IAM Online Friday, February 12, 2010 “Introduction to Federated Identity Management” John O’Keefe, Lafayette College Questions either via Adobe Connect.

Slides:



Advertisements
Similar presentations
Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
Advertisements

Emerging Technologies in Higher Education: Big School Solutions to Small School Problems John OKeefe Director, Academic Technology and Network Services.
1 Leveraging Your Existing Campus Systems to Access Resource Partners: Federated Identity Management and Tales of Campus Participation EDUCAUSE 2006 October.
Defining the Security Domain Marilu Goodyear John H. Louis University of Kansas.
Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
Sponsored by the National Science Foundation Campus Policies for the GENI Clearinghouse and Portal Sarah Edwards, GPO March 20, 2013.
1 Collaborators at the Gates of Troy: Extending eServices at USC.
Outsourcing IAM in North Carolina
1 Penn State’s Identity & Access Management Initiative “It’s all about who you know … and what you know about them”
Emory University Case Study I2 Day Camp November 5, 2010 John Ellis & Elliot Kendall.
Identity Management Realities in Higher Education NET Quarterly Meeting January 12, 2005.
2006 © SWITCH Authentication and Authorization Infrastructures in e-Science (and the role of NRENs) Christoph Witzig SWITCH e-IRG, Helsinki, Oct 4, 2006.
Identity Management: Some Basics Mark Crase, California State University Office of the Chancellor CENIC - March 9, 2011.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.
IAM Online An Overview of Identity Management in Higher Education, 2011 Wednesday, July 13, 2011 – 3 p.m. ET Mark Sheehan, EDUCAUSE Center for Applied.
InCommon and Federated Identity Management 1
Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign InCommon and TeraGrid Campus Champions Jim Basney
New Faculty Orientation Blackboard Academic Suite 7.1 University of the Pacific June 28, 2015.
NJVid New Jersey Video Portal 1 Grant partners. NJVid New Jersey Video Portal 2 NJTrust - New Jersey Identity Trust Federation NJViD Advisory Board Meeting.
Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –
Presenter’s Name InCommon Approximately 80 members and growing steadily More than two million “users” Most of the major research institutions (MIT joining.
CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
InCommon Policy Conference April Uses  In order to encourage and facilitate legal music programs, a number of universities have contracted with.
Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.
Welcome to CAMP Identity Management Integration Workshop Ann West NMI-EDIT EDUCAUSE/Internet2.
Copyright Copyright Ian Taylor This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
University of Michigan MCommunity Project Liz Salley Product Manager, Michigan Administrative Information Services Luke Tracy
Use case: Federated Identity for Education (Feide) Identity collaboration and federation in Norwegian education Internet2 International Workshop, Chicago,
IAM Online Thursday, July 8, 2010 – 1 p.m. EDT Eduroam in the U.S. Questions via Adobe Connect chat Audio via Adobe Connect – preferred Conference phone.
National Science Foundation Chief Information Officer CIO Fall Update for the Advisory Committee for Business and Operations: Identity Management 2.0 George.
The InCommon Federation The U.S. Access and Identity Management Federation
1 The Partnership Challenge Higher education’s missions are realized in increasingly global, collaborative, online relationships –Higher educations’ digital.
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign Secure Access to Research Infrastructure via the InCommon Federation.
Internet2 – InCommon and Box Marla Meehl Colorado CIO 11/1/11.
Integrating with UCSF’s Shibboleth system
Federated or Not: Secure Identity Management Janemarie Duh Identity Management Systems Architect Chair, Security Working Group ITS, Lafayette College.
Belnet Federation Belnet – Loriau Nicolas Brussels – 12 th of June 2014.
ITA/ISA Monthly Meeting March 20, 2015 Facilitator: David Miller Manager – OIT Support Services.
UCLA Enterprise Directory Identity Management Infrastructure UC Enrollment Service Technical Conference October 16, 2007 Ying Ma
Social Identity Working Group Steve Carmody. Agenda Intro to Using Social Accounts Status and Recent News –Current UT Pilot –Current InCommon Pilot with.
Federated Access to US CyberInfrastructure Jim Basney CILogon This material is based upon work supported by the National Science.
Federations 101 John Krienke Internet2 Fall 2006 Internet2 Member Meeting.
Integrated Institutional Identity Infrastructure: Implications and Impacts RL “Bob” Morgan University of Washington Internet2 Member Meeting, May 2005.
Outsourcing Student at USC Institute for Computer Policy and Law Cornell University, August 2008 Asbed Bedrossian Director of Enterprise Applications.
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.
Leveraging the InCommon Federation to access the NSF TeraGrid Jim Basney Senior Research Scientist National Center for Supercomputing Applications University.
Federated Identity Management at NIH…NIH Login and Beyond Debbie Bucci September 2009.
University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.
Stanford University & National Student Clearinghouse Shibboleth Pilot CAMP Phoenix, AZ February 5, 2009.
Identity Management, Federating Identities, and Federations November 21, 2006 Kevin Morooney Jeff Kuhns Renee Shuey.
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.
1 Managing Your Infrastructure in a Federated World CAMP – In Production: Management Tues, 22-June-2010, Raleigh, NC Kevin Morooney, Penn State, Moderator.
1 Identities and Federation: The Next IT Wave (The Canadian Access Federation) Rick Bunt President The Canadian University Council of CIOs (CUCCIO)
INTRODUCTION TO IDENTITY FEDERATIONS Heather Flanagan, NSRC.
© 2011 The University of Chicago Organizational Grouping, or Some New Authority & Risk Issues In Absentia: RL "Bob" Morgan, Kevin Morooney, Michael Gettes.
Tom Barton, Senior Director for Integration, University of Chicago
Federated Identity Management at Virginia Tech
Data and Applications Security Developments and Directions
John O’Keefe Director of Academic Technology & Network Services
InCommon Steward Program: Community Review
ESA Single Sign On (SSO) and Federated Identity Management
PASSHE InCommon & Federated Identity Workshop
Context, Gaps and Challenges
Registrars are a Barrier to Collaboration: Truth or CIO Pretext?
INFORMATION TECHNOLOGY NEW USER ORIENTATION
IAM Online Friday, February 12, 2010 “Introduction to Federated Identity Management” John O’Keefe, Lafayette College Questions either via Adobe Connect.
INFORMATION TECHNOLOGY NEW USER ORIENTATION
Shibboleth 2.0 IdP Training: Introduction
TeraGrid Identity Federation Testbed Update I2MM April 25, 2007
Presentation transcript:

