• About ET
• Initiatives
• Publications
• Search

---

Identity Management

Description

The growth of the Internet brings the challenge of managing secure access to information across a wide range of internal and external computing systems. Penn State is responsible for providing access to faculty, staff, and students without diminishing security or exposing sensitive information. The Penn State Access Account, in conjunction with the Penn State Online Directory (which uses Lightweight Directory Access Protocol (LDAP), a standardized method for providing directory information), provides the foundation for this identity within the University. Because this identity is used to access secure applications both internal and external to the University, the management of this identity becomes extremely important. ET continues to research new technologies related to identity management and federated network identity.

In 2004, Applied Information Technologies (AIT) in ASET put into production and implemented Penn State WebAccess, Penn State's Single Sign-On (SSO) solution. The WebAccess system, which uses the University of Michigan's Cosign technology (a development effort that is funded by the National Science Foundation's National Middleware Initiative-Enterprise and Desktop Technologies program), provides an environment in which users authenticate/login once with their respective Access Account userids and password to a central server in order to access multiple services protected with WebAccess without needing to re-authenticate. Several Penn State services that require authentication have enrolled in WebAccess, including: the Penn State Portal, Penn Sate WebMail, Web-Based Training, the ITS Secure Server, downloads.its.psu.edu, the NFS to PASS Gateway, and the Inside ITS Web site. Likewise, many units throughout Penn State use WebAccess for their respective internal Web sites/intranets. Support for Friends of Penn State (FPS) accounts was made available in May 2005.

Publications

Penn State Web Single Sign-On Evaluation Whitepaper

Resources

National Science Foundation Middleware Initiative
Internet2 Middleware Initiative
The Internet2 Shibboleth Project
CoSign Web Single Sign-On
Penn State WebAccess Help/Info Page

Primary ET Contact

Renee Shuey RShuey@psu.edu

Collaborators

Applied Information Technologies (AIT) in ASET, and Administrative Information Services (AIS), also a unit of ITS.

Expected Deliverable

A white paper on Web Single Sign-On technologies and ongoing evaluations of new technologies; Penn State WebAccess was launched in August 2004.

Level of ET Involvement

ET will research new technologies related to identity management. In addition, best practices and tools will be developed to manage Penn State's existing identity management infrastructure.

Initiative Start Date

October 2002