• Home

  • Documents

  • Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google,...
23
7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444) http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 1/23 Bring Your Own Credential Providing Access to Campus Services with Social Identities like Google, Facebook and Twitter Chris Keith, Brown University Catherine Zabriskie, Brown University Dedra Chamberlin, Cirrus Identity John Krienke, InCommon/Internet2

Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

Embed Size (px)

Citation preview

Page 1: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 1/23

Bring Your Own Credential

Providing Access to Campus Services

with Social Identities likeGoogle, Facebook and Twitter 

Chris Keith, Brown UniversityCatherine Zabriskie, Brown University

Dedra Chamberlin, Cirrus Identity

John Krienke, InCommon/Internet2

Page 2: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 2/23

John Krienke

 

Director, Internet2

Chief Operating Officer,

InCommon

Page 3: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 3/23

Going Social in 50 minutes:

1. 05' What, Why, Who

2. 10' How Now, Brown… Use Case: LMS

3. 10' How Now, Brown… Use Case: UFunds

4. 10' Social Gateways: Social to SAML

5. 05' Remaining issues & Getting involved

6. 10' Questions

Page 4: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 4/23

Social Identity for Campus Resources

What is a social identity? An existing account on asocial or email platform.

Q3 2013

http://janrain.com/blog/social-login-trends-across-the-web-for-q3-2013/

● 87% of  consumers are

aware of social

login, and more

than half havetried it. (janrain)

Page 5: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 5/23

Low assurance, 'arms-length' relationships:

● Parents

● Highschool Students

● Continuing Ed, MOOCs

●  Applicants

● Research partners

● Visiting professors, lecturers from non-federated organizations

●  Alumni, conference guests, non-university

others ...

What are driving campus use cases?

Page 6: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 6/23

Catherine Zabriskie

 

Director, Academic Technology

Services

Brown University

Page 7: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 7/23

Community of users

● Pre-college

●  Adult learners● Non-Brown undergraduates

● Professionals

● Instructors

● Faculty●  Artists

●  Anyone

Brown University:

Instructional Technology 

Page 8: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 8/23

● Distance learning for the delivery of less

commonly taught languages

● Students from consortium schoolsparticipate in Brown classes

● Access to course

tools as a student

Brown University:

Language Consortium

Page 9: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 9/23

● Summer@Brown Instructor Training and

community development

● Summer institute for researchers: Public 

Health Bio Statistics and Applied Data Analysis

Brown University:

Continuing Education

Page 10: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 10/23

Users 

no long-term relationship to Brown.

  no physical presence at Brown.  may not be associated with a higher-Ed

institution.

Use case requires no need to institutionallyvalidate the individual’s identity.

  No credit or grades offered

Brown University:

Criteria for use of social identity 

Page 11: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 11/23

Christopher Keith

 

Director of InformationTechnology

Brown University

Page 12: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 12/23

● UFunds resulted from a College-wide effort

to consolidate disparate systems for funding

opportunities.

● The system has evolved to support genericapplication processes.

● Most applications require some type of 

endorsement or recommendation.● Our current approach is to email the non-

Brown recommenders with token-based URL

specific to the recommendation.

Brown University:

Dean of the College: UFunds

Page 13: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 13/23

Demonstration Video

Brown University:

UFunds Proof-of-Concept

http://www.youtube.com/watch?v=FK1Pgsrmhno&feature=youtu.be
Page 14: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 14/23

● As adoption has increased, we have been

asked to extend access to community

partners in various capacities.

● Currently, the only option is to create aBrown-affiliate account.

● We intend to modify the application to allow

social identities to be given access to serveon award committees.

Brown University:

Future Work for UFunds

Page 15: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 15/23

● Should non-institutional identities be

managed on a per-application basis or in

aggregate by the institution?

● Which identity providers should be allowedand with what levels of assurance?

● How do we manage the proliferation of 

discovery services across the institution toensure consistent user experience?

Brown University:

Questions resulting from POC

Page 16: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 16/23

Dedra Chamberlin

 

Co-Founder and CEO

Cirrus Identity

Page 17: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 17/23

Gateway Services and Discovery

Page 18: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 18/23

Page 19: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 19/23

Choosing an Identity Provider 

Configuring the User Experience

Discovery Service Demo

http://www.youtube.com/watch?v=hNLClZC1Ka4
Page 20: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 20/23

● Join Social Working Group (since 2011)

○ spaces.internet2.edu/display/socialid

○ many campuses involved in sharing common

requirements, issues● Trial period for Cirrus social-to-SAML gateway

○ cirrusidentity.com

● InCommon services in development

○ Basic solution: 100% coverage for federated

identities

○ Advanced solutions: discovery, invitation, beginning

service validation

○ incommon.org/participants

● Thanks to innovative leadership at Brown University

Social to SAML: Next for You

http://incommon.org/participants
http://cirrusidentity.com/
https://spaces.internet2.edu/display/socialid/Home
http://incommon.org/participants
http://cirrusidentity.com/
https://spaces.internet2.edu/display/socialid/Home
Page 21: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 21/23

Seeding Questions & Issues

● Assurance of Identity: Are all social identities createdequal?

