InCommon Membership

From TeraGrid Wiki

Contents 1 Overview 2 Goals 3 Status 4 Related Work 4.1 Privacy Policy 4.2 CASC TG Whitepaper

Overview

This page describes active work by NCSA under GIG funding to establish membership in the InCommon federation for the TeraGrid.

Goals

The goal of this work is to establish TeraGrid as a member of InCommon. This membership will allow TeraGrid web applications (e.g. the TeraGrid User Portal) to accept Shibboleth authentication and attributes from U.S. institutes of higher education.

Some notes regarding this work:

• TeraGrid will only be a member for the purpose of being a service provider. There is no intent currently for TeraGrid to be an InCommon identity provider.
• Access to POPS is the initial target. The TeraGrid User Portal will be modified by TACC to take attributes to pass to POPS behind the scenes. See "Objective 4.1: Support of Shibboleth Integration in TGUP (NOS.Svc2 Core Services 2.0)" in Media:PY4_GIG_TACC_SOW.pdf.

Status

• Membership is complete.
  • Matt Heinzel is the Administrative POC
  • Von Welch is the Technical POC
  • Management interface: https://service1.internet2.edu/siteadmin/manage/
  • Email list for general discussions: incommon-participants@incommonfederation.org
  • Incommon Technical Support: incommon-admin@incommonfederation.org
• Our POP has been submitted using the document on the wiki: POP.
• Next step is to flush out the plan for Shibbolizing the TG user portal and begin the work instantiating it as the Shibboleth SP

Related Work

Privacy Policy

InCommon membership requests a privacy statement from participating organizations. When this effort was initiated, TeraGrid management was interested in adopting a privacy policy as part of our membership application. Subsequently, it has been decided not to adopt such a policy and it has been verified with InCommon leadership that a policy is not required for membership. The unratified privacy policy has been saved at Privacy Policy.

CASC TG Whitepaper

• http://www.casc.org/papers/CASC_TeraGrid_Futures_White_Paper.pdf

"Recommendation: Authentication and authorization processes should correspond to national standards, perhaps by adoption of InCommon credentials (http://www.incommonfederation.org/)."