Welcome to the TIER
July Newsletter

Welcome to the TIER (Trust and Identity in Education and Research) Newsletter for July. The purpose of this e-newsletter is to keep you informed on what's happening in the TIER project.

About TIER

TIER is a community-initiated effort, coordinated by Internet2, to develop a consistent, rationalized approach to identity and access management that simplifies campus processes and advances inter-institutional collaboration and research. TIER is both an open source toolset and a campus practice set.

Share this newsletter with your friends and colleagues!


Paths Forward to the Future

From the TIER Community Investor Council

We started the TIER journey over two years ago through a series of galvanizing conversations about gaps between campus needs and what was available in the community to fulfill those needs. We all as investors felt that there was a problem and our shared action was needed to fix it. We initially concentrated on shoring up development efforts for software components. But this is about more than software development. We need to look at the interconnect between the software we use and the services on which we rely. In short, we’re finding that we need to align the visions across Trust and Identity as a whole. It’s not just about creating an integrated software suite. It’s about creating a set of capabilities that enable trust and identity services across our community.  Read the complete blog post for more.

TIER Community Contributor Spotlight: Brian Savage, Boston College

working group

(Left) TIER Working Groups collaborations—such as this one at the 2016 Global Summit in Chicago—are key to advancing Trust and Identity in Education and Research. Thanks to Brian Savage of Boston College, subject of this profile, and to all the TIER community contributors.

The Trust and Identity in Education and Research (TIER) program relies on the contributions of an extended community. Brian Savage, an enterprise architect at Boston College, has used his involvement to both help TIER and strengthen his institution's enterprise architecture practices. Read the complete blog post for more about Brian and his contribution to TIER.

Working Group Updates

TIER Data Structures and APIs

The Data Structures and APIs working group has been focusing on implementing APIs for the main TIER components, working first on a Grouper API. The group expects to be able to demo APIs for several key components at Internet2 Technology Exchange in September. Another focus of the Data Structures and APIs Working Group (together with the TIER Registries Working Group) has been instrumentation development. The goal is to allow campuses to monitor how their components are behaving and how users are interacting with the software. For further information, please visit this working group’s wiki.

TIER Entity Registry

The Entity Registry working group’s latest efforts have centered around the development of a test bed for campuses. The test bed will be a representation of a federation in a "sandbox," so campuses can test TIER components in a safe, non-production place. Another focus of the Entity Registry Working Group (together with the TIER Data Structures and APIs Working Group) has been instrumentation development. The goal is to allow campuses to monitor how their components are behaving and how users are interacting with the software. For further information, please visit this working group’s wiki.

TIER Packaging

The TIER Packaging team is defining and putting into place a continuous integration pipeline with the aim of smoothing the path to secure, reliable and repeatable TIER component delivery. The group plans on having this in place for Shibboleth in time for TIER release 2, with additional components to be included in future releases. A demonstration of the Shibboleth pipeline is being planned for Internet2 Technology Exchange in September, with the possibility of other components being demo-ready as well. The Packaging team has also been working on instrumentation and monitoring for the delivered TIER components. For further information, please visit this working group’s wiki.

TIER Security and Audit

This month the TIER Security and Audit working group has developed recommendations for ongoing security testing in development process. These recommendations were based on a survey of TIER development staff and the team’s research of available tools and training. The group will put forward OWASP (Open Web Application Security Project) as a solution for code review and automated security testing. OWASP’s flexibility and rich user and developer community made it attractive as a solution. The group also felt it is a good fit for TIER’s emphasis on open source components. The group also identified SWAMP (Software Assurance Marketplace) as a means to address additional security needs. SWAMP is an online, open-source, collaborative research environment that allows software developers and researchers to test their software for security weaknesses.

TIER Component Architects

The TIER Component Architects Group holds regular meetings, which focus on alignment of TIER processes, including the common core of technology platforms and tools. Recent discussions have centered on information sharing by TIER working group chairs, default configurations for the TIER deliverables, instrumentation (long and short term) to help with management, quality and performance, and TIER security and risk management processes. Steve Zoppi (Internet2) leads the group.

Component architects include Scott Cantor, Ohio State University (Shibboleth); Chris Hyzer, University of Pennsylvania (Grouper); Benn Oshrin, Spherical Cow Group (COmanage); Ken Klingenstein, Internet2 (Consent); and Nick Roy, Internet2 (InCommon).

TIER working group chairs include: Keith Hazelton, University of Wisconsin - Madison, leads APIs and Data Structures; Warren Curry, University of Florida, co-chair with Benn Oshrin in Entity Registry work; Helen Patton, The Ohio State University, leads Security and Audit; Ken Klingenstein, Internet2 leads Consent; Nick Roy, Internet2, InCommon Federation. Key participants from these areas and more also join the calls.

Key Internet2 identity initiatives are supported in part by National Science Foundation grants. For more information, see specific software sites.