Building a National Access Management Infrastructure

Slides:



Advertisements
Similar presentations
Authorisation Models for National Scale Services Alan Robiette Joint Information Systems Committee
Advertisements

Pennsylvania Banner Users Group 2008 Fall Conference Campus Identity Management in a Banner World.
AARLIN: An Australian Approach To Managing E-Collection Access Earle Gow La Trobe University Bundoora, Victoria, Australia
Supporting education and research JISC ‘Accessing the Future’ Addressing the needs of Further Education and smaller institutions Nicole Harris, JISC Programme.
KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.
INFSO-RI Enabling Grids for E-sciencE The EGEE project Fabrizio Gagliardi Project Director EGEE CERN, Switzerland Research Infrastructures.
NMP-NCP meeting - Brussels, 27 Jan 2005 Towards FP 7: Preliminary principles and orientations… Nicholas Hartley European Commission DG Research DG Research.
The Evolving Landscape of Irish Graduate Education IUA Fourth Level Network Annual Conference, 10 th November, 2009 Trinity College Dublin Development.
JISC Metaleth Project Athens, Shibboleth and the University of Bristol 29 th January 2007.
Technical Review Group (TRG)Agenda 27/04/06 TRG Remit Membership Operation ICT Strategy ICT Roadmap.
Copyright JNT Association 20051Optional Copyright JNT Association Joining the UK Access Management Federation 4th April.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
Agenda Project beginnings and funding. Purpose of the federation. Federation members. Federation protocols. Special features in our federation. Pilot.
Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –
Federated Identity Management in New Zealand Sat Mandri Service Manager TNC15 REFEDs Meeting, 14 th June 2015.
EGI-Engage EGI-Engage Engaging the EGI Community towards an Open Science Commons Project Overview 9/14/2015 EGI-Engage: a project.
Ontario Online Inter-ministerial Public Library Discussion Forum January 29, 2014 Ministry of Training, Colleges and Universities Strategic Policy and.
Eduroam Louis Twomey HEAnet Library Services Day 20 th November 2014.
Internet2 – InCommon and Box Marla Meehl Colorado CIO 11/1/11.
A complementary view from the DIGOIDUNA study Paolo Bouquet, University of Trento, Italy SMART 2010/0054.
IAM REFERENCE ARCHITECTURE BRICKS EMBEDED ARCHITECTS COMMUNITY OF PRACTICE MARCH 5, 2015.
2005 © SWITCH Perspectives of Integrating AAI with Grid in EGEE-2 Christoph Witzig Amsterdam, October 17, 2005.
Supporting further and higher education Middleware and AA within the JISC Environment Nicole Harris, JISC Development Group.
UCLA Enterprise Directory Identity Management Infrastructure UC Enrollment Service Technical Conference October 16, 2007 Ying Ma
Improving Integration of Learning and Management Systems Paul Shoesmith Director of Technical Strategy Becta.
JOINING UP GOVERNMENTS EUROPEAN COMMISSION Establishing a European Union Location Framework.
TERENA NORDUnet Networking Conference 1999 Lund Norman Wiseman JISC Head of Programmes JISC Programme for Middleware Development.
Bob Jones Technical Director CERN - August 2003 EGEE is proposed as a project to be funded by the European Union under contract IST
26 August 2011 Future of access to EU confidential data for scientific purposes Jean-Marc Museux Eurostat – 58th ISI conference,
1 Joint EAIE/NAFSA Symposium Amsterdam, March 2007 John E Reilly, Director UK Socrates-Erasmus Council.
Athens – integrated AMS services Ed Zedlewski JISC/CNI Conference Edinburgh, June 2002.
Dr Aniyan Varghese eGovernment Unit eGovernment Unit Directorate General Information Society Dr Aniyan Varghese eGovernment.
Authentication and Authorisation for Research and Collaboration Licia Florio REFEDS Meeting The AARC Project I2 Technology Exchange.
Authentication and Authorisation for Research and Collaboration Licia Florio AARC Workshop The AARC Project Brussels, 26 October.
Towards a Unified Authentication, Authorisation and Accounting Infrastructure Patrick Kirk Chief Technical Officer (YHGfL) Lifelong Learning Infrastructure.
Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos GRNET Proposed Pilots for Libraries and eGov.
The UK Access Management Federation John Chapman Project Adviser – Becta.
Connect. Communicate. Collaborate Deploying Authorization Mechanisms for Federated Services in the eduroam architecture (DAMe)* Antonio F. Gómez-Skarmeta.
Ensuring your data is in the right place at the right time John Chapman Senior Architect: Information Management Diplomas: Learning the lessons of.
University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.
Implementing the LLL Charter Michael H örig EUA Programme Manager Nicosia, Cyprus 22 November 2010.
NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.
1 Identities and Federation: The Next IT Wave (The Canadian Access Federation) Rick Bunt President The Canadian University Council of CIOs (CUCCIO)
Candidate Background Key ResponsibilitiesKey Behaviours Communication Managing Relationships Analysis & Problem Solving Collaboration Includes the right.
Image credit: NASA a multi-layered cloud services strategy Ronan Byrne, CTO, HEAnet
Identity and Access Management
Joint CIO Council and HR Deans & Directors Meeting
Bob Jones EGEE Technical Director
Knowledge for Healthcare: Driver Diagrams October 2016
Update from the Faster Payments Task Force
Use case: Federated Identity for Education (Feide)
University of Texas System
California State University CSUconnect Federation
Inclusive Governance and Multiplying Impact
Resource Efficient Scotland
Getting Started.
Strategic uses of Web Content Management Systems
Cloudstor: Glamming up the ecosystem
Getting Started.
TOOP Introducing The Once-Only Principle Project
Primary care networks: development and support
UK Access Management Federation
Michelle Papayannakos
Education and Training Statistics Working Group Meeting of 17 November 2010 Item 5 – Further actions Eurostat in regard to the follow up of the feasibility.
GEOSS AIP-5 Data Sharing Working Group
Draft Methodology for impact analysis of ESS.VIP Projects
Item 2.2 of the Agenda Remote access to confidential data for researchers: possible actions under the 7th Framework Programme Pascal JACQUES Unit B 5 15.
INNOVATION DEALS: A NEW APPROACH TO REGULATION
Innovation in Railways NTA Ireland
OU BATTLECARD: Oracle Identity Management Training
Presentation transcript:

