From Authentication to Privilege Management to the Attribute Economy: Marketing runs amok…

Slides:



Advertisements
Similar presentations
The Basics of Federated Identity. Overview of Federated Identity and Grids Workshop Session 1 - for all Basics and GridShib Session 2 – more for developers.
Advertisements

Federated Identity for Grid Architects Tom Scavo NCSA
Combining the strengths of UMIST and The Victoria University of Manchester Adapting to Federated Identity SHEBANGS Shibboleth Enabled Bridge to Access.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Ken Klingenstein Director, Internet2 Middleware and Security Current stuff.
Dispatcher Conditional Expression Static Request Filter Attribute Filter Portal , DNS Hello User Sample (Gateway)
Implementing Shibboleth-based Virtual Organisations and VO Federations using IAMSuite (including AAF update) James Dalziel & Alan Lin Professor of Learning.
Step-up Authentication as-a Service Pieter van der Meulen Technical Product Manager.
Multi-Organizational Authorization Services RL “Bob” Morgan, University of Washington Internet2/Educause Advanced CAMP Boulder, Colorado July 2003.
Moonshot Workshop 14 th October Introduction to the Day Moonshot Workshop.
Internet2 and other US WMD Update. Topics Update on non-merger, Newnet (and the control plane), InCommon and other feds “Product” update – Shib, Grouper,
Identity Federation: Some Challenges and Thoughts OGF 19 Jan 30, 2007 Von Welch
Internet Scale Identity, Collaboration and Higher Education.
Some Frontier Issues from the Wild, Wild West Ken Klingenstein.
Leading in a new IT environment: Old saws and new technologies.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Widely Distributed Access Management Tom Barton University of Chicago.
Presenter’s Name InCommon Approximately 80 members and growing steadily More than two million “users” Most of the major research institutions (MIT joining.
Federated A(A(A))I Jens Jensen hepsysman, RAL,
University of Illinois at Urbana-Champaign National Center for Supercomputing Applications COI Identity Management and Federation: Design Issues, Process,
Intro to Identity for Developers Tom Barton, U Chicago Scott Cantor, Ohio State Patrick Michaud, U Washington.
Shib in the present and the future Ken Klingenstein Director, Internet2 Middleware and Security.
Maturation & Convergence in Authentication & Authorization Services in US Higher Education: Keith Hazelton, Sr. IT Architect, University.
External Identity and Authorization in GENI. Topics Federated identity and virtual organizations ABAC Creating and transporting attributes.
VO Identity, Attributes, and Infrastructure: Some Basics.
InCommon, other federations, the attribute ecosystem, and some killer apps needing guns…
VO and Internet2 Middleware. Presenter’s Name Topics Motivations for Internet2 Middleware work Federated identity and InCommon Other IdM Groups, privileges,
Stuff, including interfederation stuff Dr Ken Klingenstein, Director, Middleware and Security, Internet2.
Shibboleth Update Michael Gettes Principal Technologist Georgetown University Ken Klingenstein Director Interne2 Middleware Initiative.
GridShib: Grid/Shibboleth Interoperability September 14, 2006 Washington, DC Tom Barton, Tim Freeman, Kate Keahey, Raj Kettimuthu, Tom Scavo, Frank Siebenlist,
Social Identity Working Group Steve Carmody. Agenda Intro to Using Social Accounts Status and Recent News –Current UT Pilot –Current InCommon Pilot with.
Collaborative Platforms. Collaborations and Virtual Organizations IdM is a critical dimension of collaboration, crossing many applications.
A Role for Libraries in Helping Users Manage Collaboration.
Enabling Collaborations via a Transformative Virtual Organization Platform Dr. Gordon K. Springer University of Missouri-Columbia CS Department Seminar.
MAT U M A T U Middleware Assisted Take-Up Service For JISC Funded Early Adopters.
Taking Care of Our Core Business: Managing Collaborations Dr. Ken Klingenstein, Senior Director, Internet2 Middleware and Security.
Scared Straight… if you want to go outside… Authenticate Locally, Act Globally.
GridShib: Campus/Grid RBAC Integration Penn State Grid Computing Workshop August 5th, 2005 Von Welch
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.
Services Information University Project Sentinel Middleware & Identity Management for the Health Sciences Chad La Joie Georgetown University.
Authentication and Authorisation for Research and Collaboration Peter Solagna Milano, AARC General meeting Current status and plans.
Level of Assurance. LOA LOA classic - The strength of the authentication assertion Depends on identity proofing, delivery of credential, repeated act.
Shibboleth & Federated Identity A Change of Mindset University of Texas Health Science Center at Houston Barry Ribbeck
More Allergic Reactions Some Potential Next Steps Tom Barton University of Chicago.
~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant.
Federated Identity in the Global Landscape. Presenter’s Name Topics Federated identity basics International deployments and issues National, local and.
IoT Architecture GISFI # 07, Dec 19-22, 2011, New Delhi Organization: NEC Doc No: GISFI_IoT_
REFEDS. Rome, October 2009 Attribute space: LoAs, aggregation and reputation.
Brown University Leveraging Social Identities Steve Carmody CSG, May 15, 2013.
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.
CAMP Shibboleth: Next Steps Steve Carmody, Brown University Ann West, Educause/Internet2/Michigan Tech.
Leveraging Campus Authentication to Access the TeraGrid Scott Lathrop, Argonne National Lab Tom Barton, U Chicago.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Enabling SSO capabilities in the EGI Cloud services Peter Solagna – EGI.eu.
Authentication and Authorisation for Research and Collaboration Peter Solagna, Davide Vaghetti, et al. Topics for PY2 activities.
Networks ∙ Services ∙ People Jean Marie THIA GN4-1 Symposium, Vienna A case study GÉANT AuthN / AuthZ 9 march 2016 Solutions Architect -
Oracle Virtual Directory
The eCSG Mobile App Mario Torrisi INFN – Division of Catania 24 June 2013 Webinar on the eCSG 1.
Authentication and Authorisation for Research and Collaboration Peter Solagna, Nicolas EGI AAI integration experiences AARC Project.
AAI for a Collaborative Data Infrastructure
Shibboleth Roadmap
OMG, Another Simple, Lightweight Authentication Service???
Topics The simple life The Simple Life GUI The full IdM life
Some data about the CBIC Federation
AARC Blueprint Architecture and Pilots
GridShib: Grid/Shibboleth Integration Update GGF 18 Shibboleth Developers BoF September 10-11, 2006 Washington, DC Tom Barton, Tim Freeman, Kate Keahey,
Identity & Access Management
Guests and Collaborators
Shibboleth Deployment Overview
Authorization in UCTrust
Presentation transcript:

