-
Research
and Publications
Current Issue
May/June 2013
EDUCAUSE ReviewPublications
-
Conferences
and Events
Annual Conference
October 15–18, 2013
Register now!Events for all Levels and Interests
Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.
-
Career
Development
EDUCAUSE Institute
Leadership/Management Programs
Explore MoreCareer Center
Leadership and Management Programs
EDUCAUSE Institute
Advanced Programs
Project Management
Jump Start Your Career Growth
Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.
-
Focus Areas
and InitiativesLatest Topics
EDUCAUSE organizes its efforts around three IT Focus Areas
Join These Programs If Your Focus Is
-
Connect
and ContributeFind Others
Get on the Higher Ed IT Map
Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
-
About
EDUCAUSE
Filter by type
Filter by Publications
Filter by Presentations
Filter by Library Taxonomy
- Federated Identity Management [x]
- Shibboleth [x]
- Cybersecurity (14)
- Identity and Access Management (14)
- Middleware (14)
- Network Applications (14)
- Networking and Emerging Technologies (14)
- Authentication (6)
- Information Technology Management and Leadership (3)
- Single Sign On (SSO) (3)
- Collaboration (2)
- Authorization (1)
- E-Content (1)
- Enterprise Information Systems (1)
- Information Systems and Services (1)
- Institutional Management (1)
- Libraries and Technology (1)
- Security Planning (1)
- Small College (1)
- Student Information Systems (1)
Identity management refers to the policies, processes, and technologies that establish user identities and enforce rules about access to digital resources. In a campus setting, many information systems–such as e-mail, learning management systems, library databases, and grid computing applications–require users to authenticate themselves (typically with a username and password). An authorization process then determines which systems an authenticated user is permitted to access. With an enterprise identity management system, rather than having separate credentials for each system, a user can employ a single digital identity to access all resources to which the user is entitled. Federated identity management permits extending this approach above the enterprise level, creating a trusted authority for digital identities across multiple organizations. In a federated system, participating institutions share identity attributes based on agreed-upon standards, facilitating authentication from other members of the federation and granting appropriate access to online resources. This approach streamlines access to digital assets while protecting restricted resources. [Source: 7 Things You Should Know About Federated Identity Management]
Suggested Resources
- Economic Tussles in Federated Identity Management, First Monday, October 2012. The authors present an economic perspective of stakeholder incentives that sheds light on why some applications have embraced FIM while others have struggled.
- 2011 ECAR Identity Management in Higher Education Report
- Identity & Access Management Working Group: This EDUCAUSE working group operates an open mailing list for general discussion of Identity and Access Management (IAM) topics and maintains a website with additional resources and links.
- Identity Management Wiki: The Identity & Access Management Working Group is also actively developing a wiki on Identity Management. Topics include: technical issues (e.g., authorization or authentication), legal and government issues (e.g., CALEA or HEOA), account management, and IAM software vendors.
- IAM Online: IAM Online is a new monthly series delivering interactive education on Identity and Access Management (IAM), including federated identity management essentials, advanced issues in IAM, and hot topics from the EDUCAUSE Identity and Access Management Working Group. Experts will provide overviews, answer questions and lead discussions.
- InCommon: The InCommon Federation eliminates the need for researchers, students, and educators to maintain multiple passwords and usernames. Online service providers no longer need to maintain user accounts. Identity providers manage the levels of their users' privacy and information exchange. InCommon uses SAML-based authentication and authorization systems (such as Shibboleth®) to enable scalable, trusted collaborations among its community of participants.
- Shibboleth®: The Shibboleth System is a standards based, open source software package for web single sign-on across or within organizational boundaries. It allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner.
Updated October 2012
Latest News
InCommon will be heavily involved in a $1.8 million grant awarded to Internet2 to build a consistent and robust privacy infrastructure. Partners include Carnegie Mellon, Brown, University of Texas...
Virginia Tech has become the first identity provider to achieve Bronze and Silver certification as part of the InCommon Assurance Program.
The annual EDUCAUSE Conference in Denver will provide an opportunity to explore the range and depth of issues that campuses must consider as they build...
Advance CAMP will be held October 4-5, 2012, after the Internet2 Fall Member Meeting in Philadelphia, PA. The meeting will feature an unconference-style agenda, providing substantial time for...
A major milestone in the implementation of the NSTIC, "Trusted Federal Systems (TFS) will facilitate collaboration among multiple stakeholders to help drive the creation of consensus standards...
Eve Maler, an expert on emerging identity and security at Forrester Research, discusses the past, present, and future of SAML in this webinar recording.
Library Items on this Topic
EDUCAUSE Library Items for Federated Identity Management
-
IAM Working Group Community Update
-
October 14, 2010
|
A session at the EDUCAUSE 2010 Annual Conference
The Identity and Access Management Working Group provides community leadership on topics related to identity and access management, including policies, processes, technologies, and effective practi…
-
Federated Identity Management: Addressing the Risky Business
-
April 14, 2010
|
A session at the Security 2010
With increased losses in PII data, regulatory compliance, and SaaS, the protection of identities becomes paramount for security professionals. Accessing restricted resources held by a partner can b…
-
Identity Management in Higher Education 2010 Survey Questionnaire
-
March 23, 2010
This March 2010 survey is a critical component of the 2010 EDUCAUSE Center on Applied Research (ECAR) follow-up to its 2006 baseline study of identity management in higher education. The 2006 st…
-
Shibboleth Access to Licensed Library Resources Through InCommon
-
January 15, 2010
|
A session at the EDUCAUSE Mid-Atlantic Regional Conference 2010
Phase 2 of the InC-Library Initiative (https://spaces.internet2.edu/display/inclibrary/InC-Library) is focused on defining best practices for access to protected e-resources via federated identity …
-
Stage 5: Federating the Identity: What Does This Mean, What Are the Challenges, and Why You Should Care
-
February 5, 2009
Federations provide the trust framework, common definitions, and standards-based transport mechanisms for sharing information about our constituents with other institutions. But what does this real…
-
Seminar 03P - Creative Sourcing for Small Schools: Managing Access to Off-Campus Service Providers PLEASE NOTE: Separate registration and fee is required to attend this seminar.
-
October 28, 2008
|
A session at the EDUCAUSE 2008 Annual Conference
Small schools typically have fewer IT staff and resources to address a business challenge and need to think creatively about how to support the growing number of applications their constituents are…
-
Federated Identity: Leveraging Shibboleth to Access On- and Off-Campus Resources
-
January 16, 2008
|
A session at the EDUCAUSE Mid-Atlantic Regional Conference 2008
More and more institutions are using Shibboleth to address both their on-campus and third-party access requirements. This case study will provide information about federated identity management (sp…
-
Leveraging Your Existing Campus Systems to Access Partner Resources: Federated Identity Management and Tales of Campus Participation
-
October 12, 2006
|
A session at the EDUCAUSE 2006 Annual Conference
Campuses can leverage investments in single-sign-on systems to access external systems and information resources partners. Panelists will explain InCommon federation participation, what it means fo…
-
Federated Identity Management: Addressing the Risky Business
-
April 11, 2006
|
A session at the Security 2006
Accessing restricted resources held by a partner can be risky for both parties. This presentation will include a discussion of national and international federations, what the policy dimensions are…
-
Federated Identity Management: The Shibboleth Approach
-
March 22, 2005
|
A session at the EDUCAUSE Midwest Regional Conference 2005
The Shibboleth software system enables Web-based, interinstitutional resource sharing by leveraging campus identity management systems. Creating a larger trust community of collaborating institutio…
