Updates on Shib, a bit of InCommon and International Federations.

Slides:



Advertisements
Similar presentations
The Basics of Federated Identity. Overview of Federated Identity and Grids Workshop Session 1 - for all Basics and GridShib Session 2 – more for developers.
Advertisements

The Art of Federations. Topics Federations of what… Federated identity versus federations Federations in other sectors – business, gov, ad hoc R&E Federations.
The rise, slowly, of a middleware infrastructure Ken Klingenstein Director, Internet2 Middleware and Security Ken Klingenstein Director, Internet2 Middleware.
1 Leveraging Your Existing Campus Systems to Access Resource Partners: Federated Identity Management and Tales of Campus Participation EDUCAUSE 2006 October.
From Authentication to Privilege Management to the Attribute Economy: Marketing runs amok…
Trends in Identity Management Nate Klingenstein Internet2 EDUCAUSE Security Professional 2007.
Federated Identity, Shibboleth, and InCommon Tom Barton University of Chicago © 2009 The University of Chicago.
Federated Access: Identity Management and Access to Protected Resources Renée Woodten Frost Associate Director, Middleware & Security
Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.
Drive-By Dialogues. Presenter’s Name Topics The Long Strange Trip of I2 – NLR Merger A Brief Comment on Optical Networking Middleware Developments Security.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
Internet Scale Identity, Collaboration and Higher Education.
Some Frontier Issues from the Wild, Wild West Ken Klingenstein.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.
Agenda Project beginnings and funding. Purpose of the federation. Federation members. Federation protocols. Special features in our federation. Pilot.
Presenter’s Name InCommon Approximately 80 members and growing steadily More than two million “users” Most of the major research institutions (MIT joining.
EAuthentication in Higher Education Tim Bornholtz Session 58.
InCommon Policy Conference April Uses  In order to encourage and facilitate legal music programs, a number of universities have contracted with.
New CyberInfrastructure for Collaboration between Higher Ed and NIH.
1 Update on the InCommon Federation, Higher Education’s Community of Trust EDUCAUSE 2005 October 19 10:30am-11:20am.
1 Leveraging Your Existing Campus Systems to Access Resource Partners: Federated Identity Management and Tales of Campus Participation Clair Goldsmith,
Federations and Security: A Multi-level Marketing Scheme Ken Klingenstein Director, Internet2 Middleware and Security.
Stitching It All Together. Discussion Topics Peering and confederation Privacy principles Working with other sectors Virtual Organizations (VO's) Moving.
To identity federation and beyond! Josh Howlett JANET(UK) HEAnet 2008.
CILogon and InCommon: Technical Update Jim Basney This material is based upon work supported by the National Science Foundation under grant numbers
The InCommon Federation The U.S. Access and Identity Management Federation
Interfederation RL “Bob” Morgan University of Washington and Internet2 Digital ID World 2005 San Francisco.
1 The Partnership Challenge Higher education’s missions are realized in increasingly global, collaborative, online relationships –Higher educations’ digital.
1 The InCommon Federation John Krienke Internet2 Spring Member Meeting Tuesday, April 25, 2006.
The Rise of Federations…Almost Everywhere. Topics Federation Basics Drivers Components International and pulic sector developments InCommon and its uses.
External Identity and Authorization in GENI. Topics Federated identity and virtual organizations ABAC Creating and transporting attributes.
Federations: success brings new challenges Ken Klingenstein Director, Internet2 Middleware and Security.
InCommon as Infrastructure: How Recommended Practices and Federation Features Help Scale Federated Identity Management Michael R. Gettes, Carnegie Mellon.
InCommon, other federations, the attribute ecosystem, and some killer apps needing guns…
VO and Internet2 Middleware. Presenter’s Name Topics Motivations for Internet2 Middleware work Federated identity and InCommon Other IdM Groups, privileges,
InCommon Update Internet2 Meeting April 20, 2004 Ken Klingenstein and Carrie Regenstein.
Identity Federations: Here and Now Renée Shuey Penn State and InCommon.
Stuff, including interfederation stuff Dr Ken Klingenstein, Director, Middleware and Security, Internet2.
HATHITRUST A Shared Digital Repository HathiTrust and TRAC DigitalPreservation 2012 July 25, 2012 Jeremy York, Project Librarian, HathiTrust.
GridShib: Grid/Shibboleth Interoperability September 14, 2006 Washington, DC Tom Barton, Tim Freeman, Kate Keahey, Raj Kettimuthu, Tom Scavo, Frank Siebenlist,
NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.
Shibboleth A Federated Approach to Authentication and Authorization Fed/Ed PKI Meeting June 16, 2004.
1 InCommon Identity & Access Management Federation John Krienke Operations Manager, InCommon Assistant Director, Internet2
Federations 101 John Krienke Internet2 Fall 2006 Internet2 Member Meeting.
Scared Straight… if you want to go outside… Authenticate Locally, Act Globally.
National Authentication and Authorization Infrastructures and NRENs Ken Klingenstein Director, Internet2 Middleware and Security.
Internet2: building and using an advanced network environment for research, teaching and learning APRU CIO Forum, 23 March 2007 Heather Boyles,
Shibboleth Update Eleventh Federal & Higher Education PKI Coordination Meeting (Fed/Ed Thursday, June 16, 2005.
Middleware Futures Internet2 Member Meeting Arlington VA, April 2006 RL “Bob” Morgan, University of Washington and Internet2.
University of Washington Identity and Access Management IEEAF – RENU Network Design Workshop Seattle - 29 Nov 2007 Lori Stevens, Director, Distributed.
Shibboleth: Molecules, Music, and Middleware. Outline ● Terms ● Problem statement ● Solution space – Shibboleth and Federations ● Description of Shibboleth.
The UK Access Management Federation John Chapman Project Adviser – Becta.
Federated Identity Management at NIH…NIH Login and Beyond Debbie Bucci September 2009.
Shibboleth & Federated Identity A Change of Mindset University of Texas Health Science Center at Houston Barry Ribbeck
AAI in Europe ++ Ken Klingenstein Director, Internet2 Middleware and Security.
Federations: The New Infrastructure Speaker Name Here Date Here Speaker Name Here Date Here.
Federated Identity in the Global Landscape. Presenter’s Name Topics Federated identity basics International deployments and issues National, local and.
InCommon® for Collaboration Institute for Computer Policy and Law May 2005 Renee Shuey Penn State Andrea Beesing Cornell David Wasley Internet 2.
Growth. Interfederation PKI is globally scalable Unfortunately, its not locally deployable… Federation is locally deployable Can it.
InCommon Federation: Federating Relationships. Topics Administration Library Research Student Services Personal and Collaborative Applications Federal.
Leveraging Campus Authentication to Access the TeraGrid Scott Lathrop, Argonne National Lab Tom Barton, U Chicago.
Shibboleth Roadmap
The State of Federations
InCommon and Federated Identity Update
New CyberInfrastructure for Collaboration between Higher Ed and NIH
Topics The simple life The Simple Life GUI The full IdM life
Context, Gaps and Challenges
Overview and Development Plans
Updates on Shib, a bit of InCommon and International Federations
Shibboleth 2.0 IdP Training: Introduction
Presentation transcript:

