Demo and Pilot Program Marks First Major Step towards Inter-federation of Research & Education and Federal Government Identity Management Federations: For the first time, the Internet2 community demonstrated the interoperability of its Shibboleth federated identity management software with the National Science Foundation's (NSF) FastLane online grant administration system. The interoperability demo is the first step in a program to establish large-scale interoperation between the InCommon Federation, serving U.S. higher education and its partners, and the U.S. E-Authentication Identity Federation, serving U.S. government agencies. The event marks a major milestone in allowing the research and education community to use their existing campus' identities to access essential online federal government resources. NSF's FastLane is used by over 250,000 researchers, students, faculty and other research professionals to efficiently manage their grants and proposals via a secure web interface. The demonstration, which took place at the Internet2 Fall Member Meeting held this week in Chicago, allowed Principal Investigators at the University of Washington, Penn State University, and Stanford University to use their campus-issued sign-on credentials, enabled through Shibboleth, to access FastLane services. Parvati Dev, Director of SUMMIT, the learning research lab at Stanford University School of Medicine, who participated in the demonstration observed, "As a medical researcher I know the importance of controlling access to sensitive information and protecting people's privacy. I appreciate that this system is secure, and is easy for me to use and provides a more streamlined way for me to access my online grant proposals and other important grant information related to my research work. I also assist federal agencies in reviewing research proposals from other universities and again, secure, private access is absolutely necessary." Shibboleth, a SAML-based software suite, provides Web Single Sign On (SSO) capability and a secure attribute exchange framework to enable individual access to an unlimited number of online resource providers. Shibboleth leverages an institution's existing sign-on and directory system to authenticate users and then passes only relevant identity information to the provider. The system removes the need for universities to set up multiple passwords and accounts for each online resource. To date, Shibboleth has been deployed by thousands of research and education institution sites worldwide. Kevin Morooney, Vice Provost for Information Technology at Penn State University said, "Creating online credentials for individual access to protected resources has traditionally resulted in a great deal of administrative overhead for campus IT departments as well as additional security burdens for the users who need to remember multiple logins and passwords. Today's demonstration highlights how we can make research and academic life easier for faculty, students, and researchers as well as enable institutions and the NSF to save on operating costs while improving security and individual privacy." Dr. George O. Strawn, the NSF Chief Information Officer, also observed the value to the research community, saying "using the federated identity management model enables single sign-on meaning more IT security and less time spent keeping up with logins. This can translate into more time for research and education activities. NSF has a long-standing commitment to funding transformative middleware initiatives such as Shibboleth. The U.S. E-Authentication Identity Federation and the InCommon Federation working together will enable NSF to leverage authenticated credentials from its academic partner institutions." In the future, the system will allow an unlimited number of qualified users to access FastLane from partnerships between the U.S. E-Authentication Identity Federation and the InCommon federation for U.S. research and education. This pilot program with NSF also lays the groundwork for inter-federation between InCommon and E-Authentication. In doing so, potentially millions of students, educators, researchers, and staff in the U.S. higher education community will be able to more easily access a vast range of Federal agency applications that have become essential to their academic missions. Georgia K. Marsh, Deputy Program Manager for the E-Authentication Initiative, Federal Acquisition Service, General Services Administration, said, "The mission of E-Authentication is to provide secure access to government services to citizens, businesses, other governments and communities of all kinds. Working with the higher education community via InCommon enables us to provide access to key services more securely and cost-effectively. We are excited about the integration of the Authentication Service Component into agency applications, such as those in the Department of Education that are used by millions of students." RL "Bob" Morgan, Senior Technology Architect at the University of Washington and Chair of the Middleware Architecture Committee for Education (MACE) added, "Today's demonstration with FastLane marks an important milestone in realizing and validating our vision of creating interconnected trust communities for seamless and secure access to information and services. Through important partnerships between research and education, government and industry, as we have demonstrated today, we believe the federated identity management approach is becoming the industry standard for secure and privacy-preserving access to protected resources of all kinds."