Home | About InCommon | Join InCommon

• Join InCommon
• Participants
• IAM Online
• CAMP and Advance CAMP
• Affiliates
• Certificate Service
• Policies and Practices
• Technical Information
• Software Guide
• Metadata and WAYF
• Site Administrator Info
• Frequently Asked Questions
• Benefits
• Site Administrator Login
• Collaboration Wiki
• Glossary
• Contact Us
• About

InCommon Identity Assurance

Related Documents and Resources

Identity Assurance Assessment Framework (PDF)

Bronze/Silver Profiles (PDF)

Assurance Profile Assessment Checklist (Excel)

InCommon Assurance Technical Procedures

Certain Service Providers have identified the need to require stronger identity management procedures before allowing access to their federated applications. Identity Providers will need more stringent requirements for validating the identities of individuals to whom they grant user IDs and passwords. As an example, such applications may include federally funded research granting agencies

As a result, InCommon will begin offering optional services for campus identity management systems to meet a set of criteria that satisfies higher-risk applications' requirements. The service includes two identity assurance profiles, Bronze and Silver, which a campus may use to assess its systems and processes that support identity management. These profiles will not affect the basic level of current InCommon activities. They are optional and additional criteria which, if met, will allow for a campus to access any protected online resource which requires an assured level of operational compliance.

These Bronze and Silver profiles were written for the U.S. research and education community and are consistent with the federal government's levels of assurance 1 and 2 as described in NIST Special Publication 800-63.

The InCommon documents detailing the Silver and Bronze profiles have been open for comment by the higher education community, modified as a result of this review process, and approved by the InCommon Technical Advisory Committee.

Service Providers will determine their particular profile requirements, based on an assessment of the risk associated with their federated application. The Silver profile is expected to become a valuable standard for managing organizational identities as higher-risk SPs enable federated access. Discussions are underway with federal applications that will require Silver-level assurance for access, including the National Science Foundation and National Institutes of Health.

InCommon has finalized two documents that specify the criteria used to assess identity providers:

• “Identity Assurance Assessment Framework” [PDF]
• “InCommon Bronze and Silver Identity Assurance Profiles” [PDF]
• Supporting documents
• InCommon Attribute Overview
• InCommon Attribute Summary
• Assurance Profile Assessment Checklist [Excel] — This checklist should be used in conjunction with the InCommon "Identity Assurance Assessment Framework" and the InCommon "Bronze and Silver Identity Assurance Profile" documents. The checklist is intended to aid in self assessment by IdP operators and provide background for a final assessment by qualified IT auditors.

Technical Procedures: A final draft of the InCommon Assurance Technical Procedures is now available.

Next steps include continuing to define procedures and pricing for the program, and working with selected pilot SPs and IdPs to validate the technical approach and test integration with existing services.

Email any questions to: incommon-info@incommonfederation.org
© Copyright 2010 InCommon, LLC. All Rights Reserved. InCommon is operated by Internet2.
Participation in InCommon is separate and distinct from membership in Internet2.