Federated Identity to Support Collaboration in the CIC

Slides:



Advertisements
Similar presentations
Glenn Johnson John A. Dutton e-Education Institute Project Manager, Penn States e-Portfolio Initiative Glenn Johnson John A. Dutton e-Education Institute.
Advertisements

A multi-tiered storage and data protection strategy Carl Follstad Manager, University Data Mgmt Services Office of Information Technology University of.
What Does the Net Generation Expect From Us? SAC August 8, 2005 SAC August 8, 2005 Copyright © 2005, Joel L. Hartman. This work is the intellectual property.
While You Were Out: How Students are Transforming Information and What it Means for Publishing Kate Wittenberg The Electronic Publishing Initiative at.
The Academic Computing Assessment Data Repository: A New (Free) Tool for Program Assessment Heather Stewart, Director, Institute for Technology Development,
A Web-based Bibliography Management Initiative: Collaborating for Classroom and Library Technology Integration Brian Nielsen, Academic Technologies Denise.
Innovation and Outcomes: Voices of Experience Purdue University Calumet Midwest Educause Conference Monday, March 13, 2006 Heather L. Zamojski: Course.
Identity Management: The Legacy and Real Solutions Project Overview.
UWM CIO Office A Collaborative Process for IT Training and Development Copyright UW-Milwaukee, This work is the intellectual property of the author.
University of Chicago University of Illinois Indiana University University of Iowa University of Maryland University of Michigan Michigan State University.
Copyright Statement © Jason Rhode and Carol Scheidenhelm This work is the intellectual property of the authors. Permission is granted for this material.
Foundations of Excellence: Support Services for Online Learning Midwest Regional Conference, 2005 Chicago, Illinois Presenters: Diane Dates Casey Jan Engle.
NLII Mapping the Learning Space New Orleans, LA Colleen Carmean NLII Fellow Information Technology Director, ASU West Editor, MERLOT Faculty Development.
Darrel S. Huish Katherine J. Ranes Arizona State University Lessons Learned During the First Year of myASU, a Large Institution Portal Copyright Darrel.
Training the University Community for Self-Archiving in Institutional Repositories Melanie Feltner-Reichert The University of Tennessee Thura R. Mack The.
So You Want to Switch Course Management Systems? We Have! Come Find Out What We’ve Learned. Copyright University of Okahoma This work is the intellectual.
EDUCAUSE April 25, 2006Enforcing Compliance with Security Policies … Enforcing Compliance of Campus Security Policies Through a Secure Identity Management.
Sharing MU's SharePoint Experience 2005 Midwest Regional Conference Innovative Use of Technology: Getting IT Done Wednesday, March 23, 2005.
Page 1 Copyright Jill M. Forrester This work is the intellectual property of the author. Permission is granted for this material to be shared for.
Herding CATS: the Community of Academic Technology Staff Lou Zweier, Director CSU Center for Distributed Learning The California State University NLII,
Educause 2006, Dallas TX What does a University need from Access Management? John Paschoud InfoSystems Engineer, LSE Library London School of Economics.
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign Federated Incident Response Jim Basney
Copyright Michael White and Sandra Thompson, This work is the intellectual property of the author. Permission is granted for this material to be.
Office of Information Technology Balancing Technology and Privacy – the Directory Conundrum January 2007 Copyright Barbara Hope and Lori Kasamatsu 2007.
Discussion Panelists: Justin C. Klein Keane Sr. Information Security Specialist University of Pennsylvania Jonathan Hanny Application Security Specialist.
CMC’s Journey of Migration from WebCT to Sakai X. Melissa Zhuo, Ben Royas CLAREMONT McKENNA COLLEGE Copyright Claremont McKenna College, 2007.
1 Copyright Carl Berger This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
Using Levels of Assurance Well, at least thinking about it…. MAX (just MAX)
Copyright [Dr. Michael Hoadley, Chat Chatterji, and John Henderson ] [2004]. This work is the intellectual property of the authors. Permission is granted.
(C) , CyberLearning Labs, Inc. Introduction to ANGEL EDUCAUSE Midwest Regional Conference March 26, 2003 Christopher Clapp
Integration is Critical for Success Curriculum Course Delivery Ongoing Support Instructor & Learner.
Portals and Web Standards Lessons Learned and Applied David Cook Copyright The University of Texas at Austin This work is the.
A Strategy for Moving from Commercial to an Open Source Environment Jeshua Pacifici, GEDI Assistant Director and Learning Systems Consultant.
What’s Happening at Internet2 Renee Woodten Frost Associate Director Middleware and Security 8 March 2005.
Copyright Statement Copyright Robert J. Brentrup This work is the intellectual property of the author. Permission is granted for this material to.
WebISO, Single Sign-On & Authorization General Overview Shelley Henderson Project Manager, Grid Software USC Information Services Copyright.
NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.
Copyright James Kulich This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
© Scottsdale Community College Leveraging the Power of E-Learning Taking your course to a higher level Presented by Sidne Tate Director, Instructional.
Top 10 Challenges of the Academic Technology Community Veronica Diaz, John Campbell, Dennis Trinkle Wednesday, October 24, :50 p.m. - 4:40 p.m.
Resources to CAMP: Charting Your Authentication Roadmap.
Vision: Increase regional sharing and collaboration in order to expedite the delivery and adoption of energy efficiency. Conduit is brought to you by NEEA.
Copyright Christine E. Haile & Justin D. Sipher This work is the intellectual property of the authors. Permission is granted for this material.
University of Southern California Identity and Access Management (IAM)
Breaking Down Barriers & Building Bridges Improves Customer Satisfaction & Efficiency Wendy Woodward | March 15, 2011 Copyright Wendy Woodward 2011.
Tom Barton, Senior Director for Integration, University of Chicago
SharePoint 2010: Designing, Developing, and Deploying on Your Campus
Jill Forrester and David Kelly| October 20, 2011
Federated Identity Management at Virginia Tech
Counting New Forms of Scholarship Toward Tenure and Promotion
Malia Crouse Regis University January 22, 2009
CIO Constituent Group Meeting
John O’Keefe Director of Academic Technology & Network Services
Federating with NIH, NSF, and the National Student Clearinghouse
Defining an IT Workflow, from Request to Support
Designing a Web-Based Student Portfolio System
Copyright Notice Copyright Bob Bailey This work is the intellectual property of the author. Permission is granted for this material to be shared.
Ed Barboni, Senior Advisor, Council of Independent Colleges
Blaine A. Brownell, President,
University of Southern California Identity and Access Management (IAM)
Ass’t Director for Technology Collaboration
Project for OnLine Instructional Support (POLIS)
Open Source Web Initial Sign-On Packages
myIS.neu.edu – presentation screen shots accompany:
© Mike Reese This work is the intellectual property of the author
An App A Day Copyright Tina Oestreich and Brian Yuhnke This work is the intellectual property of the author. Permission is granted for this material.
EDUCAUSE Networking 2002 Washington, D.C. April 17, 2002
Federated Incident Response
Presentation transcript:

