On Thursday and Friday, June 11-12, the Ohio Technology Consortium (OH-TECH) welcomed 45 technologists representing colleges and universities from Ohio and other states who arrived here to study an important emerging security technology. These systems administrators, identity managers and developers packed the BALE Theater and Conference Room to take part in the InCommon Shibboleth Workshop [https://www.incommon.org/shibtraining/] and learn how to implement federated identity management software.
EDUCAUSE defines ‘federated identity’ as “a trusted authority for digital identities across multiple organizations…based on agreed-upon standards” [https://net.educause.edu/ir/library/pdf/EST0903.pdf]. It can enhance privacy and security and enable single sign-on (SSO) and strong authentication. Many institutions of higher education have already adopted federated identity technologies. OARnet, a member of OH-TECH, has been working to establish this trusted system of federated identity as a common foundation for all its members. We feel all institutions should be able to take advantage of this transformative technology framework. We’ve been looking for ways to both encourage adoption as well as reduce barriers to adoption – which prompted us to host this workshop.
The curriculum of this workshop focused on the installation and configuration of the Shibboleth software package. Shibboleth, which takes its name from a Biblical account of soldiers using passwords, is an open-source software implementation supporting federated identity. According to the Shibboleth Consortium’s web site, “Shibboleth is among the world's most widely deployed federated identity solutions, connecting users to applications both within and between organizations…. Shibboleth is an open-source project that provides Single Sign-On capabilities and allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner.” [https://shibboleth.net/] The two-day workshop also included information about running the software in production and baseline identity federation practices.
The hands-on workshop approach worked very well for learning how to implement this type of solution. Both Windows and Linux tracks were offered, and with four instructors there was lots of opportunity for direct individual interaction. We were privileged to have a team of fantastic instructors leading this activity – not only were they experts in the software itself, they were also experienced practitioners and engaging teachers.
We’d like to thank the InCommon Federation for presenting the Shibboleth Workshop series and affording OARnet the opportunity to host. The InCommon Federation, operated by Internet2, provides a secure and privacy-preserving trust fabric for research and higher education, and their partners, in the United States. InCommon’s members include 25 Ohio colleges and universities in addition to OH-TECH and the OhioLINK library consortium.
We’d like to extend special thanks to attendees from our Ohio institutions: Denison University, Franklin University, John Carroll University, Lakeland Community College, Miami University, the University of Mount Union, Oberlin College, Ohio Northern University, the Ohio State University, University of Rio Grande/Rio Grande Community College, Sinclair Community College, University of Cincinnati, and Wittenberg University; and to our other guests from around the nation. It was good to see such a high level of interest and commitment to adoption of secure, trusted identity federation within the community.
