Networking & Wireless

Pilot Examines Identity Federations in K-12 and Community Colleges

• By Dian Schaffhauser
• 02/25/16

A joint project has uncovered how K-12 organizations and community colleges can tap into identity federations to take advantage of shared online services. A task force made up of Internet2, InCommon, The Quilt, Educause and CoSN ran a set of pilot programs specifically to understand how they could extend trust and identity solutions developed for higher education into these other communities.

Internet2 is a community of academic, research, government and industry entities that undertake research and development in technology areas for the benefit of all their members. InCommon, operated by Internet2, provides a common trust framework for education and research in the United States that allows different organizations to share online access to their resources. The Quilt is a coalition of 36 advanced regional networks used for research and education. Educause is a member organization of IT leaders in higher ed. And the Consortium for School Networking is a similar organization for K-12 IT leaders.

The project gained steam in 2013 when The Quilt and InCommon hosted a workshop in K-14 federation. From that initial gathering a group of regional networks in Illinois, North Carolina, Maryland, Michigan, Nebraska, Ohio, Utah and Wisconsin signed on to run pilot programs, each with its own set of goals.

For example, in North Carolina the initial goal was to see how Davie County Schools Early College High School students could access resources available from Davidson County Community College without having to manage two different sets of credentials. Longer term, the regional network expects to develop similar opportunities between early college programs and in-state college admissions applications.

In Utah the Southwest Educational Development Center, a regional provider, wanted its six districts to be able to tap into services already provided by the Utah Education and Telehealth Network related to password resets and other authentication related issues in order to preserve its staff time for "other more technically demanding needs."

In a whitepaper that summarizes the results of the pilot programs, the participants concluded that K-12 organizations and community colleges could benefit from simplified access to shared online services, but they often lack the resources ("people, time and funding") they need to implement federated identity solutions. That problem is compounded by the complexity of the K-12 environment, where there are many schools within a single district compared to higher ed, where the federation is happening within a single institution.

Other problems surfaced, such as a wide variance in the "availability and suitability" of district directory systems; or the applications they wished to use weren't SAML-compliant, preventing them from using this standard to exchange user authentication or authorization data; or the applications and services available simply didn't interest the districts. Finally, all of the pilot participants were concerned about privacy, security and federal regulations that apply to their students and needed to figure out how those areas might affect their pilots.

Participating in an identity federation has significant benefits for educational institutions, the organizers reported, because that approach provides a common framework for trusted shared management of access to online resources. In the long term, such usage could help reduce staff, lower service integration costs, increase security and give students ease of access.

"Federation is not easy. It's not something school districts or community colleges should undertake without help," the report concluded. "Regionals that are committed to working with their constituents to provide guidance and support can be a major asset in enabling federated solutions for K-14 institutions." The report's authors also recommended that school districts and regional service providers draw on help from local colleges and universities as well as commercial vendors that specialize in establishing federation entities and custom integrations."

The results of each pilot and related documents are available on an InCommon/Quilt Federation wiki. On March 9, 2016, InCommon will host a webinar that shares the results of the pilot program.