More resources, one secure log-in: UC Davis makes gains

UC Davis has joined the InCommon Federation, a move that will eventually help UC Davis faculty and employees get online access to a much greater range of protected scholarly materials, and other records, through one secure log-in.

The campus is one of 16 universities and colleges that recently joined InCommon, the "higher education identity management federation" said on Wednesday. Six more companies or organizations also joined, boosting InCommon's membership to 60.

InCommon, using Shibboleth authentication and authorization software, sets a common set of rules and attributes that enable users to enter their passwords once, and then get access to protected resources controlled by other InCommon members without having to re-enter their passwords.

Members agree on a method to exchange enough information about their users to allow that access, while keeping personal information private and secure. The new members range from Northwestern University and Thomson Learning, Inc., to Texas A&M University and JSTOR, the scholarly journal archive.

Meanwhile, UC Davis has also become the fifth University of California campus to be certified by UCTrust, which the UC Information Technology Leadership Council created last year to govern UC participants who want access to UC applications.

To join UCTrust, campuses must certify that potential users of the applications are who they say they are--in Davis' case, by demonstrating that new employees are required to show a government-issued picture ID--and must use Shibboleth.

UCTrust basically creates, at the UC level, the same type of unified access that InCommon is creating on a larger scale. The UCTrust system is designed to meet InCommon's requirements.

InCommon, based in Ann Arbor, is operated by Internet2, the advanced U.S. networking consortium. It is managed by an independent steering committee representing researchers and higher education.

In the near term, two UC-wide applications will require campuses to use Shibboleth, said Deborah Lauriano, director of Application Development for Information and Educational Technology at UC Davis. Those applications are At Your Service Online (the human resources and benefits service) and the new Learning Management System (which will manage staff development courses and course history). Both are hosted by the UC Office of the President.

UC Davis employees will be able to use their campus logins and Kerberos passwords to access these applications, effectively using a single sign-on for many local services and these external systems.

This puts UC Davis in a position to participate with other federated applications and services as they become available, Lauriano said, either at the UC level or with outside groups.

To read more about the work by the middleware group of IET on federated identity/Shibboleth, click here.