WebISO PanelEducause SAC 2003 1 Implementing Single Sign On Technologies for Campus Portals Panel Nathan Dors, Project Lead Security/Middleware Unit Univ.

Slides:

Advertisements

Similar presentations

MyProxy Jim Basney Senior Research Scientist NCSA

Advertisements

Open-source Single Sign-On with CAS (Central Authentication Service) Pascal Aubry, Vincent Mathieu & Julien Marchal Copyright © 2004 – ESUP-Portail consortium.

How to Implement an Enterprise Portal at a Small Campus MWRC06 Ilya V. Yakovlev, Ph.D. University of Wisconsin-Superior.

Glenn Johnson John A. Dutton e-Education Institute Project Manager, Penn States e-Portfolio Initiative Glenn Johnson John A. Dutton e-Education Institute.

CUMREC, 2004 Copyright: Ian Taylor, Rupert Berk, Heidi Berrysmith; This work is the intellectual property of the authors. Permission is granted for.

Experiences in Middleware Deployment: Teach a man to fish… Mary Fran Yafchak NMI Integration Testbed Manager SURA IT Program Coordinator.

How Identity and Access Management Can Help Your Institution Touch Its Toes Renee Woodten Frost Internet2 and University of Michigan Kevin Morooney The.

What Does the Net Generation Expect From Us? SAC August 8, 2005 SAC August 8, 2005 Copyright © 2005, Joel L. Hartman. This work is the intellectual property.

Office of Information Technology Affiliates/Guests – Who are these people and how do we give them services? Copyright, Barbara Hope, University of Maryland,

Student, Faculty, and Staff Data Availability and Protection What’s the Back-Up Plan? (for academic computing) Sponsored by.

October 21, 2004 Object-Oriented E- Education for PK-16 Students and Teachers Dr. Robert J. Beck University of Wisconsin - Milwaukee.

© Copyright Computer Lab Solutions All rights reserved. Do you need usage information about your computer labs? Copyright Computer Lab Solutions.

Web Application Management Moving Beyond CMS Douglas Clark Director, Web Applications Copyright Douglas Clark 2003 This work is the intellectual property.

Copyright John F (Barry) Walsh This work is the intellectual property of the author. Permission is granted for this material to be shared for non-

Copyright Tom Parker, Ron DiNapoli, Andrea Beesing, Joy Veronneau This work is the intellectual property of the authors. Permission is granted for.

USCGrid KX.509& Enterprise Security Shelley Henderson Project Manager, Grid Software USC Information.

1 Extending Authenticated Online Services with "Friend Accounts" at Washington State University Brian Foley Technology Architect/Application Developer.

Office of the Vice President Copyright Notice Copyright Greg Hedrick, Matthew Wirges This work is the intellectual property of the author. Permission.

The Homegrown Single Sign On (SSO) Project at UM – St. Louis.

JA-SIG CAS Enterprise Single Sign-On Scott Battaglia Application Developer Enterprise Systems & Services Rutgers, the State University of New Jersey Copyright.

Identity Management: The Legacy and Real Solutions Project Overview.

Copyright Statement © Jason Rhode and Carol Scheidenhelm This work is the intellectual property of the authors. Permission is granted for this material.

Making the Pieces Fit Together Barbara Draude, Director, Academic and Instructional Technology Services Middle Tennessee State University Lisa Rogers,

Wireless LANs A Case Study of Baylor University’s Wireless Network Copyright Bob Hartland 2002 This work is the intellectual property of the author. Permission.

Web Portal Development with uPortal or.Net Midwest Educause: March 24-26, 2003 David B. Williams Mark Troester

WebISO Survey of Technologies & Requirements Nathan Dors University of Washington CAMP, June 4-6, 2003 Copyright 2003 Nathan Dors. This work is the intellectual.

Moving Your Paperwork Online Western Washington University E-Sign Web Forms Copyright Western Washington University, This work is the intellectual.

CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.

Learning Management Systems Camp June 2004 Barry R Ribbeck UT HSC Houston Copyright, Barry Ribbeck, This work is the intellectual property of the.

CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,

Identity Management – Why and How Experiences at CU-Boulder Copyright Linda Drake, Director of Development and Integration, University of Colorado, Boulder,

EDUCAUSE April 25, 2006Enforcing Compliance with Security Policies … Enforcing Compliance of Campus Security Policies Through a Secure Identity Management.

Sharing MU's SharePoint Experience 2005 Midwest Regional Conference Innovative Use of Technology: Getting IT Done Wednesday, March 23, 2005.

Sharing Information and Controlling Content: Continuing Challenges for Higher Education Susanna Frederick Fischer Assistant Professor Columbus School of.

Information Technology Services 1 Copyright Copyright Marc Wallman and Theresa Semmens, This work is the intellectual property of the authors. Permission.

Educause 2006, Dallas TX What does a University need from Access Management? John Paschoud InfoSystems Engineer, LSE Library London School of Economics.

NERCOMP Managing Campus Affiliates Managing Campus Affiliates Faculty? Student? Faculty? Student? Staff? Criss Laidlaw Director of Administrative.

Middleware Deployment Issues Jack Suess, CIO, UMBC

3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.

Discussion Panelists: Justin C. Klein Keane Sr. Information Security Specialist University of Pennsylvania Jonathan Hanny Application Security Specialist.

January 9, 2002 Internet2 WebISO Project RL "Bob" Morgan, University of Washington.

Single Sign-On in the Danish Educational Sector Per Thorboll Deputy director UNI-C.

The Unexpected Webification of FRS Financial Records System or Steve Machuga Gil Thornfeldt “A funny thing happened on the way to electronic forms” Copyright.

1 Presenters: Lucretia Parham Sara Connor Armstrong Atlantic State University October 30, :45 – 12:35 Copyright Sara Connor and Lucretia Parham,

Portals and Web Standards Lessons Learned and Applied David Cook Copyright The University of Texas at Austin This work is the.

WebISO PanelEducause SAC Implementing Single Sign On Technologies for Campus Portals Panel Nathan Dors, Project Lead Security/Middleware Unit Univ.

EDUCAUSE 2003 Copyright Toshiyuki Urata 2003 This work is the intellectual property of the author. Permission is granted for this material to be shared.

Attribute Delivery - Level of Assurance Jack Suess, VP of IT

Mining User Data: Getting the Most out of your CMS John Fritz, UMBC.

WebISO, Single Sign-On & Authorization General Overview Shelley Henderson Project Manager, Grid Software USC Information Services Copyright.

University of Southern California Identity and Access Management (IAM)

SIP Protocol overview SIP Workshop APAN Taipei Taiwan 23rd Aug 2005

Federated Identity Management at Virginia Tech

Walking the Line Between Customer Service and Customer Codependency

How many of you use Blackboard?

Julian Hooker Assistant Managing Director Educause Southwest

Federating with NIH, NSF, and the National Student Clearinghouse

Defining an IT Workflow, from Request to Support

Copyright Notice Copyright Bob Bailey This work is the intellectual property of the author. Permission is granted for this material to be shared.

Life After Implementation: Ensuring 24 x 7 Availability

Blaine A. Brownell, President,

University of Southern California Identity and Access Management (IAM)

Project for OnLine Instructional Support (POLIS)

Open Source Web Initial Sign-On Packages

myIS.neu.edu – presentation screen shots accompany:

Signet Privilege Management

An App A Day Copyright Tina Oestreich and Brian Yuhnke This work is the intellectual property of the author. Permission is granted for this material.