Updates on Shib, a bit of InCommon and International Federations

Presenter’s Name Topics Shib 2.0 and Autograph Non-federal aspects of InCommon International peering Others will do InCommon and the US Gov, Usher, etc…

Presenter’s Name State University Federations State university federations - Texas, California, CSU, etc Leverage existing infrastructure in both policies and shared applications Some, such as the California Digital Marketplace, reach very broad populations

Presenter’s Name InCommon US R&E Federation Members join a 501(c)3 Addresses legal, LOA, shared attributes, business proposition, etc issues Approximately 55 members and growing A low percentage of national Shib use…

Presenter’s Name InCommon Members 5/1/07 Case Western Reserve University Clemson University Cornell University Dartmouth Duke University Florida State University Georgetown University Indiana University Miami University New York University Ohio University Penn State Stanford University Stony Brook University SUNY Buffalo Texas A&M The Ohio State University The Johns Hopkins University The University of Chicago University of Alabama at Birmingham University of California, Davis University of California, Irvine University of California, Los Angeles University of California, Merced University of California, Office of the President University of California, Riverside University of California, San Diego University of Maryland University of Maryland Baltimore County University of Maryland, Baltimore University of Rochester University of Southern California University of Virginia University of Washington University of Wisconsin - Madison Cdigix EBSCO Publishing Elsevier ScienceDirect Houston Academy of Medicine - Texas Medical Center Library Internet2 JSTOR Napster, LLC OCLC OhioLink - The Ohio Library & Information Network ProtectNetwork Symplicity Corporation Thomson Learning, Inc. Turnitin WebAssign

Presenter’s Name Key aspects of InCommon Federating software Shib 1.2+ (other possibilities in the future) Shared attributes and schema eduPerson right now Levels of authentication POP (participant operational practices) for LOA-today InCommon Bronze and Silver will map to LOA 1 & 2 Management Steering committee of members IT executives Operations staffed by Internet2

Presenter’s Name InCommon Management/Governance Steering Committee of campus/vendor CIO’s and policy people – sets policies for membership, business model, etc. Technical advisory committee - Sets common member standards for attributes (eduPerson 2.0), identity management good practices, etc.

