of federated identity

• Real-time delivery of identity and attributes

• Supports role-based access controls• Providing privacy and enhanced security• Integrates with collaboration management platforms that are being adopted by virtual organizations

Presenter’s Name

Real time access controls

• Delivery of attributes to control points• Initially via web browsers and now via web

services and a variety of native api’s

• Rich controls at policy control points

• ISOC “Identity, Trust and the Internet” will apply identity and trust to a growing suite of Internet RFC’s.

Presenter’s Name

Collaboration and Federated Identity

• Two powerful forces being leveraged• the rise of federated identity• the bloom in collaboration tools, most particularly in the

Web 2.0 space but including file shares, email list procs, etc

• Collaboration management platforms provide identity services to “well-behaved collaboration applications”

• Results in user and collaboration centric identity, not tool-based identity

Presenter’s Name

Comanage

• A collaboration management platform, supported in part by a NSF OCI grant, being developed by the Internet2 community, with Stanford as a lead institution

• Open source, open protocol• Uses Shibboleth, Grouper, and Signet• Parallels activities in the UK and Australia

Presenter’s Name

Comanageable applications

• Already done• Sympa, Federated wikis, Asterisk (open-source IP

audioconferencing), Dim-Dim (open-source web meeting), Bedeworks (federated open-source calendar)

• Immediate targets• Rich access controlled wikis• Web-based file shares, IM, Google Apps for Education

• Domain science resources• Instruments• Grids

FederatedWiki

Domain Science

Grid

Domain Science

Instrument

University A University B Laboratory X

CollaborationManagement

Platform

CollaborationTools/ Resources

ApplicationAttributes

Home Org & Id Providers/

Sources ofAuthority

AttributeEcosystem

Flows

Attribute/Resource Info Data Store

Collaboration Management Platform (CMP)and the Attribute Ecosystem

Sources of Authority

CoAuthorization –

Group InfoAuthorization –Privilege Info

AuthenticationPeoplePicker

OtherFunctions

manage

File Sharing

CalendarPhone/Video

Conference

Email List

Manager

Presenter’s Name

Possibilities and next steps

• Virtual organizations adopting federated identity and collaboration management platforms• LIGO – www.ligo.org (and GEO and VIRGO)• Ocean Observing Initiative -(

http://www.joiscience.org/ocean_observing)• Providing audit and security in a federated environment• Cutovers are more difficult than new VO

• Integrating domain science tools• Cyberinfrastructure, e.g. Teragrid, OSG, integrating, providing

collaboration management platform service centers • Integrating research administration into the mix