IAM Online Friday, February 12, 2010 “Introduction to Federated Identity Management” John O’Keefe, Lafayette College Questions either via Adobe Connect chat or the conference call. Dial-in numbers: Preferred (from any phone where long distance has no add'l cost) (US/Canada only and only if above number costs user more than 800/866 calls) Access Code: # Brought to you by InCommon, in cooperation with Internet2 and the EDUCAUSE Identity and Access Management Working Group

Introduction to Federated Identity Management John O’Keefe Director, Academic Technology and Network Services Lafayette College 1

What is Federated Identity Management (FIdM) 2

The Questions How many off campus applications do you have (or are you planning to have)? How do these service providers verify the identity of your users? know who’s eligible to receive these services? know the user is active and hasn’t left the institution? How comfortable are you with the privacy and security of the identity data? 3

The Problems Access to outsourced services in a traditional way does not scale Authentication is managed by identity holder (user) on a case-by-case basis Authorization is managed by the Service Provider without institutional verification Security and privacy varies from service to service, user to user Accuracy and timeliness not managed by anyone In 2005, 11 different LC username/password combinations 4

Traditional Identity Management Institution A Institution B = Credentialing / Authentication = Authorization = User Credential Research Projects Physics Homework Service Shared Courses Library Provider Student Loan Service 5

Federated Identity Concept Institution A Institution B = Credentialing / Authentication = Authorization = User Credential Research Projects Physics Homework Service Shared Courses Library Provider Student Loan Service Federation 6

InCommon Federation US Research and Education Federation Over 200 participants representing over 4 million users and growing Sponsored partners include the National Science Foundation, the TeraGrid, the National Institutes for Health, EDUCAUSE, the National Student Clearinghouse, and companies offering library databases, human resource systems, and other important services Higher ed. participants include all types of colleges and universities – from the liberal arts (like Lafayette) to large research institutions (like University of Florida) Members agree to common participation rules and basic practices that allows each to inter- operate with the others 7

Use Lafayette College 8

The College 2,382 Students, 206 Faculty Small, residential, private liberal arts college Merged IT/Library organization with 29 IT staff Open-source centric Centralized IT 30% of 1 FTE dedicated to FIdM 9

What We Do With Federated Identity Library Applications (Jstor, RefWorks) Moodle Spaces (Lafayette’s collaborative Moodle instance) University Tickets Online e2Campus Google Apps (Not ) 10

What We Do With Federated Identity Spaces (I2 wiki) University of Washington Technology Wiki DreamSpark Internal network management apps 11

University Tickets Provides online ticket sales for campus events Student Life had previous arrangement with vendor Wanted to validate affiliation via LDAP import into THEIR system We pointed them to InCommon Now sending only basic attributes, no LDAP information 12

e2Campus SMS-based emergency notification system Spam-like s sent to campus users requesting password changes prompted project Collaborated with Public Safety Went live in October 2009 Makes using service easier and more secure 13

Moodle Spaces Our first use of SP Alumni Ambassadors (213 users) Oomycete Undergrad Molecular Genetics Network Alumni Chapter Volunteers (26 users) Uses ProtectNetwork IDs - Solved credential issuance problem for “lightly-affiliated” users 14

What’s Next for LC and FIdM: IdP Collaborations with other schools Financial Aid Applications iTunesU NSF & Grant Application/Management 15

What’s Next for LC and FIdM: SP WordpressMU Single Sign-On for web applications Banner Drupal Zimbra 16

Why Does This Matter? 17

Facilitates Collaboration Enables faculty, staff, and students both within and beyond your institution to use a common set of applications Enables faculty, staff, and students both within and beyond your institution to access, share, and manipulate a common set of data Enables faculty, staff, and students both within and beyond your institution to access research tools over the Internet and Internet2 18

Protects Collaboration Privacy - Sends the minimum amount of attributes Security - Keeps person attributes secured in your local identity vault and limits number of UserIDs and passwords Outsourcing - Enables integrated institutional use of external applications Regulations - Access that must adhere to Federal regulations can easily be provisioned 19

Questions? John O’Keefe web: twitter: okeefej_62 20

IAM Online Please take a few minutes and complete the survey about today’s IAM Online: Upcoming IAM Online: March 11, 2010, 1 p.m. (EST) “Provisioning of Remote Users,” by Mark Scheible, North Carolina State University April 8, 2010, 1 p.m. (EDT) “Making Federation Happen,” by Joel Cooper, Carleton College Go to CAMP! June 21-23, 2010 – InCommon CAMP – Raleigh, North Carolina “Exploring and Supporting Federated Access” Details soon at Brought to you by InCommon, in cooperation with Internet2 and the EDUCAUSE Identity and Access Management Working Group

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.