Who’s Managing That Identity?

Slides:

Advertisements

Similar presentations

The Basics of Federated Identity. Overview of Federated Identity and Grids Workshop Session 1 - for all Basics and GridShib Session 2 – more for developers.

Advertisements

Identity Network Ideals – Heterogeneity & Co-existence

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.

Credentialing, Levels of Assurance and Risk: What’s Good Enough Dr. Michael Conlon Director of Data Infrastructure University of Florida.

Jens Haeusser Director, Strategy IT, UBC The Future of Identity Management in Higher Education JA-SIG June 2007.

Trends in Identity Management Nate Klingenstein Internet2 EDUCAUSE Security Professional 2007.

1 Collaborators at the Gates of Troy: Extending eServices at USC.

Securing Insecure Prabath Siriwardena, WSO2 Twitter

Access Control Patterns & Practices with WSO2 Middleware Prabath Siriwardena.

T Network Application Frameworks and XML Service Federation Sasu Tarkoma.

1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.

Identity & Access Management DCS 861 Team2 Kirk M. Anne Carolyn Sher-Decaustis Kevin Kidder Joe Massi John Stewart.

The Laws of Identity and Cardspace Charles Young Solidsoft.

UCB Enterprise Directory Services. Directory Services – Project History  Requirements defined  Project commission & goals articulated  Project teams.

Christian Paquin May 1 st, 2007 Identity Management Techniques – CFP 2007 Tutorial – Copyright © 2007 Credentica Inc. All Rights Reserved.

June 30, 2004CAMP Shibboleth Implementation Workshop Shibboleth Mockup - ARP GUI Management by Steven Carmody Brown University proxy Walter Hoehn.

1 IDOT Vendor Portal Training August 5, 2013 Illinois Department of Transportation Presenter: Betsy Calcara.

SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)

Understanding Active Directory

Aegis Identity Software, Inc. presents Trends in Identity and Access Management in Higher Education to US Federations June 20, 2012 Janet Yarbrough – Director.

Identity and Access Management (IAM) What’s in it for Me? NC State University - Computer Security Day October 26, 2009 Mark Scheible Manager, Identity.

Introduction to Grouper Part 1: Access Management & Grouper Tom Barton University of Chicago and Internet2 Manager – Grouper Project.

Identity Management Report By Jean Carreon and Marlon Gonzales.

RECALL THE MAIN COMPONENTS OF KIM Functional User Interfaces We just looked at these Reference Implementation We will talk about these later Service Interface.

U.S. Department of Agriculture eGovernment Program August 14, 2003 eAuthentication Agency Application Pre-Design Meeting eGovernment Program.

PIV 1 Ketan Mehta May 5, 2005.

KUALI IDENTITY MANAGEMENT Provides services for Identity and Access Management in Kuali Integrated Reference Implementations User Interfaces An “integration.

Chad La Joie Shibboleth’s Future.

SharePoint Security Fundamentals Introduction to Claims-based Security Configuring Claims-based Security Development Opportunities.

Paul Andrew. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.

Kuali Identity Management Overview. Why did we write KIM? Common Interface for Kuali Applications Provide a Fully-Functional Product A Single API for:

Federated Identity and Shibboleth Concepts Rick Summerhill Chief Technology Officer Internet2 GEC3 October 29, 2008 Slides by Nate Klingenstein

Internet2 Middleware Initiative Shibboleth Ren é e Shuey Systems Engineer I Academic Services & Emerging Technologies The Pennsylvania State University.

Windows CardSpace Martin Parry Developer Evangelist Microsoft

State of e-Authentication in Higher Education August 20, 2004.

Shibboleth What is it and what is it good for? Chad La Joie, Georgetown University.

Claims-Based Identity Solution Architect Briefing zoli.herczeg.ro Taken from David Chappel’s work at TechEd Berlin 2009.

All Rights Reserved 2014 © CMG Consulting LLC Federated Identity Management and Access Andres Carvallo Dwight Moore CMG Consulting, LLC October

SAML a mature six year old? Glenn Wearen, Paul Caskey & Josh Howlett.