● Attributes: What do you get? Are they standard?

● Gateway Issues: Is it a bottleneck? How does it

change?● Privacy: Who cares about privacy of Nouns (PII) and

Verbs (transactions) and Correlations?

● Usability: How does a user know which identity to use

when?

● Policy and Technology: Are you comfortable relying onexternal identities, something we in HE ask our 

corporate partners to do with our own identities?

Page 22: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 22/23

Thank you

John Krienke

 [email protected]

Catherine [email protected]

Chris Keith

[email protected]

Dedra Chamberlin

[email protected]

mailto:[email protected]
mailto:[email protected]
mailto:[email protected]
Page 23: Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

7/27/2019 Bring Your Own Credential: Providing Access to Campus Services with Social Identities (Google, Yahoo, Twitter) (177668444)

http://slidepdf.com/reader/full/bring-your-own-credential-providing-access-to-campus-services-with-social 23/23

Seeding Questions & Issues (Detail)

● Assurance of Identity: Are social identities created equal?○ Identity Proofing

○ Credential Management: issuance, storage, transit, revocation, reassignment○ Token strength: Passwords, multiple factors

● Attributes○ Standards & schema○ Translation

○ Persistence

○ Permanence● Gateway Issues

○ Licensing terms for use○ Capacity○ Resilience for for change

● Privacy○ Personal information: the nouns○ Personal transactions: the verbs

○ Correlation● Usability

○ Discovery (discovery.refeds.org)○ Invitation○ Account linking

○ Permission & Consent● Policy and Technology: Tables are turned: Control and Reliance on External Identities


Nate Koechley – natek@yahoo-inc.com Yahoo! vs. Yahoo!: Case Studies Nate Koechley Senior Engineer & Designer, Yahoo! User Interface (YUI) Library Team

Nate Koechley – [email protected] Yahoo! vs. Yahoo!: Case Studies Nate Koechley Senior Engineer & Designer, Yahoo! User Interface (YUI) Library Team

Documents
Velocity Credential

Velocity Credential

Documents
Carlos Castillo, chato@yahoo-inc.com Debora Donato, debora@yahoo-inc.com Aristides Gionis, gionis@yahoo-inc.com Vanessa Murdock, vmurdock@yahoo-inc.com

Carlos Castillo, [email protected] Debora Donato, [email protected] Aristides Gionis, [email protected] Vanessa Murdock, [email protected]

Documents
Winovation credential

Winovation credential

Marketing
Yamacraw-Yahoo Falls Backcountry Route Yahoo …...Yahoo Falls Scenic Area Yahoo Falls' Yahoo Arch Markers

Yamacraw-Yahoo Falls Backcountry Route Yahoo …...Yahoo Falls Scenic Area Yahoo Falls' Yahoo Arch Markers

Documents
Identities Portrayed and Integrated. I. Crypto-Identities

Identities Portrayed and Integrated. I. Crypto-Identities

Documents
Credential Transparency - etouches · Credential Transparency: ... CREDENTIAL ENGINE ... IMS GLOBAL Skills, Competencies and

Credential Transparency - etouches · Credential Transparency: ... CREDENTIAL ENGINE ... IMS GLOBAL Skills, Competencies and

Documents
Yahoo! vs. Yahoo! Three Large-Scale Mainstream DHTML Implementations Nate Koechley natek@yahoo-inc.com natek@yahoo-inc.com nate@koechley.com nate@koechley.com

Yahoo! vs. Yahoo! Three Large-Scale Mainstream DHTML Implementations Nate Koechley [email protected] [email protected] [email protected] [email protected]

Documents
Credential 2012

Credential 2012

Business
Quotient Identities Along with reciprocal identities ... · Quotient Identities Along with reciprocal identities, quotient identities are useful when solving right triangles. There

Quotient Identities Along with reciprocal identities ... · Quotient Identities Along with reciprocal identities, quotient identities are useful when solving right triangles. There

Documents
Yahoo Messenger Vulnerabilitymunzer/courses/INCS745/Project/Project1/Yahoo... · Contents Introduction. Overview on Yahoo Messenger Yahoo Messenger Registry Overview on Windows Architecture

