Learning Management Systems Camp June 2004 Barry R Ribbeck UT HSC Houston Copyright, Barry Ribbeck, 2004. This work is the intellectual property of the.

Slides:



Advertisements
Similar presentations
Shibboleth and UKAMF-FEAR not as scary as it sounds! Rhys Smith Cardiff University.
Advertisements

Eduserv Athens Federations David Orrell Eduserv Athens Technical Architect.
Glenn Johnson John A. Dutton e-Education Institute Project Manager, Penn States e-Portfolio Initiative Glenn Johnson John A. Dutton e-Education Institute.
What Does the Net Generation Expect From Us? SAC August 8, 2005 SAC August 8, 2005 Copyright © 2005, Joel L. Hartman. This work is the intellectual property.
Student, Faculty, and Staff Data Availability and Protection What’s the Back-Up Plan? (for academic computing) Sponsored by.
Copyright Tom Parker, Ron DiNapoli, Andrea Beesing, Joy Veronneau This work is the intellectual property of the authors. Permission is granted for.
Andrea Eastman-Mullins Information & Technology Coordinator University of North Carolina, Office of the President Teaching and Learning with Technology.
Provisioning 101: Cutting Costs, Enhancing Security, and Improving Service David Lavenda VP Marketing & Product Strategy June 19, 2003 © Business Layers.
Multi-Organizational Authorization Services RL “Bob” Morgan, University of Washington Internet2/Educause Advanced CAMP Boulder, Colorado July 2003.
EDINA 20 th March 2008 EDINA Geo/Grid - Security Prof. Richard O. Sinnott Technical Director, National e-Science Centre University of Glasgow, Scotland.
Copyright Shanna Smith & Tom Bohman (2003). This work is the intellectual property of the authors. Permission is granted for this material to be shared.
Moving Your Paperwork Online Western Washington University E-Sign Web Forms Copyright Western Washington University, This work is the intellectual.
So You Want to Switch Course Management Systems? We Have! Come Find Out What We’ve Learned. Copyright University of Okahoma This work is the intellectual.
Shibboleth and InCommon Copyright Texas A&M University This work is the intellectual property of the author. Permission is granted for this material.
CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
Shibboleth Update a.k.a. “shibble-ware”
CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,
Administrative Information Systems Shibboleth: The Next Generation ISIS Technical Information Session for Developers Datta Mahabalagiri March
Identity Management – Why and How Experiences at CU-Boulder Copyright Linda Drake, Director of Development and Integration, University of Colorado, Boulder,
EDUCAUSE April 25, 2006Enforcing Compliance with Security Policies … Enforcing Compliance of Campus Security Policies Through a Secure Identity Management.
1 No More Paper, No More Stamps: Targeted myWSU Communications Lavon R. Frazier April 27, 2005 Copyright Lavon R. Frazier, This work is the intellectual.
Sharing Information and Controlling Content: Continuing Challenges for Higher Education Susanna Frederick Fischer Assistant Professor Columbus School of.
NERCOMP Managing Campus Affiliates Managing Campus Affiliates Faculty? Student? Faculty? Student? Staff? Criss Laidlaw Director of Administrative.
Copyright Michael White and Sandra Thompson, This work is the intellectual property of the author. Permission is granted for this material to be.
Office of Information Technology Balancing Technology and Privacy – the Directory Conundrum January 2007 Copyright Barbara Hope and Lori Kasamatsu 2007.
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.
Using Levels of Assurance Well, at least thinking about it…. MAX (just MAX)
MAT U M A T U Middleware Assisted Take-Up Service For JISC Funded Early Adopters.
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 NMI R3 Enterprise Directory Components.
Technical Topics for Deployed Campuses: Web SSO Will Norris University of Southern California.
1 Protection and Security: Shibboleth. 2 Outline What is the problem Shibboleth is trying to solve? What are the key concepts? How does the Shibboleth.
Internet 2 Weaving a Trust Fabric Shibboleth & PKI Spring 2003 Barry R Ribbeck University of Texas Health Science Center at.
Shibboleth What is it and what is it good for? Chad La Joie, Georgetown University.
1 Presenters: Lucretia Parham Sara Connor Armstrong Atlantic State University October 30, :45 – 12:35 Copyright Sara Connor and Lucretia Parham,
Digital Diversity: Multi- institutional Access to Distributed Course Resources Barry Ribbeck UT HSC - Houston.
©Stephen Kingham SIP Protocol overview SIP Workshop APAN Taipei Taiwan 23rd Aug 2005 By Stephen Kingham
Integration is Critical for Success Curriculum Course Delivery Ongoing Support Instructor & Learner.
Portals and Web Standards Lessons Learned and Applied David Cook Copyright The University of Texas at Austin This work is the.
Shibboleth & Federated Identity A Change of Mindset University of Texas Health Science Center at Houston Barry Ribbeck
Legal Issues in the “E-Learning Business” Jonathan Alger University of Michigan October 29, 2001 Copyright Jonathan Alger This work is the intellectual.
WebISO, Single Sign-On & Authorization General Overview Shelley Henderson Project Manager, Grid Software USC Information Services Copyright.
Bringing it All Together: Charting Your Roadmap CAMP: Charting Your Authentication Roadmap February 8, 2007 Paul Caskey Copyright Paul Caskey This.
NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.
© Scottsdale Community College Leveraging the Power of E-Learning Taking your course to a higher level Presented by Sidne Tate Director, Instructional.
Resources to CAMP: Charting Your Authentication Roadmap.
Introduction to Terra Dotta Applications Integration with Campus Data Systems for institutions beginning their software implementation.
Blackboard Learning System r6 and Shibboleth Barry Ribbeck U.Texas Health Science Center at Houston Christopher Etesse Blackboard Inc.
University of Southern California Identity and Access Management (IAM)
SIP Protocol overview SIP Workshop APAN Taipei Taiwan 23rd Aug 2005
Federated Identity Management at Virginia Tech
John O’Keefe Director of Academic Technology & Network Services
e-Infrastructure Workshop 28th March 2006, University of Leeds
Federating with NIH, NSF, and the National Student Clearinghouse
Copyright Notice Copyright Bob Bailey This work is the intellectual property of the author. Permission is granted for this material to be shared.
Blaine A. Brownell, President,
University of Southern California Identity and Access Management (IAM)
Privilege Management: the Big Picture
Project for OnLine Instructional Support (POLIS)
Open Source Web Initial Sign-On Packages
myIS.neu.edu – presentation screen shots accompany:
Signet Privilege Management
An App A Day Copyright Tina Oestreich and Brian Yuhnke This work is the intellectual property of the author. Permission is granted for this material.
Technical Topics in Privilege Management
Shibboleth Deployment Overview
Managing Enterprise Directories: Operational Issues
Signet Privilege Management
Presentation transcript:

