• About TIS »
• CSU Systemwide Support »
• Custom Application Support Services »
• Identity & Access Management Initiative »
  • Charters and Principles
  • Federation at the CSU
  • Archive
• ITRP »
• Home

Federation at the CSU

Introduction
A federation is an association of organizations that allows an exchange of information. The Federated Identification Management acts as a collection point as well as a conduit providing authentication for those wishing to gain access to collaborative Web-based resources.

Shared Resources
Enabling a Federation within the CSU will allow campuses to more efficiently provide access to shared resources providing the ability to easily conduct online transactions while protecting the privacy and security of identity information. Participating organizations need to follow the same policies and practices to maintain a high level of security to protect user information. Simply stated, Federation is a means to share information in a secure environment.

Benefits of Federation
The CSU Federation sets the foundation for services like:

• Guest wireless access on all participating campuses
• Access to electronic library resources
• Web enabled
• Learning Management Systems
• Distance Learning
• Secure authentication structure for collaborative environments
• Research
• Cross campus working groups
• Dramatic improvement for the user by reducing the number of log-ins and passwords

Myths of Federation
The CSU Federation does not:

• Allow every user the same level of access
• Provide federated access at a campus that does not participate in the Federation
• Require new hardware for the end user
• Require all campuses to use the same vendor for local Identity Management

How It Works
Federation uses a secure Web transaction to pass single sign-on authorization of credentials between Web-based services. Campuses participating will pass a common set of information called attributes to gain access. When a user logs-on or authenticates, he/she will be granted authorization to the shared information services that they have been approved to access. Within the CSU, the scope and limits of a user's access will be determined at each campus. The campus grants access, determines the scope, and limits/manages the conditions of user access.

Why it Works
InCommon is a federation of organizations focused on creating a common framework for trust in support of research and education. Shibboleth is the middleware solution that provides single sign on access through a campus identity provider (IdP) and manages the campus identity management system providing the federation information through the service provider.

CSUConnect Federation

InCommon POP - Chancellor's Office (.pdf, 119k)
InCommon POP - Moss Landing Marine Labs (.pdf, 136k)

Federation Administrative Contacts

IAM Contacts

Mark Crase, Senior Director
Mike Trullinger, Associate Director, Identity Management
Carol Kiliany, Program Manager