Nicholas Roy
Director of Technology and Strategy
InCommon / Internet2 Trust and Identity Services
Internet2 is a member-owned organization which provides high-performance networking, connectivity to services and a suite of trust and identity-oriented services and software to its members. Architects of software products such as Shibboleth, Grouper and COmanage work at universities, colleges and Internet2 affiliate organizations, and have had a hand in shaping core standards such as the Security Assertion Markup Language (SAML). The InCommon Federation, a SAML trust federation serving the US and global research and education community via an interfederation partnership with eduGAIN, now provides access to thousands of global service providers from thousands of identity providers at campuses, research labs and commercial partners. Notable among these is the Large Interferometer Gravity Wave Observatory (LIGO), which recently won a nobel prize in physics. The Internet2 components provide access management for the services which LIGO researchers use to perform their work, articulated via the InCommon/eduGAIN trust fabric.
For many years, Internet2 members and others have been able to use these products free of charge, but have needed to invest significant time in understanding the underlying technologies, and that has depended on specialist practitioner skills which are in short supply. As a means to make deployment of these components easier and lower the barrier to entry in effectively using them, the Internet2 community brought together IAM architects at many member institutions during 2014, to build a roadmap for introducing DevOps methodologies, new user interfaces, new APIs and new features into the suite. A need for an entity registry and other middleware to complete the suite were identified, and a set of community-run working groups were created to document the requirements and guide implementation of the roadmap. This effort was branded as “Trust and Identity in Education and Research” – TIER.
The community, via the TIER community investor council, invested up-front capital in the project and oversaw the work and high-level strategy for the TIER effort. Most recently, the program sought a group of campuses to deploy the TIER components in their environments, work through the needed integrations and create documentation. As TIER works through the final year of its start-up funding, a sustainability model to ensure continued progress on additional roadmap items is being developed. Internet2 is also adopting the TIER components for use in its own community collaboration platform, which will automate the creation and provisioning of access to wikis, mailing lists, slack channels, etc. This automation will in turn help the community to create additional working groups and contribute back to the components.
The TIER components were originally targeted by the community to run as stand-alone virtual machine images, but as schools transition to use of containerized approaches, we have shifted to use of Docker for packaging, and will use Kubernetes for orchestration of the IAM suite at scale.
Register now for the @idsalliance and #IDPro joint webinar, “Helping Organizations Succeed in an Identity-Centric Security World” – Feb. 23 at 9:00am PT/12:00pm ET http://bit.ly/3HwTYmq
The sixth annual IDPro® Skills, Programs & Diversity Survey is open! It aims to measure the diversity, goals, interests, skills and trends among identity professionals and the enterprises that employ them. Take the survey: https://www.surveymonkey.com/r/IDPro_2023_Skills_Survey
To help solve the #IAM skills gap, #IDPro has created the #CIDPRO which can expand candidates' #digitalidentity knowledge and fill experience gaps. Learn more by reading our CIDPRO webinar recap blog: https://bit.ly/3Idk5jj
The Internet Identity Workshop (#IIW) XXXV took place from November 15-17 and provided an excellent opportunity for #digitalidentity experts to convene and discuss #IAM topics. Learn more about this recent event by reading our recap blog: https://bit.ly/3WtmGdd
The #IDPro webinar covering Issue 10 of the Body of Knowledge (#BoK), featuring an overview of the three new articles and six refreshed articles, is starting now. Join the webinar: http://bit.ly/3HbxY0c