Penn Computing

Penn Computing
Computing Menu Computing A-Z
Computing Home Information Systems & Computing Penn

 

Wednesday, May 22, 2013
 
  New Resources
Combating Malware
SafeDNS
Phishing Archive
Cloud Computing and Data Outsourcing
Best Practices for Applications with Confidential University Data
 
  Security "Greatest Hits"
Managing Passwords
E-mail Harassment & Forgery
Hoaxes, frauds & scams
Spam
Phishing
Wireless Networking
Encryption & digital signatures
 
  Best Practices
Secure desktop computing
Secure servers
Secure data deletion
Securing printers
Tips for safe computing
Computing policies
 
  More in-depth information for
Local support providers
System administrators
 
  Security initiatives
Critical host compliance
Authentication & authorization
Penn Security & Privacy Assessment (SPIA)
Security Liaisons (Restricted Access)
Secure Share
Secure Space
Vulnerability Scanner
 
  Related links
Electronic privacy
PennKey
Viruses
Worms, trojans, backdoors

Using External Credentials for Paid spaces

For paid spaces, Secure Space supports users without PennKey credentials:

  • External users from institutions belonging to the InCommon Federation (which includes nearly 300 members from higher ed, government, non-profit, research, and commercial partners) can log in with their home institution credentials.

  • External users who do not have a username and password from an InCommon institution or whose institution's login system is not compatible with Penn WebLogin can register for a free username and password from ProtectNetwork, an InCommon partner.

See http://www.incommonfederation.org/participants/ for a list of InCommon institutions and http://www.protectnetwork.org/ for information about ProtectNetwork.

How authorization/authentication with external credentials works

Once a faculty or staff member ("space owner") has created a paid space, he or she can invite collaborators from Penn and other institutions to become "members" of that space. Invitations are sent from within the application to a trusted email address for each collaborator. External collaborators are asked to register their home institution or ProtectNetwork login ID and other information with Penn within seven days. Login IDs of registered Secure Space users are stored in PennGroups.

When logging in, users are presented with a screen offering a PennKey option and a dropdown list from which external users can select their InCommon institution or ProtectNetwork. Depending on what they select, external users are then presented with their home institution's authentication screen, the ProtectNetwork authentication screen, or, if they did not register with Penn, an error message with followup information.

Potential issue with InCommon credentials

Not all InCommon institutions will automatically pass authentication information to other InCommon institutions. In such cases, registered external users will not see their home institution's authentication screen. Instead, they will receive an error message advising them to contact their own institution's IT staff or to create a ProtectNetwork account. There is a link to ProtectNetwork in the error message.

Last updated: Monday, May 2, 2011
top

Information Systems and Computing
University of Pennsylvania
Comments & Questions
Penn Computing University of Pennsylvania
Information Systems and Computing, University of Pennsylvania