17 th TF-EMC2. Lyon, February 2011 On the Many Ways to Identity Exchange D i g i t a l i d e n t i t i e s a r e m o r e v a l u a b l e a s t h e y a.

Slides:



Advertisements
Similar presentations
Contrail and Federated Identity Management
Advertisements

2005 © SWITCH Authentication and Authorization Infrastructure Martin Sutter, Head of NetServices Thomas Lenggenhager, Deputy Project Manager AAI Christoph.
TAC - Poznan, 6 June 2005 Building trust with a European style Diego R. Lopez RedIRIS.
TF-EMC2 February 2006, Zagreb Deploying Authorization Mechanisms for Federated Services in the EDUROAM Architecture (DAME) -Technical Project Proposal-
Connect. Communicate. Collaborate The eduGAIN Way Diego R. Lopez - RedIRIS.
T Network Application Frameworks and XML Service Federation Sasu Tarkoma.
GRDevDay March 21, 2015 Cloud-based Identity for Applications.
The TERENA Academic CA Repository. eIRG Meeting. Dublin, 16/04/2004 Diego R. Lopez – TF-AACE  Task Force on Authentication and.
Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.
18 th TF-EMC2. WebEx, June 2011 Diego R. Lopez, RedIRIS On the Many Ways to Identity Exchange (Again) Digital identities are more valuable as they are.
Here Come the Feds Federated identity management: the consumer’s perspective Jens Jensen, STFC On behalf of EUDAT AAI TF EGI CF Manchester April 2013.
Federated Identity Management in New Zealand Sat Mandri Service Manager TNC15 REFEDs Meeting, 14 th June 2015.
Developments and challenges in authentication and authorisation Klaas Wierenga Berlin, 23 May 2006.
Identity Management Report By Jean Carreon and Marlon Gonzales.
Workgroup Discussion on RESTful Application Programming Interface (API) Security Transport & Security Standards Workgroup January 12, 2014.
Belnet Federation Belnet – Loriau Nicolas Brussels – 12 th of June 2014.
High-quality Internet for higher education and research AAI from the NREN perspective Schiphol, October 17, 2005
Connect. Communicate. Collaborate Federation Interoperability Made Possible By Design: eduGAIN Diego R. Lopez (RedIRIS)
Shibboleth Akylbek Zhumabayev September Agenda Introduction Related Standards: SAML, WS-Trust, WS-Federation Overview: Shibboleth, GSI, GridShib.
AAI WG EMI Christoph Witzig on behalf of EMI AAI WG.
Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS.
Test your IdP
Access Management 2.0: UMA for the #UMAam20 for questions 20 March 2014 tinyurl.com/umawg for slides, recording, and more 1.
Authentication and Authorisation for Research and Collaboration Licia Florio AARC Workshop The AARC Project Brussels, 26 October.
Authentication and Authorisation for Research and Collaboration Michał Jankowski, Maciej Brzeźniak AARC General Meeting, Milan.
Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos GRNET Proposed Pilots for Libraries and eGov.
Connect. Communicate. Collaborate Universität Stuttgart A Client Middleware for Token- Based Unified Single Sign On to eduGAIN Sascha Neinert, University.
Diego R. Lopez, RedIRIS JRES2005, Marseille On eduGAIN and the Coming GÉANT Middleware Infrastructure.
Diego R. Lopez, RedIRIS TF-EMC2, Umea SIR, FedSSH and more to come…
Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.
Connect. Communicate. Collaborate Deploying Authorization Mechanisms for Federated Services in the eduroam architecture (DAMe)* Antonio F. Gómez-Skarmeta.
REST By: Vishwanath Vineet.
Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos Open Day Event: Towards the European Open.
REFEDS. Rome, October 2009 Attribute space: LoAs, aggregation and reputation.
DICE: Authorizing Dynamic Networks for VOs Jeff W. Boote Senior Network Software Engineer, Internet2 Cándido Rodríguez Montes RedIRIS TNC2009 Malaga, Spain.
Introduction & use-cases FedAuth IETF78 Maastricht, July 27, 2010
Connect communicate collaborate Trust & Identity EC meets GÉANT 19 June 2014 Brussels Valter Nordh, NORDUnet Federation as a Service Task Leader Trust.
WSO2 Identity Server 4.0 Fall WSO2 Carbon Enterprise Middleware Platform 2.
EMI is partially funded by the European Commission under Grant Agreement RI Security Token Service (STS) Simplified Credential Management Henri.
INDIGO – DataCloud Security and Authorization in WP5 INFN RIA
David Groep Nikhef Amsterdam PDP & Grid AARC Authentication and Authorisation for Research and Collaboration an impression of the road ahead.
Workshop on Security for Web Services. Amsterdam, April 2010 Applying SAML to Identity Data Exchange.
AAI Interconnection with an European style Diego R. Lopez RedIRIS.
Connect. Communicate. Collaborate Applying eduGAIN to network operations The perfSONAR case Diego R. Lopez (RedIRIS) Maurizio Molina (DANTE)
Networks ∙ Services ∙ People Licia Florio TNC, Lisbon Consuming identities across e- Infrastructures 16 June 2015 PDO GÈANT.
Applying eduGAIN to network operations The perfSONAR case
Cross-sector and user-centric AAI
EGI Updates Check-in Matthew Viljoen – EGI Foundation
Introduction to Windows Azure AppFabric
eduTEAMS platform for collaboration Niels Van Dijk
SaaS Application Deep Dive
Node.js Express Web Services
CheckIn: the AAI platform for EGI
SIROPE OAuth and OAuth2 Living in SIR
Introduction How to combine and use services in different security domains? How to take into account privacy aspects? How to enable single sign on (SSO)
Addressing the Beast: Single Sign-On II
OpenID Enhanced Authentication Profile (EAP) Working Group
OpenID Connect Working Group
The DAMe’s First Steps: eduroam and NAS-SAML
ACS Functionality.
Multi-Domain User Applications Research (JRA3)
AAI Architectures – current and future
Community AAI with Check-In
OpenID Connect Working Group
OpenID Enhanced Authentication Profile (EAP) Working Group
OpenID Enhanced Authentication Profile (EAP) Working Group
Computer Network Information Center, Chinese Academy of Sciences
D Guidance 26-Jun: Would like to see a refresh of this title slide
eIDAS-enabled Student Mobility
Check-in Identity and Access Management solution that makes it easy to secure access to services and resources.
Presentation transcript:

