Editor’s Note: Mark Johnson is the Chief Technology Strategist at MCNC, a technology nonprofit that builds, owns and operates the North Carolina Research and Education Network (NCREN). Mark has more than 30 years of experience developing Internet technology and deploying it. He currently is a board member of The Quilt and the Schools, Health, and Libraries Broadband (SHLB) Coalition and a nominee to serve on the FCC’s new Broadband Deployment Advisory Committee to represent the national R&E networking community.
RESEARCH TRIANGLE PARK, N.C. – What exactly is Federated Identity Management, or FIM?
Here is a simple way to grasp it …
You have an ATM card and need to get some cash. You’re not able to find a machine from your bank but find one nearby and decide to use it. The machine doesn’t belong to your banking institution, but your card still works and you’re able to access your funds even though you don’t bank with them. How does that work?
In this spirit, think of a federated login online like an ATM because thousands of banks are federated, each with millions of users. The username is the ATM card, and the password is the Personal Identification Number (PIN) maintained by your bank. Other institutions give access based on trusting their username and password.
FIM in K-14 Education
Many North Carolina education institutions desire this kind of access to remote and protected web-based services. FIM technologies enable such access on the Internet and can be especially beneficial in North Carolina. But it must be efficient, cost-effective, quick, secure, and user friendly.
FIM allows each education institution to only manage its users and trust that the information about users from other institutions is accurate. Owners of shared online services and resources, accessed by users from different institutions, trust that credentials are kept up to date by their home institutions. There is also an underlying trust (acknowledged by member/federation agreements) that users and service owners will act responsibly.
Last November, MCNC introduced a first-in-the-nation, proof of concept to extend InCommon FIM technologies beyond universities, to now include K-12 education and community colleges in North Carolina – giving participating institutions the ability to use a secure local credential to safely access a wide array of online educational resources. MCNC acts as the Steward for North Carolina institutions in the Internet2 program, managing and supporting organizational trust to facilitate participation in the national FIM system.
In January, MCNC helped register Davie County Schools as the first K-14 institution under the InCommon Steward Program. This month, Rockingham County Schools and Davidson County Community College also were on-boarded in the program.
Donald Beck, Director of ITS at Davidson County Community College, said the InCommon Steward Program will create additional opportunities for sharing services and applications, access to national and international resources, and offer a seamless transition from one educational level to the next. “We’re proud to be part of a program that can serve as a model for others across the state and nation as to what is possible,” Beck added.
Building Trusted Networks
In 2013, education and technology leaders in eight states began collaborating with InCommon to extend advanced trust and identity solutions used at the nation’s top universities to K-12 and community college students, faculty and staff as part of a set of pilots. Over time, those pilots evolved to build the InCommon Steward Program, which is currently a proof of concept only happening in North Carolina.
Internet2 oversees the national program with more than 900 InCommon current participants. Internet2’s core infrastructure includes the nation’s largest and fastest research and education network that was built to deliver advanced, customized services that are accessed and secured by the community-developed trust and identity framework.
“InCommon has its origins with research universities and has seen significant growth throughout higher education over the last decade,” said Ann West, Associate Vice President for Trust and Identity at Internet2. “This collaboration with MCNC allows the extension of these secure and privacy-preserving single sign-on benefits to K-12 and community colleges in North Carolina and throughout the country.”
MCNC and InCommon completed the required legal agreements last year to begin this work, and it currently serves as a model for what is expected to be important software infrastructure for education in the years to come. For more information, view this fact sheet: Partnering for K-14: the InCommon Steward Program.
Looking Forward and Next Steps
The 2016 Internet2 Trust and Identity Accomplishment Report was released last week, outlining the groundwork for much of the progress seen in recent times and trends to watch for in 2017. The proof of concept for the Steward Program with MCNC in North Carolina is a noted accomplishment in this report.
North Carolina could be the first state to successfully leverage a regional network and the existing InCommon infrastructure to create new possibilities with FIM technologies. Registering Davie and Rockingham County Schools as well as Davidson County Community College as first K-14 institutions in North Carolina to join the InCommon Steward Program is a great first step.
This summer MCNC and InCommon will report to various stakeholders on the progress, challenges, and next steps for this program. We hope other regional networks will continue to express interest like they have already as we collaborate to find a functional and scalable solution for everyone.
[VIDEO: Watch an Internet2 video overview about FIM at https://www.youtube.com/watch?v=fzkvhvLx5Ks ]
(C) MCNC
