Penn Computing

Penn Computing

Computing Menu Computing A-Z
Computing Home Information Systems & Computing Penn


Tuesday, November 24, 2015

  New Resources
Security Logging Service
Travel Tips for Data Security
Free Security/Privacy Training Resources
Two-step verification
Combating Malware
Phishing Archive
Cloud Computing and Data Outsourcing
Best Practices for Applications with Confidential University Data
  Security "Greatest Hits"
Managing Passwords
E-mail Harassment & Forgery
Hoaxes, frauds & scams
Wireless Networking
Encryption & digital signatures
  Best Practices
Secure desktop computing
Secure servers
Secure data deletion
Securing printers
Tips for safe computing
Computing policies
  More in-depth information for
Local support providers
System administrators
  Security initiatives
Critical host compliance
Authentication & authorization
Penn Security & Privacy Assessment (SPIA)
Security Liaisons (Restricted Access)
Secure Share
Secure Space
Vulnerability Scanner
  Related links
Electronic privacy
Worms, trojans, backdoors

Using External Credentials for Paid spaces

For paid spaces, Secure Space supports users without PennKey credentials:

  • External users from institutions belonging to the InCommon Federation (which includes nearly 300 members from higher ed, government, non-profit, research, and commercial partners) can log in with their home institution credentials.
  • External users who do not have a username and password from an InCommon institution or whose institution's login system is not compatible with Penn WebLogin can register for a free username and password from ProtectNetwork, an InCommon partner.
See for a list of InCommon institutions and for information about ProtectNetwork.

How authorization/authentication with external credentials works

Once a faculty or staff member ("space owner") has created a paid space, he or she can invite collaborators from Penn and other institutions to become "members" of that space. Invitations are sent from within the application to a trusted email address for each collaborator. External collaborators are asked to register their home institution or ProtectNetwork login ID and other information with Penn within seven days. Login IDs of registered Secure Space users are stored in PennGroups.

When logging in, users are presented with a screen offering a PennKey option and a dropdown list from which external users can select their InCommon institution or ProtectNetwork. Depending on what they select, external users are then presented with their home institution's authentication screen, the ProtectNetwork authentication screen, or, if they did not register with Penn, an error message with followup information.

Potential issue with InCommon credentials

Not all InCommon institutions will automatically pass authentication information to other InCommon institutions. In such cases, registered external users will not see their home institution's authentication screen. Instead, they will receive an error message advising them to contact their own institution's IT staff or to create a ProtectNetwork account. There is a link to ProtectNetwork in the error message.

Last updated: Monday, May 2, 2011


Information Systems and Computing
University of Pennsylvania
Comments & Questions

Penn Computing University of Pennsylvania
Information Systems and Computing, University of Pennsylvania