From Authentication to Privilege Management to the Attribute Economy: Marketing runs amok…

Topics The simple life The Simple Life GUI The full IdM life The full IdM Life GUI The attribute economy Living in an attribute economy Make sure the trust fabrics support the assertions

User Application access controls (including network devices) IdP Shib p2p Source of Authority Source of Authority Source of Authority A Simple Life

User Application access controls (including network devices) IdP Shib p2p Source of Authority Source of Authority Source of Authority Authn Autograph A Simple Life GUI

User Application access controls (including network devices) IdP Shib p2p Source of Authority Source of Authority Source of Authority A Full IdM Life Local apps

User Application access controls (including network devices) Shib p2p Source of Authority Source of Authority Source of Authority Authn Autograph A Full Life GUI Signet/ Grouper IdP Local apps

User Application access controls (including network devices) IdP Shib p2p Source of Authority Source of Authority Source of Authority Portal Gateway Proxy Source of Authority Source of Authority Source of Authority Source of Authority Source of Authority Real Life

User Application access controls (including network devices) IdP Shib p2p Source of Authority Source of Authority Source of Authority VO Service Center Gateway Source of Authority Source of Authority Source of Authority IdP An Example Flow in the Attribute Economy

User Application access controls (including network devices) IdP Shib p2p Autograph Authn Source of Authority Source of Authority S/G Portal

User Application access controls (including network devices) IdP Shib p2p Autograph Authn Source of Authority Source of Authority S/G VO Service Center Source of Authority S/G A VO Service Center Flow

Inviting Attributes into your life… For privacy and secrecy For better security For efficiency

Peering

Possible peering parameters LOA Attribute mapping Economics Liability Privacy

VOs plumbed to federations

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.