Developments in Access and Identity Management Phil Leahy – Athens Product Manager.

Slides:

Advertisements

Similar presentations

Athens and Shibboleth ® : the choices Phil Leahy Athens Product Manager.

Advertisements

E-resources Collection Management Anna Grigson E-resources Manager.

Shibboleth and UKAMF-FEAR not as scary as it sounds! Rhys Smith Cardiff University.

Authorisation Models for National Scale Services Alan Robiette Joint Information Systems Committee

Supporting education and research Core Middleware Development Nicole Harris, Programme Manager, JISC Middleware Team.

Joint Information Systems Committee 01/04/2014 | | Slide 1 Connecting People to Resources The JISC Access Management Strategy Nicole Harris Programme Manager.

Joint Information Systems Committee 01/04/2014 | slide 1 Support e-Research at JISC Access Management and Security Joint Information Systems CommitteeSupporting.

Eduserv Athens Federations David Orrell Eduserv Athens Technical Architect.

Next Generation Athens Services Ed Zedlewski UK e-Science Town Meeting, London, 11 April 2005.

OpenAthens LA 2.0 implementation Matt Durant. Outline Bath Spa University Why single sign-on? –Improving the user experience The project / decision making.

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.

Supporting education and research JISC ‘Accessing the Future’ Addressing the needs of Further Education and smaller institutions Nicole Harris, JISC Programme.

KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.

The future of access management today Hilton London Paddington hotel 27 October 2010.

Rethink supporting the Good Recruitment Campaign 0 15 th October 2014.

Joint Information Systems Committee Connecting People to Resources Federated Access Management within the UK Nicole Harris Senior Services Transition Manager,

JISC Metaleth Project Athens, Shibboleth and the University of Bristol 29 th January 2007.

Norman Wiseman JISC Head of Programmes Presentation to CNI Seattle, December 1998 ATHENS ATHENS One Year On Joint Information Systems Committee.

Joint Information Systems Committee 19/05/2015 | | Slide 1 Connecting People to Resources The UK Access Management Federation Nicole Harris Programme Manager.

Joint Information Systems Committee 19/05/2015 | | Slide 1 Voyage of the UK JISC Federation: Shibbolising the UK’s Research, Higher and Further Education.

Emory University Case Study I2 Day Camp November 5, 2010 John Ellis & Elliot Kendall.

Copyright JNT Association 20051Optional Copyright JNT Association Joining the UK Access Management Federation 4th April.

1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.

Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.

Case Study: Newcastle University

Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –

Shibboleth access management: a replacement for Athens and more? Mark Norman and Christian Fernau OUCS 21 June 2007.

Authentication Systems and Single Sign-On (SSO) David Orrell, Eduserv Athens 1st EuroCAMP, 2-4 March 2005, Turin, Italy.

Alumni Authentication… Explained Robert Scaysbrook – OpenAthens UK Account Manager.

Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.

Athens Building Communities Ed Zedlewski & Lyn Norris UKSG, Warwick, April 2002.

Supporting further and higher education Current A&A Developments in the UK Alan Robiette, JISC Development Group.

Implications for UK infrastructure No more dependency on the VERY LARGE centralised database of Athens Need for implementation of a national WAYF service.

Identity Management in Education. Welcome Scott Johnson, NetProf, Inc. Creator of OmnID Identity Management for Education

Directory Services at UMass  Directory Services Overview  Some common definitions  What can a directory do or not do?  User Needs Assessment  What.

Supporting further and higher education AA(A) – What does it mean to the service provider? Alan Robiette, JISC Development Group.

Single Sign-On Offerings Dustin MacIver EBSCO Publishing 6/4/2011.

New Developments in Authentication and Access Management Alan Robiette JISC Development Group JISC-NSF-DLI2 Meeting, 2002.

Aoife Lawton Systems Librarian HSE. Outline eLibrary models of authentication Library/Librarian visibility – some tips Mobile technologies Federated Search.

Exploring InCommon Getting Started with InCommon: Creating Your Roadmap.

Supporting further and higher education UK Middleware Update TF-EMC2 Meeting, 4 November 2004 Alan Robiette, JISC Development Group.

U.S. Department of Agriculture eGovernment Program August 14, 2003 eAuthentication Agency Application Pre-Design Meeting eGovernment Program.

U.S. Department of Agriculture eGovernment Program July 23, 2003 eAuthentication Initiative Agency Responsibilities and Funding Discussion eGovernment.

I2Q & WMnet Pilot Presented by Jason Rousell – i2Q Jay Neale - i2Q.

Welcome slide. From innovation to implementation to sector change: the view from HEFCE JISC Innovation Forum Keele University, 15 July 2008 Dr John Selby.

