UC Trust

What is UC Trust?

UCTrust was created by the Information Technology Leadership Council on April 17, 2006 as the basis for a unified identity and access management infrastructure for the University of California system. UCTrust enables authorized campus individuals to use their local campus electronic credential to gain access, as appropriate, to participating services (Resource Providers) throughout the UC system. UCTrust is based on industry standard technologies and a common set of identity attributes and identity management practices.

UC Trust at UCI

UCI has implemented the Internet 2 Shibboleth software which provides a federated single sign-on and attribute exchange mechanism between federation members. What this means is the community of users at UC Trust member sites, e.g. the UC Campuses, can use their local campus authentication systems, such as UCI’s WebAuth system (part of UCI’s Identity Management (IdM) System), to authenticate to services provided by other UC Trust members such as the At Your Service Onlinesystem.

UC Trust members, including UCI, are members of the InCommon Federation which will enable UCI affiliates to authenticate to other InCommon members, including vendors we do business with.

In order for federation participants to determine their level of trust for identity and attribute assertions, each InCommon participant provides a Participant Operational Practices (PDF) document which outlines each participant’s Identity Management or Service system.

UCLA maintains the UC Trust Work Group Home pages.

Attributes and Identifiers used by UC Trust

UC Trust supports various identity attributes that can be used by applications as identifiers, summarized here: User Identifiers for UC Trust

Commonly used InCommon Federation attributes are summarized here: InCommon Attribute Summary