Access Control Status Report Group Name: ARC/SEC Source: Dragan Vujcic, Oberthur Technologies, Meeting Date: 09/12/2013 Agenda Item:

Jane Hill Directory Services Product Manager, Harvard University.

KIM: Kuali Abstraction Layer for Identities, Groups, Roles, and Permissions.

Identity Management and Enterprise Single Sign-On (ESSO)

Access Control Status Report Group Name: ARC/SEC Source: Dragan Vujcic, Oberthur Technologies, Meeting Date: 09/12/2013 Agenda Item:

E-Authentication October Objectives Provide a flexible, easy to implement authentication system that meets the needs of AES and its clients. Ensure.

Kuali Identity Management: Introduction and Implementation Options Jasig - Spring 2010 Wednesday, March 10, :30 am.

Is Federation Putting you at Risk? Presenter: Dan Dagnall – Chief Operating Officer, Fischer International Identity, LLC.

Exploring Access to External Content Providers with Digital Certificates University of Chicago Team Charles Blair James Mouw.

Identities and Azure AD Premium

Introduction to Terra Dotta Applications Integration with Campus Data Systems for institutions beginning their software implementation.

Prabath Siriwardena, Director of Security, WSO2 Twitter

Managing Office 365 Identities and Requirements Question Answer

Connected Identity & the role of the Identity Bus Prabath Siriwardena Director of Security Architecture WSO2.

The FederID project The First Identity Management and Federation Free Software.

WSO2 Identity Server. Small company (called company A) had few services deployed on one app server.

Using Your Own Authentication System with ArcGIS Online

Azure Active Directory - Business 2 Consumer

Identity Management (IdM)

Introduction How to combine and use services in different security domains? How to take into account privacy aspects? How to enable single sign on (SSO)

Addressing the Beast: Single Sign-On II

ESA Single Sign On (SSO) and Federated Identity Management

درس تطبيقي مادة التربية الفنية للصف الرابع الابتدائي

PASSHE InCommon & Federated Identity Workshop

Matthew Levy Azure AD B2B vs B2C Matthew Levy

Example Use Case for Attribute Authorities and Token Translation Services - the case for eduGAIN Andrea Biancini.

Moving forward with assurance

December 2007 Dave Anderson IT Services

The Attribute and the ecosystem

Шаттық шеңбері.

Martin Parry Developer Evangelist Microsoft

Presentation transcript:

Who’s Managing That Identity? Spring 2008 CHECO

Person vs. User Person User Has a body and a mind? Name Address/phone # Student ID/Employee ID Major/Job Class & Department Email Address Is an application concept Name (login) Application Specific Authorizations Application specific attributes

Authority? Person User Business Process: HR, Registrar Maintained by: HR Admin, Registrar’s Office, Self System of Record: HR, SIS Business Process: Application owner Maintained by: Application Admin System of Record: Application

Delegation? Person User Bio/Demographic (incl. email) Tax ID Authentication Creation/Deletion Role management (to a person system?) Application attributes (share; or at least store externally) Authorization policy

“Overloaded” Concepts “Guest” Expiration Level of Assurance Role Directory

Awkward Feature Tangle Person systems of record assume each “person” record represents a system user AND Identity management systems primarily concerned with user provisioning treat each user as a person (bootstrap problem)

(Shifting Gears Slightly) Upstream Convergence CardSpace; OpenID; Higgins Project Identity Service Providers: Bio/Demographic Data Authentication Allows for application specific (or relationship specific) attribute passing

The future from 2005 Do you know Dick? Microsoft says what?!? Dick Hardt Defines “Identity 2.0” Microsoft says what?!? Kim Cameron’s Laws of Identity and the Identity Metasystem

Raises More Questions Are we identity service providers? What level of trust do we accept? Do we want our identity attributes in a “walled garden”? Person attributes; user attributes; both? What about Shibboleth (SAML)? Will our vendors “get it”?