Error!

Spaces has been migrated to the cloud. Please go to https://ucla-confluence.atlassian.net to update your space/s.

IT Services has migrated the content of spaces.ais.ucla.edu to Atlassian Confluence Cloud. Please visit https://ucla-confluence.atlassian.net to update your space/s. Spaces.ais.ucla.edu is now in read-only mode through July 31st, 2024
UCTrust Workgroup
Child pages
  • Meeting Notes - 2011-4-21 Conference call

Versions Compared

Old Version 2

changes.mady.by.user Cheung, Celia

Saved on

compared with

New Version 3

changes.mady.by.user Cheung, Celia

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

David Walker, UCD
Dedra Chamberlin, UCB
Dattathreya Sharma, UCLA
Celia Cheung, UCLA (scribe)

Bob Ono, UCD
Chet Burgess, UCOP
John Kamminga, UCM
Warren Leung, UCLA

Matt Elder, UCSD
Patrick, UCD
Eric Goodman, UCSC
Greg Haverkamp, LBNL

Andrew Tristan, UCR
Steven, UCR
Curtis, UCD

Proposal to create UCTrust/UCITPS work group on two-factor/LoA 3 and 4

There is a proposal to create another joint workgroup between UCTrust and UCITPS. The work that the joint group did for Incommon Silver went very well, so the proposal is for this new cross functional group to work together on coordinating a coordinate plan to come with the following items:

  • Use cases for authentication
  • Explore technical alternatives and asses assess what campuses are using currently
  • Put together recommendations for the ITLC

This will be a preliminary exploratory building of a recommendation; if it is endorsed by the ITCL ITLC then the group will carry on and do more detailed work.

...

The survey talks about how Shibboleth has been a project of Internet2, but is important to a number of other federations around the world. It discusses how to fun fund Shibboleth for support as well. It asks about how important Shibboleth is to you and has questions about paying money for Shibboleth. Obviously, Shibboleth is important to us so we want to know that it will continue to be supported.

...

The UC response will be sending a letter to the appropriate person in Internet2; UCTrust would as ask whoever is chairing the ITLC now to forward along that message. David is going to ensure that the ITLC knowsa bout knows about the survey and that part of it is asking about investments in order to gauge their response to this.

Updated work plan:

High Priority

  • Complete the strategy for alignment between InCommon Silver and UCTrust Basic (in conjunction with UCITPS)
  • Guidance for service providers in the following areas (in conjunction with ITAG)
    • Assessment to determine the appropriate level of assurance
    • Guidance on the selection and use of identifiers and other attributes
    • When applications should be federated
    • Discovery service options
      • Central "WAYF"
      • Internal to SP
      • Create a UC-only discovery service?
  • The following will be driven by other UC-wide projects
    • User Provisioning
      • Support for targetedID
      • Support for groups
    • Support for the new HR/Payroll system

...

  1. Two-factor authentication
  2. Sun identity management/IAM component
  3. Entitlement
  4. Support for other attributes
  5. Shibboleth migration/upgrade (several schools campuses are on 1.3)

Side notes during this topic:

  • David mentions that we have to use software that is recommended by Incommon, and that we must follow their sliding window.
  • A question is asked on when Incommon is going to be accepting audit results for Incommon Silver; it seems like the specifications are out now but it is not yet finalized.

...

There is a page for the project up on the wiki: https://spaces.ais.ucla.edu/display/uctrustwg/InCommon+Silver+Integration

...