Building a National Access Management Infrastructure Kieran Loftus Director of Computer Services, NUI, Galway November 2007 Kieran Loftus HEAnet Conference November 2007

Agenda What do we need and why? Benefits & side effects Where we stand Next steps Kieran Loftus HEAnet Conference November 2007

What do we need? “Sustainable World-Class Research” Support for collaboration, mobility, resource sharing Effective, secure, simple Provide an attractive environment for research Flexible Teaching & Learning Academic Mobility Collaborative programmes Student mobility between institutions Personal Mobility Work anywhere International effectiveness Research collaboration, Erasmus, non-EU students Kieran Loftus HEAnet Conference November 2007

Immediate drivers Access to licensed resources Publisher expectations won’t be IP based Growth of shared resources (IREL, NDLR) Need a simple authentication solution Emergence of collaborative academic programmes Collaborations Cork, Galway, Limerick Registration issues Student mobility in Dublin Research expectations Multiple collaborations Rapid and flexible collaboration Protection of shared outputs International & Marketplace developments Suppliers can offer solutions Shibboleth in UK, US, Mainland Europe Kieran Loftus HEAnet Conference November 2007

What does this mean in practice? Home Away Access provided on the basis of data maintained & provided by home institution Definitive Source of Identification Data Resource Kieran Loftus HEAnet Conference November 2007

What does this mean in practice? Business rules to support collaboration Who can access resources? Who should control access? How can we trust and be trusted? What standards must procedures meet? Good Local Identity & Access Management Based on good campus-wide procedures Needs to meet agreed (inter)national standards Need for an “others” database May all lead to significant local benefits Technical solution on a national scale International compatibility Kieran Loftus HEAnet Conference November 2007

Local Benefits of Local IAM Service improvements, Cost savings Eliminate Multiple id Databases Drive local process improvements Better management of joiners & leavers Better tracking of “others” Library resource access IT Provisioning & simplified sign-on Security Management Campus resource access Kieran Loftus HEAnet Conference November 2007

Towards a Sustainable Solution Two main ideas: Option One: Do what others have done Create an “Irish Access Management Federation” Is Shibboleth the only sensible option? Option Two: One big national academic directory Ireland is smaller Most students are CAO registered The products can support it Could we possibly deliver it? Kieran Loftus HEAnet Conference November 2007

Solution Issues Federation Centralised solution Replicates working solutions elsewhere Needs central leadership (or strong coordination) Requires Local IAM Solutions Extensible internationally – may not be easy Centralised solution May be appropriate to Irish scale Definitely requires shared central management How to deliver it? May relieve local resources Still need to provide international solution Potentially significant national benefits Potential political issues Kieran Loftus HEAnet Conference November 2007

Current Status eInis consortium, PRTLI funded SIF Cycle 2 Universities proposal Aim: to make sure that users are given simple and secure access to the resources which they need from any location Assumptions: Will extend to entire third level sector Central role of HEAnet Limited local deployments already Kieran Loftus HEAnet Conference November 2007

What should we do next? SIF Cycle 2 Outcome December 07 Then (assuming funding available): Mobilise project partners Legal & Governance Framework Architectural study & decision Full project definition Pilots Kieran Loftus HEAnet Conference November 2007

Thank You Kieran Loftus HEAnet Conference November 2007