Yahoo Messenger Vulnerabilitymunzer/courses/INCS745/Project/Project1/Yahoo... · Contents Introduction. Overview on Yahoo Messenger Yahoo Messenger Registry Overview on Windows Architecture

Documents
Ocentrum Credential

Ocentrum Credential

Technology
Yahoo! PowerPoint Template, March 2013 · Yahoo 2016 Yahoo 2014 3 Confidential & Proprietary.Confidential & Proprietary. Innovation through Insights The view from Yahoo PRESENTED

Yahoo! PowerPoint Template, March 2013 · Yahoo 2016 Yahoo 2014 3 Confidential & Proprietary.Confidential & Proprietary. Innovation through Insights The view from Yahoo PRESENTED

Documents
mrsharringtoncva.weebly.com · Web viewTrigonometric Identities Reciprocal Identities: Quotient Identities Pythagorean Identities Test your skills Answer each of the following. Choose

mrsharringtoncva.weebly.com · Web viewTrigonometric Identities Reciprocal Identities: Quotient Identities Pythagorean Identities Test your skills Answer each of the following. Choose

Documents
Trig Identities. Reciprocal Identities OR Pythagorean Identities OR Quotient Identities

Trig Identities. Reciprocal Identities OR Pythagorean Identities OR Quotient Identities

Documents
Epinion Credential

Epinion Credential

Business
Ad+ Credential

Ad+ Credential

Business
Chapter 4 Identities 4.1 Fundamental Identities and Their Use 4.2 Verifying Trigonometric Identities 4.3 Sum, Difference, and Cofunction Identities 4.4

Chapter 4 Identities 4.1 Fundamental Identities and Their Use 4.2 Verifying Trigonometric Identities 4.3 Sum, Difference, and Cofunction Identities 4.4

Documents
yahoo pipes - Larkinlarkin.net.au/resources/yahoo_pipes.pdf · Yahoo Pipes Introduction What is “Yahoo Pipes”? What are “Yahoo Pipes”? Yahoo Pipes is a web application from

yahoo pipes - Larkinlarkin.net.au/resources/yahoo_pipes.pdf · Yahoo Pipes Introduction What is “Yahoo Pipes”? What are “Yahoo Pipes”? Yahoo Pipes is a web application from

Documents
P.O.S.M credential

P.O.S.M credential

Marketing
Hidden identities · 2018. 1. 2. · Hidden identities Basic examples Remarkable identities for matrices Identities in rings Other structures Hidden identities Friedrich Wehrung Universit

Hidden identities · 2018. 1. 2. · Hidden identities Basic examples Remarkable identities for matrices Identities in rings Other structures Hidden identities Friedrich Wehrung Universit

Documents
PMP Credential Application · Page 1 - AGC San Diego · PMP Credential Application · Page 1 ... For PgMP credential holders: If you hold the PgMP, ... PMP Credential Application

PMP Credential Application · Page 1 - AGC San Diego · PMP Credential Application · Page 1 ... For PgMP credential holders: If you hold the PgMP, ... PMP Credential Application

Documents
Event credential

Event credential

Documents
Yahoo vs Yahoo

Yahoo vs Yahoo

Documents
Securing Identities, Credentials, and Access in Federal ... · known as Federal Identity, Credential, and Access Management, FICAM refers to the U.S. government’s approach to Identity,

Securing Identities, Credentials, and Access in Federal ... · known as Federal Identity, Credential, and Access Management, FICAM refers to the U.S. government’s approach to Identity,

Documents
Visicomm Credential

Visicomm Credential

Business
The evolution of visual identities from static identities ... · The evolution of visual identities from static identities to dynamic identities David Delahunty A dissertation submitted

The evolution of visual identities from static identities ... · The evolution of visual identities from static identities to dynamic identities David Delahunty A dissertation submitted

Documents
Section 5.1 Simplifying More Trig Expressions Fundamental Trigonometric Identities: Reciprocal Identities: Quotient Identities: Pythagorean Identities:

Section 5.1 Simplifying More Trig Expressions Fundamental Trigonometric Identities: Reciprocal Identities: Quotient Identities: Pythagorean Identities:

Documents
How To Configure iOS Devices with Afaria - Archive · • Credential – adds certificates and identities to the device. Certificate files must be accessible from the machine running

How To Configure iOS Devices with Afaria - Archive · • Credential – adds certificates and identities to the device. Certificate files must be accessible from the machine running

Documents
Exceptional Performance Evolution at Yahoo! Steve Souders Chief Performance Yahoo! souders@yahoo-inc.com

Exceptional Performance Evolution at Yahoo! Steve Souders Chief Performance Yahoo! [email protected]

Documents