Federated Identity to Support Collaboration in the CIC Tim Newcomb, CIC Marko Stojkovic, CIC Rahul Doshi, Indiana University Copyright Tim Newcomb, Marko Stojkovic, Rahul Doshi 2009. This work is the intellectual property of the authors. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the authors." Member schools of CIC, the Committee on Institutional Cooperation, have joined the InCommon Federation and are federating their first application together! CICme, the CIC's online collaboration tool, based on Microsoft SharePoint, was selected first for its ability to allow all CIC users to use their home usernames and passwords to access a wide range of interactive tools to support their work. We will discuss the goals of the project, the issues we faced, and the technology and processes we developed to implement our federated solution.

Agenda About the CIC CICme built on MS SharePoint & Shibboleth Overview/Demo of CICme Solution Challenges Faced Q & A

What We Do Leverage resources for cost efficiency Share resources such as laboratories and libraries Accelerate the adoption of best practices Provide academic leadership for the region University of Chicago University of Illinois Indiana University University of Iowa University of Michigan Michigan State University University of Minnesota Northwestern University Ohio State University Pennsylvania State University Purdue University University of Wisconsin-Madison

Based on Microsoft SharePoint (WSS 3.0) CIC groups share documents and other resources CICme sites are private – only CIC group accessible Accessible by Federated and Non-Federated users alike

Why Federate CIC Institutions ? Create common authentication framework Reduce user hassle by using familiar campus logins Allow local campus to set login security requirements

Peer Collaboration UIUC Purdue UC Mich PSU IU NWU Iowa OSU MSU Minn UW-Mad Mich PSU IU NWU Iowa OSU MSU Minn

CIC Collaboration CICme UIUC Purdue UC Mich PSU IU NWU Iowa OSU MSU UW-Mad Mich PSU CICme IU NWU Iowa OSU MSU Minn

InCommon Federation Unites Authentication UC UW-Mad UIUC Purdue IU CICme PSU Iowa OSU Mich NWU MSU Minn

CICme Federation Timeline Spring 2008 Selection of CICme as pilot application Summer 2008 All CIC members join InCommon Fall 2008 Design membership provider based on MS SQL provider for CICme Feb 17, 2009 CICMe conversion to Federated access complete Next Steps Potential projects: Attribute Release Standardization Cross-Registration for Courses HathiTrust (SDR)

Solution Overview CICme ASP.NET Forms Authentication ASP.NET Authorization Direct (username/pwd) Shibboleth SQL Role Provider SQL Membership Provider SQL Membership DB (users and roles)

Solution Overview – Cont. Shibboleth Lazy Session Attributes eduPersonPrincipalName (ePPN) as username

Authentication Process Local Campus Login System Username (ePPN) Locate User in Memb. Db Federated User CICme Login Page ASP.NET Forms Authentication Authorization Non-Federated User SQL Role Provider Direct Authentication SQL Membership Provider Username + Password Requested CICme Page

Demonstration

Challenges Faced Logout – similar to sso logout issues User profile information

Migration Strategy for CICme Users How do we collect ePPN ? Email search match Copy roles and profile Request Access Minimize Attribute release

Next Steps Facilitate development of CIC wide attribute release standardization Federate more CIC wide applications

Contact us: Tim Newcomb, Network Analyst tdnewk@staff.cic.net Marko Stojkovic, Information Technology Specialist mjstojkov@staff.cic.net Committee on Institutional Cooperation 1819 South Neil Street, Suite D Champaign, IL 61820-7271 Phone: 217-333-8475 www.cic.net

Contact us: Rahul Doshi Lead Analyst Identity Management Systems rdoshi@indiana.edu

Resources CIC: http://www.cic.net/ InCommon: http://www.incommonfederation.org CIC Article “One Password Fits All” http://www.cic.net/Libraries/Reports/OnePasswordFitsAll.sflb.ashx

Thank you! Questions?

Appendix