Federation at NC State

Overview

A federation, through its trust agreements and federating software, allows identity providers to manage user privacy and information exchange. Providers of web-based services no longer need to provision identity accounts, instead leveraging the customer’s host identity system. At NC State, federation services are implemented using Shibboleth software. For details on the Shibboleth project, see the Shibboleth web page.

NC State

The identity federation of NC State is used in much the same way as other federations. However, as Shibboleth has replaced the WRAP for web applications there will be many more Service Providers on campus (see Shibboleth Service Provider for more information).

InCommon

InCommon, operated by Internet2, provides a secure and privacy-preserving trust fabric for research and higher education, and their partners, in the United States. InCommon operates an identity management federation, a related assurance program, and offers certificate and multi-factor authentication services. If you are developing a service that will require access by non-NC State or non-UNC individuals, this is the federation that your service should register with.

NC State’s Shibboleth authentication infrastructure is currently configured to share identity information with the following web-based services:

  • CILogon.org
    CILogon is a project of the Cybersecurity and Networking Division at the National Center for Supercomputing Applications, University of Illinois.
  • Digital Management Plan
    U.S. funding agencies such as the National Science Foundation and the National Institutes of Health require researchers to supply detailed, cost-effective plans for managing research data, called Data Management Plans. Several universities and organizations are developing the DMPTool to help researchers meet these new requirements.
  • Research.gov
    Research.gov is the National Science Foundation’s (NSF) grants management system that provides easy access to research-related information and grants management services in one location. Research.gov is the modernization of FastLane, providing the next generation of grants management capabilities for the research community.
  • PeopleAdmin.com
    PeopleAdmin provides web-based solutions that enable organizations to:

    • automate and streamline the hiring process
    • improve candidate communication
    • efficiently manage position descriptions and employee performance
    • develop compliant and defensible audit trails to defend talent management decisions.
  • EDUCAUSE.edu
    EDUCAUSE is a nonprofit association whose mission is to advance higher education through the use of information technology.
  • ZimRide.com
    ZimRide is a service to find friends, classmates, and coworkers going the same way you are.
  • Virtual Computing Laboratory
    NC State provides a remote access service that allows you to reserve a computer with a desired set of applications for yourself and to remotely access it over the internet.

UNC-GA

Each member of the University of North Carolina system operates its own identity management infrastructure and assigns identity credentials independently. However, many web-based applications need access to these independent authentication systems to provide services to UNC members. Therefore, the UNC Identity Federation was created to provide this access in a secure way.

NC State’s Shibboleth authentication infrastructure is currently configured to share identity information with the following resources:

  • Inter-institutional Course Registration
    A web-based system to facilitate inter-institutional registration in online courses for existing degree-seeking students within the University of North Carolina. This expanded course availability is designed to enrich the academic experience as well as provide flexibility in obtaining a degree. This system was designed and implemented by Online Services and was the first application to leverage the power of the UNC Identity Federation. To view the course listing or read more about the program please visit UNC Online Courses.
  • Virtual Computing Laboratory
    NC State provides a remote access service that allows you to reserve a computer with a desired set of applications for yourself, and remotely access it over the internet.

Attribute Release Policy

Because NC State University belongs to a number of different trust federations that include different member populations, it has developed a per-federation Attribute Release Policy based on the trust relationship NC State has with that federation. This minimizes the risk by sharing only specific attributes with other members of a federation. Services may request additional attribute releases on the Shibboleth Service Provider Onboarding Form.

Requesting Service Provider Access to NC State’s Identity Provider Infrastructure

In order to access the university’s Identity Provider infrastructure, a Service Provider must furnish the information required by the online Shibboleth Access Request form.

This form must be completed by a member of the NC State community. If the Service Provider is being provided by a third-party, please obtain appropriate answers to relevant questions from that provider’s technical staff.