17 th TF-EMC2. Lyon, February 2011 On the Many Ways to Identity Exchange D i g i t a l i d e n t i t i e s a r e m o r e v a l u a b l e a s t h e y a r e m o r e w i d e l y a s s e r t a b l e Diego R. Lopez, RedIRIS

17 th TF-EMC2. Lyon, February 2011 The Open Fronts Life beyond SAML  OpenID and “Identity 2.0”  OAuth and JWT Seeking for meeting points  eIRG  STORK  eduGAIN, PEER, MDX, …  AAI convergence and STS efforts Sort of Proxying  Inner access: TERENA SPP  Outer access: Proposal to REFEDS

17 th TF-EMC2. Lyon, February 2011 The twodotosphere MACE’s WG on OpenID   Guidance, toward some degree of standardization  Examine the demand for, and applicability of, SAML/OpenID gateways Integrating identities both ways  Logins4Life  Social authsources  social2saml.org  SIR-enabled Facebook groups  Social discovery services

17 th TF-EMC2. Lyon, February 2011 Tokens and token formats OAuth2 consolidating  Several rather mature I-Ds making their way up in IETF  And proposals based on it UMA, inside Kantara REST token-based access, inside GN3 JWT: JSON Web Token  Intended for space constrained environments HTTP Authorization headers URI query parameters  Simpler to code and parse OAuth2 AP: JWT: Proof-of-concept for SIR-REST integration

17 th TF-EMC2. Lyon, February 2011 Higher Convergence STORK progressing  Proposal for making EC services STORK-aware  Seeking for new use cases in academic space  Lever for integration with governmental infrastructures eIRG on AAIs  Convergence in academic space a key issue  Federations as the main enablers  Integration with the wider Internet  A long way to go, policy-wise  Acknowledgement to TERENA and REFEDS role

17 th TF-EMC2. Lyon, February 2011 Lower Convergence Metadata aggregators  PEER (not) vs. eduGAIN Several services integrating federations and Grid PKIs  Watch Chris’ talk on this Convergence at the WS level: STS  SURFNet experiments and CLARIN interest  EMI-EGI initiative  GEMBus STS (soon to be demonstrated)  EUGridPMA to explore policy aspects

17 th TF-EMC2. Lyon, February 2011 The Identity Swiss Knives Proxying is a wide concept that can address solutions to a wide variety of issues Simplify management  See Dick’s talk Increase federation usage  The most usual application Boost privacy  Only provide an IP to access resources Enhance user experience  Resolvers and deep-linking Expanding applicability  WS-based interfaces and non-Web clients

17 th TF-EMC2. Lyon, February 2011 A Proposal for REFEDS Funding The goals  Remote federated proxy administration  Centralized configuration of proxy meshes  Non-Web clients in third party WS environments  Neutral link resolution and deep linking The technologies  EZProxy  Apache2 proxy capabilities The players: WAYF and RedIRIS

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.