eduroam Managed IdP - Roadmap

Slides:



Advertisements
Similar presentations
Lousy Introduction into SWITCHaai
Advertisements

Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM
Pharos Uniprint 8.3.
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Office 365 Identity June 2013 Microsoft Office365 4/2/2017
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
Core identity scenarios Federation and synchronization 2 3 Identity management overview 1 Additional features 4.
FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
Kerberos Jean-Anne Fitzpatrick Jennifer English. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open.
Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
Remote Access SSL VPN Stewart Duncan Technical Manager.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs Content may be customized.
Identity Management in Education. Welcome Scott Johnson, NetProf, Inc. Creator of OmnID Identity Management for Education
Document Management CategoryTracking Information Company:Citrix Systems, Inc. Author(s):Adolfo Montoya Owner(s):Worldwide Support Readiness Last modified:2/20/2012.
Eduroam Louis Twomey HEAnet Library Services Day 20 th November 2014.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
ArcGIS Server and Portal for ArcGIS An Introduction to Security
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 22 – Internet Authentication.
Kerberos. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open source or in supported commercial software.
Module 9: Designing Public Key Infrastructure in Windows Server 2008.
Paul Andrew. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.
Unified Distributed (UDub Mail) Life Cycle Objectives Sachin Pradhan Gabriel Maganis.
Core 3: Communication Systems. Network software includes the Network Operating Software (NOS) and also network based applications such as those running.
WebFTS File Transfer Web Interface for FTS3 Andrea Manzi On behalf of the FTS team Workshop on Cloud Services for File Synchronisation and Sharing.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Module 13: Enterprise PKI Active Directory Certificate Services (AD CS)
Distributed Systems Ryan Chris Van Kevin. Kinds of Systems Distributed Operating System –Offers Transparent View of Network –Controls multiprocessors.
Securing Web Applications Lesson 4B / Slide 1 of 34 J2EE Web Components Pre-assessment Questions 1. Identify the correct return type returned by the doStartTag()
Module 1: Introduction to Windows 2000 and Networking.
Easy 802.1X Onboarding with EAPConfig files and Supplicant Configuration Automatic Discovery (SCAD) Gareth Ayres (Speaker) Stefan.
Maryknoll Wireless Network Access Steps for Windows 7 As of Aug 20, 2012.
SSL: Secure Socket Layer By: Mike Weissert. Overview Definition History & Background SSL Assurances SSL Session Problems Attacks & Defenses.
L’Oreal USA RSA Access Manager and Federated Identity Manager Kick-Off Meeting March 21 st, 2011.
Wireless Security - Encryption Joel Jaeggli For AIT Wireless and Security Workshop.

1 Internal Use Only OmniVista 3600 Air Manager demonstration guide eDemo August 2016.
eduroam-as-a-service
CRLite: A Scalable System for Pushing All TLS Revocations to All Browsers By Kartik Patel.
JRA3-T4 eduroam development - plan Stefan Winter Task Leader JRA3-T4
Security Outline Encryption Algorithms Authentication Protocols
Single Sign-On Led by Terrice McClain, Jen Paulin, & Leighton Wingerd
Federation made simple
Overall Roadmap and Timeline
Module Overview Installing and Configuring a Network Policy Server
EDC Process Proposal Brian Brandaw Manager of IT Common Platforms
eduTEAMS Roadmap and Timeline,
Cryptography and Network Security
Authentication Applications
Public Key Infrastructure (PKI)
SQL Server 2005 Installation
On and Off Premise Secure Access
Cloud Connect Seamlessly
Message Digest Cryptographic checksum One-way function Relevance
Check Point Connectra NGX R60
Kerberos Kerberos is an authentication protocol for trusted hosts on untrusted networks.
CS 465 Certificates Last Updated: Oct 14, 2017.
Mechanisms for Distributed Global Authentication David R Newman.
Chapter 3: Protecting Your Data and Privacy
SharePoint Permissions Manager
NTC 328 Great Wisdom/tutorialrank.com. NTC 328 All Assignments For more course tutorials visit NTC 328 Assignment Week 1 Practice.
Certificate Revocation
FEUDAL Uros Stevanovic Federated User Credential Deployment Portal SA1
Cryptography and Network Security
Setting up eduroam for an IdP means …
Presentation transcript:

eduroam Managed IdP - Roadmap 2017 2018 2019 Q1 Q2 Q3 Q1 Q2 Q3 Q1 V1.0 V1.0 eduroam CAT 2.0 Production V1.1 eduroam CAT 2.1 Beta Production feature set see slide 2 PLM Gate feature set see slide 3 NIF Phase Service Design/Development Phase Service Transition Phase Pilot Phase Today Production Phase

eduroam Managed IdP – V1.0 feature overview Release Feature Description Benefit Status V1.0 Web UI web-based life-cycle management for eduroam user accounts allows institution administrators to create, distribute and revoke eduroam user credentials from within a browser Committed Certificate Authority TLS user credentials the above user accounts are created using the currently best available level of enterprise Wi-Fi security: EAP-TLS (X.509 client certificates) rather than usernames and passwords. The system includes OCSP-based real-time certificate revocation Installers eduroam “one-click” installation for end-users Installation programs/configuration files for many popular operating systems are provided which contain all relevant settings needed to access eduroam, including the above credentials RADIUS server credential checking, including revocation checks the above credentials are checked during network access time and access to an eduroam hotspot is granted (or not) based on the certificate and its revocation status

eduroam Managed IdP – V1.1 feature overview Release Feature Description Benefit Status V1.1 Web UI: third-party Defer user account creation/management to external third party e.g. link institution to a SAML IdP; users authenticate against that IdP and get their eduroam access based on the existence of their account at that third-party site dependent on U.S. patent situation (-> Dimitri) Potential Certificate Authority: hardware based CA Move from a pure software solution to a HSM (hardware security model) Improved security of private keys (for the CA that issues end-user certificates) dependent on feedback from admin users: is this necessary?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.