Helsinki Institute of Physics (HIP) Liberty Alliance Overview of the Liberty Alliance Architecture Helsinki Institute of Physics (HIP), May 9 th.

Supporting further and higher education Middleware and AA within the JISC Environment Nicole Harris, JISC Development Group.

U.S. Department of Agriculture eGovernment Program July 15, 2003 eAuthentication Initiative Pre-Implementation Status eGovernment Program.

Walk-in Cardiff Met Julie Neenan Information Advisor – Electronic Services.

TERENA NORDUnet Networking Conference 1999 Lund Norman Wiseman JISC Head of Programmes JISC Programme for Middleware Development.

MAT U M A T U Middleware Assisted Take-Up Service For JISC Funded Early Adopters.

Federated Access Management The Motherwell Experience Carole Gray.

Copyright JNT Association 20051Optional Copyright JNT Association The UK federation Mark Tysom, JANET(UK) 9 October 2007.

Athens – integrated AMS services Ed Zedlewski JISC/CNI Conference Edinburgh, June 2002.

Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.

UK Access Management Federation Matthew Dovey Programme Director, Digital Infrastructures (Research) 10 June 2011 CERN.

New Developments in Access Management: Setting the Scene Alan Robiette JISC Development Group JISC-CNI Conference, June 2002.

Towards a Unified Authentication, Authorisation and Accounting Infrastructure Patrick Kirk Chief Technical Officer (YHGfL) Lifelong Learning Infrastructure.

Copyright JNT Association 20051Optional Copyright JNT Association The UK federation TNC - 22 nd May 2007 Mark Tysom, UKERNA.

KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.

Authentication - an overview of Hybrid Library requirements Jonathan Eaton eLib Concertation Day - Authentication 10th March 1999 Project HeadLine.

Supporting education and research The JISC Core Middleware Call Brian Gilmore The University of Edinburgh and JISC Committee for Support of Research.

1 Name of Meeting Location Date - Change in Slide Master Authentication & Authorization Technologies for LSST Data Access Jim Basney

Single Sign On Single sign on, more than a single step. Robert Stockton,

Outline of presentation

ESA Single Sign On (SSO) and Federated Identity Management

Linking Users, Resources, & Data Driven Decisions with OpenAthens

Supporting Institutions Towards a Shibbolized Infrastructure

The JISC Core Middleware Call

Presentation transcript:

Developments in Access and Identity Management Phil Leahy – Athens Product Manager

Access management choices Now in transition period A mix of access management tools –IP authentication –vendor usernames/passwords –EZproxy –Athens (classic or AthensDA) –…and now Shibboleth ® too Choices for the future must be based on organisational IT strategy

Dealing with change Standards are evolving –Mixture of technologies –Increase in complexity Standards and technologies are ‘talked up’ by their promoting communities –Education -> Shibboleth ® –Commercial vendors -> Liberty Alliance –Microsoft/IBM -> WS-*/CardSpace Need for agility to meet changing demands

Where are we headed? Federated access management –separates authentication from authorisation –reduces the number of IDs for users –allows organisations to decide what information about users is released –allow organisations to take greater control of access management procedures –Organisations with common policies form a federation

The changing AMS environment JISC encouraging UK FE and HE to implement Shibboleth ® NHS expecting their SSO project to be SAML-compliant –No fixed date Small number of publishers with SAML/ Shibboleth ® support Costs of change are significant

Implications for organisations (1) Acquire skills needed for implementation –Shibboleth ® and related technologies are new and complex Develop local interfaces –User management, usage statistics, misuse reporting Reduced administrative overheads –No need to manage multiple usernames and passwords

Implications for organisations (2) Should your organisation do this? –Robust directory service a prerequisite –Some organisations still using multiple local databases Consider using an outsourced identity provider –Classic Athens or Athens Devolved Authentication (AthensDA) –Evolving towards full support for open standards (e.g. is already Shibboleth ® - compliant)

What this means for publishers Access-control requirements evolve, e.g. –Emerging standards –Multiple standards Business needs of publishers change, e.g. –New customer base –Change of customer requirements Athens Shibboleth ® gateways –Only transitional tools

Choices for publishers Acquire skills needed for implementation –Shibboleth ® and related technologies are new and complex Use a middleware provider –Technical staff can support core business –Reduced implementation and maintenance costs

Eduserv’s Atacama programme Beta programme launched October 2006 Open to all Athens service providers –Other publishers welcome Single authentication mechanism –Modular –Integrate once –Adapt to changing environment –Allows publishers to connect to multiple user bases and federations

Why Eduserv? 10 years experience of supplying middleware to publishers –Technical support –Service –Applications Single point of support –Support role of JISC’s UK federation under discussion Continue to rely on Eduserv’s resilience –100% uptime since 1999

More information