Home | About InCommon | Join InCommon

InCommon for Research Organizations

Federated Identity Management for Research Organizations

Additional Resources How to Join Fee Structure FAQ Overview of Identity Management Technology Behind InCommon Shibboleth demo (Quicktime Movie) Support and Community (links to wiki) Case Studies Using NSF Cyberinfrastructure with InCommon Note for Energy Labs, Tech Centers and User Facilities: Please see a special pricing arrangement and participation agreement.

Research Organizations can join InCommon as identity providers and/or service providers, taking advantage of federated identity management to provide access to shared services, virtual organizations, and other scientific collaborations. Research Organizations are eligible to sponsor partners into the federation.

What is a "Research Organization?"

A Research Organization is defined as a lab, facility, or center operated by and/or funded by a federal research agency and listed on an official publicly available government listing.

Pricing for Research Organizations

InCommon has developed a fee schedule for research organizations based on FTE (full-time equivalent) staff and researchers. Research organizations should verify their FTE by sending a link to a web page listing that information, a page from an annual repor, or a statement on letterhead.

• InCommon Participation Agreement [WORD]
• Step-by-step flow for joining InCommon
• InCommon fee schedule

What is InCommon?

InCommon provides a secure and privacy-protecting way for your researchers and staff to access protected online resources from any other organization in the InCommon Federation. They enjoy single sign-on convenience with their existing credentials at your organization - no more creating accounts for each resource.

This means that your research organization continues to maintain your credentials directory and you decide which information is provided to your resource providers, including corporate partners, other research organizations, and universities.

Through the use of Shibboleth or another SAML-compliant software, you exchange attributes with your partners, providing only the information necessary to do the authentication and authorization.

InCommon provides the policy and technical framework that makes all of this possible.

Why InCommon?

Cost Savings

• Significantly reduced help desk calls
• Eliminate custom integration work with partners
• Adding new partners is a snap

Standard Practices

• Policy is standard throughout the federation
• Technology is standard throughout the federation, centered on SAML
• Well-defined attributes make interaction consistent with all other participants
• Integration work with new partners is greatly reduced

Security and Privacy

• As an identity provider, you maintain the identity directory and control security and privacy
• Fewer data spills through the use of attributes
• You do the authentication; your resource provider does the authorization

Simplified Operations

• Policy and technology standards means federation scales!
• Adding a partner takes very little time
• Single sign-on provides a simplified user experience
• Ease of set-up saves time and money