Presenter’s Name Shibboleth Shib 1.3 widely deployed; 1.2 still common Along the way, other capabilities added: ADFS compatibility for WS-Fed, (MS $) Eauthentication certification (with waiver form:)) Shib 2.0 completes the SAML+Shib integration More compatible with COTS SAML 2.0 products than they are with each other A Shib/SAML to TCP/IP analogy isn’t bad; Shib adds multi-party federation support through metadata, ARPS, etc. Also eases support for n-tier, non-web and other capabilities Alpha for Unix and Windows now being released

Presenter’s Name The Shibboleth 2.0 Sidebar Support for the attribute ecosystem attribute handling, including policy, in both SP and IdP designed to be reusable for other protocols (eg CardSpace) sets stage for further work on multiple attribute sources, reputation management, etc. All Java SP (in addition to current Java/Apache), easing integration for some applications Trust management PKI still seems too hard, even at the simpler enterprise level Supports a broad set of trust choices – CA’s, certs, plain keys, managing site metadata (naming, acquisition, validating) A product of years of painful experience

Presenter’s Name Federated Applications Mostly access controls to content The first shibbed collaborative apps are appearing… Several wikis Digital repositories such as DSpace and Fedora Learning Management Systems such as WebCT IM, p2p fileshare (Lionshare), CVS Grid-Shib integration in several ways SIP based tools (videoconferencing, audioconferencing) within reach Bootstrapping from duct tape sometimes a problem

Presenter’s Name Membership in InCommon 53 members, perhaps 25 million students covered, growing slowly but steadily Some interesting discussions Apple, Google, Microsoft all as SP’s The assertion of student-ness National Energy Labs, as IdP’s and SP’s And off in testshib… The Navy, Google, …

Presenter’s Name International Federations Many nations now have federations; OECD and the UN are looking at ways to address the other Status ranges from fully developed (Finland, Switzerland, Norway, Netherlands) to rapidly growing (France, UK) to struggling but moving forward (Denmark, Belgium) to just starting (Germany, Italy) Several uses cases are already emerging for interfederation arrangements Wikis, grids…

Presenter’s Name 9-9:30 Welcome and intros Desired Outcomes: a prototype agreement between federations that all attendees can take back to their federation for discussion. 9:30-10:30.A Few Federation Updates, with some emphasis on interfederation or inter- sector issues FEIDE UK Access Manage InCommon Liberty Instances. Others? Key takeaways: state of the R&E world state of the commercial world 11:00-11:30Use cases Common Interfederation needs Use of proxies 11:30 -12:00Agreement on terms Categories of relationships between federations (peering, overlapped, leveraged, confederation, hierarchical, etc.) Multi- homed institutions - pros and cons Transitivity situations - necessary? desirable? Categories of policy issues Service models - trust broker, bulk services provider, etc. Business models - uniform fees, RP pays, subsidized, etc.

Presenter’s Name Afternoon of International Peering Attributes Validity requirements Eppn policy Privacy requirements Special identifiers User specified? RP specified? Transient? LOA Credentials? Attributes? Both?? POP management and/or requirements Standard levels: Can we agree...?? Audit: requred? who does it? who sees it? Federation practices in support of LOA Standard practises between federations

Presenter’s Name Late afternoon international peering Legal and Financial Liability issues Financial Considerations (dues, transactions, etc) Dispute Resolution Can the federation commit its members? Working with commercial federations? Non NREN academic federations? Kinda technical issues WAYF Trust anchors (use of commercial CA’s) Help desk and problem resolution Wrap-ups and Next Steps OECD? UN? OASIS? etc. Where to continue and how Who's got the ball? Nice dinner if we’ve earned it…

Presenter’s Name Collaboration tools Expanding enterprise and federated versions of popular tools Adding identity, group and privilege management Providing security and privacy Adding the middleware extensions for virtual organizations Integrating the VO life with the campus life in portals, videoconferencing, etc.

Presenter’s Name VOs plumbed to federations

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.