Participation in the InCommon Federation (“Federation”) enables a federation participating organization ("Participant") to use Shibboleth identity attribute sharing technologies to manage access to online resources that can be made available to the InCommon community. One goal of the Federation is to develop, over time, community standards for such cooperating organizations to ensure that shared attribute assertions are sufficiently robust and trustworthy to manage access to important protected resources. As the community of trust evolves, the Federation expects that participants eventually should be able to trust each other's identity management systems and resource access management systems as they trust their own. 

A fundamental expectation of Participants is that they provide authoritative and accurate attribute assertions to other Participants, and that Participants receiving an attribute assertion protect it and respect privacy constraints placed on it by the Federation or the source of that information. In furtherance of this goal, InCommon requires that each Participant make available to other Participants their privacy policies, security contacts, and to run their systems with organizational level authority. 

The following attributes are released by NDSU to other Participants after a user logs in: 

Personal information 

• Preferred first name 
• Preferred last name 

Contact 

• NDSU email address 

User Organization 

• NDSU affiliation (faculty, staff, employee, student) 

Other 

• Unique identifier 

The above attributes consist of the Research and Education Federations  (REFEDS) Research and Scholarship bundle. NDSU releases this bundle to all participants in InCommon and eduGAIN. InCommon is one of the 48+ national federations that make up eduGAIN. NDSU follows the REFEDS SIRTFI (Security Incident Response Trust Framework for Federated Identity) standards and is SIRTFI compliant. 

For security purposes and to ensure that the website remains available to all users, the NDSU Information Technology Division monitors network traffic to identify attempts to compromise or damage university networks or systems connected to those networks. 

NDSU collects and analyzes aggregate data about visitor traffic to determine trends and improve the NDSU website. The data collected may include, but is not limited to: 

• Domain and country 
• Internet protocol (IP) address 
• Internet browser 
• Operating system 
• Entrance and exit pages, and referrals 
• Date and time 
• Search terms and search engines 
• Cookies used to preserve data 

This is a standard practice for websites, and it is used to evaluate how NDSU can design the website to best serve customer needs. In some cases, a third party may have been authorized to collect some of this same information and provide reporting for marketing purposes. 

The NDSU Information Technology Division has implemented physical, electronic and managerial procedures to safeguard and help prevent unauthorized access, ultimately to assist in maintaining data security and ensure appropriate use of the information we collect online. 

NDSU does not collect personal information such as name or address unless you voluntarily provide it by sending email, participating in a survey or completing an online form. NDSU does not share or sell personal information to any third parties. NDSU does not release any personally identifiable information, unless required by law. 

The NDSU website uses Google Analytics, a website traffic tracking and reporting service, and Google Custom Search, a tool designed to assist with searching for and finding information on the NDSU website. These services help NDSU better understand and improve the university website's performance and user experience. NDSU adheres to Google's usage guidelines for this service, which prohibits the collection or association of personal information with Web analytics or site searches. How Google uses data when you visit our website / opt out. 

If you have questions about this site's collection of information or its online privacy statement, contact the NDSU Chief Information Security Officer.