Learning Management Systems Camp June 2004 Barry R Ribbeck UT HSC Houston Copyright, Barry Ribbeck, This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.

Copyright Barry Ribbeck This work is the intellectual property of the author. Permission is granted for this material to be shared for non- commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.

Learning Management Systems  Define courses to be offered and with whom.  Work with provider access group(s) to define requirements for: 1.Administrative and legal issues 2.Policy 3.Security 4.Monetary reimbursement considerations 5.Document retention 6.Technical implementation and user support 7.Document any implementation issues and readdress with access group(s)

Things are moving Fast Burton Group Quote from Vantage Security Magazine Spring 2004 “The Burton Group estimates that about 100 federation projects have been launched throughout the corporate world, with thousands of other actively investigating it for their firms.”

Learning Management Systems Current Processes for Identity Provider  Join a Federation common to the Resource Provider!  Work out any bi-lateral agreements as needed.  ASSUMES 1-6 in previous slide is done!  Test support mechanisms.  Supply a list of EPPNs to Resource Provider for Population into BB course (can be done in bulk) or activate auto provisioning.  Agree on assertion exchange for authZ and provision in local directory.  COURSE BEGINS  Agree on de-provisioning method and data management after the course is completed.

Learning Management Systems Current Process for Resource Provider  Join a Federation common to Authentication Provider.  Work out any bi-lateral agreements as needed.  ASSUMES 1-6 in previous slide is done!  Test support mechanisms  Define the AAP for Identity Provider access using agreed upon attribute assertion(s).  Provision the Bb database  COURSE BEGINS  Provide Identity Provider with post course data as required  Complete records retention as defined

Blackboard Learning Management System  Requirements Shib 1.0 or greater* Blackboard or higher  Support Shibboleth will be fully supported as a custom authentication option in Bb (currently in a limited Alpha release)  Disclaimer Limited support, tested only on Red Hat Linux and Sun Solaris implementations

Connection Details UTHSC Implementation  User connecting to {shib(Bb)} is redirected to Wayf as expected  Resource requires eppn and eduPersonEntitlement  If AA assertions are accepted, Bb remote user is populated with eppn BbShibbolethAuthModule gets the remote user and creates the user object in BbLS –Can be extended via “Bb Advanced Data and Authentication Manual” –See next slide  Bb can create user account in DB on login (User Account Generation on Gateway: Enable ) or it can be created a priori  Currently, course admin must add user to respective courses manually or in batch process * * This assumes a particular database management model

Yet to be done? Updated  Standardization on value to populate remote user DONE! EPPN  A way to mix local and shib users by redirection at portal by user choice or failover to Shib DONE!

Ongoing Work  Standardized Course attributes in LDAP (see Mace Course ID work)  Shibboleth protected Portals (EZ Proxy coming soon)  Non-Web based shibboleth protected resources (Pen State LionShare, Napster, ShibIM).  RBAC (see Mace Dir Grouper).  Just-in-time provisioning using asserted courseid attributes from identity provider and edupersonEntitlement discussions.

Shibboleth and Blackboard Home University Attribute Authority Authentication System (ISO/SSO/Cert) Handle Service Service Provider ACS AR Attribute Acceptance Policy Sites.xml Resource Manager Browser Federation WAYF SERVICE (IN COMMON) 1. I would like access? 3. Where are you from? 4. I am from HU, logged in? Identity Provider Resource Provider 5. Authenticate me to HU 2. Can you authenticate via my Wayf ? 7. Need eppn & eduPersonEntitlemnt for X? 6. AuthN ok send handle X to Resource Provider 8. Link Handle X to user and Lookup attributes RBAC Authorization System - LDAP (eduperson) 9. Attributes found and Released 10. If ARP allows, attributes are sent to Resource. If attributes are sufficient, access is granted by Resource Manager on Resource Provider Bb remoteuser=eppn auto acct generation = on 11 Logged onto Bb Shib Software =

The Ever Risky Live Demo

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.