TF-Mobility. Rome, October 2009 A Few Ideas on eduroam Service Composition.

Slides:

Advertisements

Similar presentations

Federated Identity for Grid Architects Tom Scavo NCSA

Advertisements

Options for integrating the JANET Roaming Service (JRS) and Shibboleth Tim Chown University of Southampton (UK) JISC Access Management.

How Identity and Access Management Can Help Your Institution Touch Its Toes Renee Woodten Frost Internet2 and University of Michigan Kevin Morooney The.

COSC 541 Project: Firewalls Instructor: Professor Mort Anvari Students: Wei Li Houcheng Zhai Quarter: Spring 2001.

OOI-CI–Ragouzis– Ocean Observatories Initiative Cyberinfrastructure Component CI Design Workshop October 2007.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.

Achieving Competitive Advantage and ROI with MetaManager  Metadata Management  Content Enhancements  Standardization  Security and more…

A Successful RHIO Implementation

Infocard and Eduroam Enrique de la Hoz, Diego R. L ó pez, Antonio Garc í a, Samuel Mu ñ oz.

Implementing an Enterprise Security System for Internet Authentication and Authorization Ken Patterson, CISSP Information Security Officer Harvard Pilgrim.

Healthcare Identity Assurance Work Group a project of the Kantara Initiative Introduction to: By John Fraser, MEDNETWorld.com October 22 nd, 2009.

T Network Application Frameworks and XML Service Federation Sasu Tarkoma.

Object-Oriented Databases v OO systems associated with – graphical user interface (GUI) – powerful modeling techniques – advanced data management capabilities.

E J B J A V A X M L C O R B A M P L S D i f f S e r v I P V P N Q o S I P v 6 G P R S U M T S An Analysis.

Computing Concepts – Part 2 Getting Started with Applied Computer Concepts Computing Concepts: Part 2 1.

Information Sharing Puzzle: Next Steps Chris Rogers California Department of Justice April 28, 2005.

Mairéad Martin The University of Tennessee September 13, 2015 Federated Digital Rights Management.

The University of Wisconsin University Directory Service UDS A repository of people information Has been in production for about a year. Serves White pages,

Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

Regional Policy EXCHANGES OF INFORMATION BETWEEN THE M EMBER S TATE AND THE C OMMISSION (SFC2014) 22nd Meeting of the Expert Group on Delegated and Implementing.

Dr. Bhavani Thuraisingham October 2006 Trustworthy Semantic Webs Lecture #16: Web Services and Security.

U.S. Department of Agriculture eGovernment Program July 15, 2003 eAuthentication Initiative Pre-Implementation Status eGovernment Program.

VIRTUAL WORLDS IN EDUCATIONAL RESEARCH © LOUIS COHEN, LAWRENCE MANION & KEITH MORRISON.

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

Shibboleth Akylbek Zhumabayev September Agenda Introduction Related Standards: SAML, WS-Trust, WS-Federation Overview: Shibboleth, GSI, GridShib.

Copyright JNT Association Location awareness as an adjunct to mobility TF-Mobility Mark O’Leary July 8 th 2008.

Shibboleth: An Introduction

Module 3: Configuring File Access and Printers on Windows 7 Clients

Privacy Considerations for Internet Protocols Alissa Cooper 1.

Client/Server Model: A Business View The different Client/server implementations differ according to: 1.Where the processing for the presentation of information.

1 IHE ITI White Paper on Authorization Rough Cut Implementation Opportunities for BPPC Dr. Jörg Caumanns, Raik Kuhlisch, Olaf Rode Berlin,

Connect. Communicate. Collaborate Universität Stuttgart A Client Middleware for Token- Based Unified Single Sign On to eduGAIN Sascha Neinert, University.

Interoperable Trust Networks Chris Rogers California Dept of Justice February 16, 2005.

Shibboleth Trust Model Shibboleth/SAML Communities (aka Federated Administrations) Club Shib Club Shib Application process Policy decision points at the.

Diego R. Lopez, RedIRIS JRES2005, Marseille On eduGAIN and the Coming GÉANT Middleware Infrastructure.

Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.

Discussion - HITSC / HITPC Joint Meeting Transport & Security Standards Workgroup October 22, 2014.

1 Active Directory Service in Windows 2000 Li Yang SID: November 2000.

Value – From a Lean Perspective

5th TF-EMC2 Meeeting. Zagreb How AA-RR Says “Hello, SAML” José Manuel Macías Diego R. Lopez.

NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.

IS3220 Information Technology Infrastructure Security

Shibboleth Use at the National e-Science Centre Hub Glasgow at collaborating institutions in the Shibboleth federation depending.

Agenda  Microsoft Directory Synchronization Tool  Active Directory Federation Server  ADFS Proxy  Hybrid Features – LAB.

Workshop on Security for Web Services. Amsterdam, April 2010 Applying SAML to Identity Data Exchange.

The FederID project The First Identity Management and Federation Free Software.

Data Virtualization Tutorial: Introduction to SQL Script

University of Stuttgart University of Murcia

Data Virtualization Tutorial… OAuth Example using Google Sheets

Introduction How to combine and use services in different security domains? How to take into account privacy aspects? How to enable single sign on (SSO)

Virtual Private Networks (VPN)

The motivation Distributed knowledge sources Distributed experience

Goals Introduce the Windows Server 2003 family of operating systems

Multi-Domain User Applications Research (JRA3)

Federated Digital Rights Management

Consent and Federated Identity

Serpil TOK, Zeki BAYRAM. Eastern MediterraneanUniversity Famagusta

It Is All about Identity (Whatever the Sphere)

HingX Project Overview

e-Invoicing – e-Ordering 20/11/2008

Example Use Case for Attribute Authorities and Token Translation Services - the case for eduGAIN Andrea Biancini.

Metadata The metadata contains

A Prologue to Enumerated Authorization Policy ABAC Model.

Identity and Trust Management Platform in DICOM

The Attribute and the ecosystem

1. General-Setting-Automatically

HUD’s Coordinated Entry Data & Management Guide

Security Insights: Secure Messaging

Presentation transcript:

TF-Mobility. Rome, October 2009 A Few Ideas on eduroam Service Composition

TF-Mobility. Rome, October 2009 In Brief Take advantage of the eduroam data exchange to provide additional information useful to other services  Opaque identity  Attributes used for admission  Location  Postures (NEA/NAC/…) Possible use cases  Delegated authorization  Location-aware services  Security assessment

TF-Mobility. Rome, October 2009 Applying DAMe

TF-Mobility. Rome, October 2009 Some Possible Procedures The user knows their opaque identity  In advance (EPPN / EPTID)  Interactively (CUI)  By means of an artifact (eduToken  InfoCard) And can be applied to  Services controlling firewalls by a local user  Queries to establish location and origin at portals or service gateways  STS as enabler for other composed services  Enhanced log correlation and analysis  Any other consumer of the exchanged data

TF-Mobility. Rome, October 2009 A Path to Start Exploring Accessible data  Minimum impact on protocols Access procedures  Requirements for additional components Humans in the loop  Management  Privacy eduroam as consumer  Any use case? Let it happen ™