Discovery and Federated Identity

Slides:



Advertisements
Similar presentations
The Art of Federations. Topics Federations of what… Federated identity versus federations Federations in other sectors – business, gov, ad hoc R&E Federations.
Advertisements

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
SURFfederatie - eduGAIN Opt-in Metadata Management for a Hub & Spoke Federation.
EduGAIN – Are we there yet? Lukas Hämmerle (ghost writer, Brook Schofield) FIM4R, Helsinki – 2 October 2013.
Europe Latin America Collaborative e ‑ Infrastructure for Research Activities A Model for Federated Services Brook Schofield, TERENA ● Sofia, Bulgaria.
Interfederation subgroup of InCommon Technical Advisory Committee (TAC) spaces.internet2.edu/display/incinterfed.
Intra-campus Web SSO Management Topics for Deployed Campuses Nathan Dors, Technology Manager University of Washington CAMP Shibboleth June 25-27, 2007.
Drive-By Dialogues. Presenter’s Name Topics The Long Strange Trip of I2 – NLR Merger A Brief Comment on Optical Networking Middleware Developments Security.
Kalmar Union Mikael Linden CSC, the Finnish IT Center for Science.
17 th TF-EMC2. Lyon, February 2011 On the Many Ways to Identity Exchange D i g i t a l i d e n t i t i e s a r e m o r e v a l u a b l e a s t h e y a.
Federated Identity for Scientific Collaborations: Policy Issues Jim Basney 2 nd Workshop on Federated Identity Systems for Scientific.
Building Trusted Transactions Identity Authentication & Attribute Exchange In Public and Private Federations OASIS Conference September 2010 Joni Brennan,
SWITCHaai Team Federated Identity Management.
SWITCHaai Team Introduction to Shibboleth.
InCommon as Infrastructure: How Recommended Practices and Federation Features Help Scale Federated Identity Management Michael R. Gettes, Carnegie Mellon.
(Inter)Federation as Identity Management Policy Driver? RL "Bob" Morgan University of Washington.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
Federated Identity: What It Brings to Open Government Dr Ken Klingenstein Director, Internet2 Middleware and Security.
Stuff, including interfederation stuff Dr Ken Klingenstein, Director, Middleware and Security, Internet2.
The I-Trust Federation: Federating the University of Illinois Keith Wessel Identity Management Service Manager University of Illinois at Urbana-Champaign.
Connect. Communicate. Collaborate eduGAIN in Real Life! Ajay Daryanani, RedIRIS TERENA Networking Conference Brugge, 20th May 2008.
Social Identity Working Group Steve Carmody. Agenda Intro to Using Social Accounts Status and Recent News –Current UT Pilot –Current InCommon Pilot with.
Federated Access to US CyberInfrastructure Jim Basney CILogon This material is based upon work supported by the National Science.
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.
Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.
Test your IdP
Federation as a Service Marina Vermezović, AMRES Federated Identity Technology Workshop Sofia, Bulgaria, 20. Jun 2014.
Federated Identity Graduates Nate Klingenstein Internet2 APAN 27 高雄台湾, March 3, 2009.
The Application and the Ecosystem. Acknowledgments Home and Scott Cantorhttps://spaces.internet2.edu/display/fedapp/
Janet and Cloud Services. Not just about research Respond to expressed needs No solutions in search of a problem Look first at value then cost Try to.
Grid Security and Identity Management Mine Altunay Security Officer, Open Science Grid, Fermilab.
Growth. Interfederation PKI is globally scalable Unfortunately, its not locally deployable… Federation is locally deployable Can it.
Introduction & use-cases FedAuth IETF78 Maastricht, July 27, 2010
Understanding deployment issues on the Supply Chain Ann Harding, SWITCH, Nicole Harris, TERENA Cambridge July 2014.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.
Uploading Web Page  It would be meaningful to share your web page with the rest of the net user.  Thus, we have to upload the web page to the web server.
Federated Identity Fundamentals Ann Harding, SWITCH Cambridge July 2014.
INTRODUCTION TO IDENTITY FEDERATIONS Heather Flanagan, NSRC.
Open Collaboration Exchange Alexander Blanc, Niels van Dijk, Jocelyn Manderveld, Remco Poortinga - van Wijnen VAMP 2013, Espoo.
Internet identity: Forward in All Directions Dr Ken Klingenstein, Director, Middleware, Internet2.
Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.
Authentication and Authorisation for Research and Collaboration Taipei - Taiwan Mechanisms of Interfederation 13th March 2016 Alessandra.
Géant-TrustBroker Dynamic inter-federation identity management Daniela Pöhn TNC2014 Dublin, Ireland May 19 th, 2014.
David Millman—Columbia January 2005
Resource subscription using DDS in oneM2M
Cross-sector and user-centric AAI
TrustTech - Task Overview (GN4-2 JRA3-T3)
Mechanisms of Interfederation
Introduction to Windows Azure AppFabric
eduTEAMS platform for collaboration Niels Van Dijk
InCommon Steward Program: Community Review
Science Behind Cross-device Conversion Tracking
Scalability of trust and metadata exchange across federations
ELIXIR Safeguarding the results of life science research in Europe
GÉANT 4-2 JRA3 T1 and T2 Federations and Campus (CaFe) e-Infrastructures and Service Providers (RASP) Daniela Pöhn JRA3 T1 LRZ/DFN-AAI Technology Exchange.
Policy in harmony: our best practice
The Future of Indoor Plumbing
How Social Technologies Connect Learners at Qualcomm
Context, Gaps and Challenges
Observations The phases of Internet-scale invention and the role of market-makers Skill sets for the new world order and nurturing its seed corn in common.
VO Identity, Attributes, and Infrastructure: Some Basics
User Registration.
Community AAI with Check-In
Fixing the Internet: Think Locally, Impact Globally
Shibboleth 2.0 IdP Training: Introduction
Read this to find out how the internet works!
The Attribute and the ecosystem
Computer Networks Protocols
Authentication and Authorisation for Research and Collaboration
Check-in Identity and Access Management solution that makes it easy to secure access to services and resources.
Presentation transcript:

Discovery and Federated Identity

Topics Life today and the pull-down list from Hell Hints at the wrong layer suck The importance of keeping the continuity of experience Staying with the story How does the likely path of interfederation affect discovery

Life Today Workarounds Initiating at the IdP – e.g. PSU get to NIH through the PSU research web site. Hand out Per-IdP URLs (e.g. Google) Assume one IdP, "click here if you're a weirdo" in its login UI Models SP/Embedded – e.g .Elsevier Centralized/Shared SP-centric - e.g. NIH Federated Login gateway vs. federation/IdP centrice.g. WAYF, InCommon

Moving from /etc/hosts to interfederation Connecting autonomous federations Critical for global scaling, accommodating state and local federations, integration across vertical sectors Has technical, financial and policy dimensions Technical solutions include eduGAIN and MDX Policy activities in eduGAIN, Kalmar2 Union, Kantara, Terena

MDX – metadata exchange protocol Institutions and organizations will pick a registrar to give their metadata to Institutions and organizations will pick an aggregator (or several) to get their partners metadata from Aggregators exchange metadata with each other and registrars If this sounds like DNS registration and routing, it is, one layer up

PEER Big Picture

Implications for discovery So many IdP’s… Can sub-select at the SP Can get sticky at the SP Discovery for non-web apps Pop up a browser Sticky on the device (cookie, cert,…)