Federated Authentication Made Possible with Northwestern and InCommon Partnership

Posted Date: 02 Nov 2007

Effective Date: 02 Nov 2007

As universities see more value in using external service providers for business, teaching, and research, Northwestern University Information Technology (NUIT) continues to take measures to increase convenience while protecting authentication information. During the summer of 2007, Northwestern joined InCommon, a collection of higher education institutions using "federated authentication" through the Shibboleth protocol, which enables the University to maintain privacy of user log in and password information while allowing cross institutional access.

In the past, users were assigned or created log in names and passwords with external service providers, meaning users had multiple sets of identifying information across several different organizations. Utilizing Shibboleth, a protocol that can be used to connect higher education users to service providers, users authenticate with their Northwestern NetID and password. User security and privacy are strengthened because login information never leaves campus.

As part of joining InCommon, all members post their institutional identity management policies and procedures for others to inspect, and they provide metadata to InCommon, making it easy for universities to connect to one another and to service providers they can trust. Posting policies allows potential partners to review standard practices and agree to establish a relationship, ensuring that security and privacy expectations are met.

Impact on End User

If your department has partnered with an organization that provides services to students or staff, consider using the Shibboleth protocol to protect user log in information. This protocol provides protection against unnecessary disclosure of personal attributes, securing personal information and preserving user privacy.

For example, Student Affairs Career Services uses an outside provider, Symplicity, for online career services support. Symplicity and NUIT implemented the Shibboleth protocol so that students who choose to take advantage of this service will use their NetIDs and passwords to connect to Simplicity.

If you are looking to provide a service using an outside vendor, please contact ISA Director Tom Board (teb@northwestern.edu) to investigate setting up a partnership through InCommon using the Shibboleth protocol to protect user privacy and secure identity information.

Additional Information

InCommon Federation Home Page

Support Contact

For more information on utilizing Shibboleth to connect to external service providers, contact:

Tom Board, ISA Director
teb@northwestern.edu

Last Updated: 02 November 2007


		Services \| Get Connected \| Support \| Academic Resources \| About NUIT Students \| Staff/Faculty \| Visitors/Media \| Site Map \| Online Directory Northwestern Home \| Northwestern Calendar: Plan-It Purple \| Northwestern Search Information Technology 1800 Sherman Avenue Evanston, Illinois 60201 E-mail: it-webmaster@northwestern.edu World Wide Web Disclaimer and University Policy Statements © 2008 Northwestern University