Enabling Applications to Use Your IdMS

Signet Privilege Management

Presentation transcript:

WebISO PanelEducause SAC Implementing Single Sign On Technologies for Campus Portals Panel Nathan Dors, Project Lead Security/Middleware Unit Univ. of Washington Mike Pickett, Deputy CIO, Duke Jack Suess, CIO, UMBC, Copyright This work is the intellectual property of the authors. Permission is granted for this material to be shared for non- commercial, educational purposes, provided that this copyright appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the authors.

WebISO PanelEducause SAC What is a WebISO? A Web-based initial sign on (WebISO) provides an authentication mechanism to support a single sign on across a variety of Web-based applications, including portals, learning management systems, ERP, and others that fall outside of central IT, including 3rd party applications.

WebISO PanelEducause SAC When Did Your University Develop its WebISO? Washington - Pubcookie was released in 1997 UMBC- WebAuth released in August 2000 Duke - Webauth released in July 2001.

WebISO PanelEducause SAC What is the Authentication Service for Your WebISO Washington - Kerberos, SecurID Duke - Kerberos, LDAP, DCE UMBC - LDAP, Kerberos, custom

WebISO PanelEducause SAC What Alternatives Were Considered Before Developing Your Own? Washington - None. Duke - Started with a commercial product, SnareWorks, for web registration. Cost and performance were factors that led to developing their own product. UMBC - None. However in 2001 we did look at Oblix as a possible choice. Cost and flexibility were the factors against changing.

WebISO PanelEducause SAC Does Your Campus Have A Portal? If So, How Does the WebISO Fit In? UMBC - WebISO is the glue that holds together our homegrown 1st generation portal. Looking at myEAI, BB6, and uPortal. Washington - myUW homegrown portal but looking at uPortal. Duke - looking at uPortal but presently uses WebISO to provide access to many applications

WebISO PanelEducause SAC What Are the Most Important Applications Using the WebISO? Duke - Blackboard, ACES, PeopleSoft 8, WebMail, Net registration UMBC - Portal, Blackboard, Webmail, and ERP in terms of logins. Washington - myUW, have 1210 unique applications.

WebISO PanelEducause SAC Do Other Groups on Campus Use the WebISO? Duke - Broadly used across campus. Washington servers are using pubcookie with about half outside of central IT. UMBC- Just a few on-campus groups. One external 3rd party (one-card) uses this.

WebISO PanelEducause SAC How do you Insure Uptime of the Service Washington - clustering with DNS round-robin. UMBC - In is treated in same class as DNS and Kerberos. Uptime is handled through redundancy, load balancing, and proactive monitoring (netsaint). Duke - Redundant servers, DNS round-robin, monitoring tools

WebISO PanelEducause SAC Haw have you Handled Proxy and 3-Tier Login Washington - Yes for Proxy. 3-Tier not implemented in this release, CMU has done some work with this. Duke - Yes for proxy. 3-tier for Kerberos/DCE services UMBC - Yes for proxy. Not yet for 3-tier login Yales CAS provides a good solution to 3-Tier.

WebISO PanelEducause SAC Is WebISO Development Still Happening? If So, Please Describe. Duke - Yes. Watermarking the authentication page. Washington - Yes. come to tutorial on Wednesday:-) UMBC - Yes. Recent work has been PeopleSoft servlet. ERP auditing issues required additional functionality for password aging and management. We are also looking at.Net interface for Windows 2000 and a Cold-Fusion servlet.

WebISO PanelEducause SAC Were There Any Disappointments or Issues You Want Others to Avoid? ALL - Dont bother to write your own WebISO! Washington - Would like to add attributes and remove DNS limitations (Washington.edu) Duke - Put a lot of effort and cost into SnareWorks but learned valuable lessons. UMBC - Success is never final. Campus expects us to be able to integrate our WebISO across everything and are disappointed if we dont.

WebISO PanelEducause SAC Resources Pubcookie - pubcookie.org Duke - webauth.duke.edu UMBC - Internet2 - Yale - CAS Nathan will have a tutorial session on Pubcookie and Shibboleth at Snowmass on Wednesday at 8:30 Slides: