2019 Technology Exchange

Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

Experiences in Deploying and Using Consent & Notification

Time 12/11/19 08:00AM-08:50AM

Room Oak Alley (4th)

Session Abstract

Consent and Notification services are being deployed at several campuses. These services can operate across protocols and applications and present some new opportunities for privacy, compliance and transparency, but need to be deployed with care for both user and institutional experiences. This session will discuss the technical and policy issues that have emerged from several actual deployments of institutional consent. The focus will be on the use of CAR to provide cross-protocol and meaningful consent but will also cover native Shib consent and other options.

Deployment issues include technical issues such as availability and load balancing, plumbing multiple protocols into the service, and gathering the informed content that makes for meaningful consent decisions. We will also cover serving OAuth and OIDC both through the MitreId and Shib OIDC plugins. CAR presents numerous policy decisions as well. These include: to which communities and which sites should consent be provided; setting institutional policies on release; setting user defaults: and leveraging the institutional policy store for compliance questions, particularly for data feeds to external sources.

The session will include at least two speakers: Rob Carter (Duke) and Keith Wessel (Illinois) A third speaker may be added.


Speaker Kenneth Klingenstein Internet2

Presentation Media

Primary track InCommon

Secondary tracks Information Security

gold Sponsors

bronze Sponsors