MATU: Middleware Assisted Take Up Service For JISC Funded Early Adopters Steve Edwards - MATU - Windermere 14 – 15 November 2005.

Slides:



Advertisements
Similar presentations
Shibboleth and UKAMF-FEAR not as scary as it sounds! Rhys Smith Cardiff University.
Advertisements

SE Name SE Title Blackboard Training: Approaches and Opportunities.
Lousy Introduction into SWITCHaai
Authorisation Models for National Scale Services Alan Robiette Joint Information Systems Committee
Illinois Justice Network Portal Implementation Board Meeting February 11, 2004.
1 SHERPA Securing a hybrid environment for research preservation and access.
Supporting education and research Core Middleware Development Nicole Harris, Programme Manager, JISC Middleware Team.
Joint Information Systems Committee 01/04/2014 | | Slide 1 Connecting People to Resources The JISC Access Management Strategy Nicole Harris Programme Manager.
PERSEUS : Portal-enabled Resources via Shibbolized End-user Security 16 May 2005JISC Core Middleware Programme Meeting, Loughborough 1 PERSEUS Project.
Joint Information Systems Committee 01/04/2014 | slide 1 Support e-Research at JISC Access Management and Security Joint Information Systems CommitteeSupporting.
Eduserv Athens Federations David Orrell Eduserv Athens Technical Architect.
Joint Information Systems Committee 01/04/2014 | | Slide 1 e-Infrastructure Programme James Farnhill, Programme Manager, JISC Identity Management and Levels.
The Economic and Social Data Service (ESDS) Kevin Schürer ESDS/UKDA ESDS Awareness Day 5 December 2003.
Shibbolising UK Census and ESDS services Lucy Bell Associate Director, Head of Information Systems and Preservation, UKDA 26 May 2005.
Research Councils ICT Conference Welcome Malcolm Atkinson Director 17 th May 2004.
Joint Information Systems Committee The JISCs Core Middleware Programme Terry Morrow JISC Consultant.
Next Generation Athens Services Ed Zedlewski UK e-Science Town Meeting, London, 11 April 2005.
Joint Information Systems Committee Digital Library Services BL/JISC Workshop Rachel Bruce JISC Programme Director The Digital Library and its Services,
Collection-level description & the Information Landscape: users evaluate strategies for resource discovery Collection Description Focus Workshop 5 Cambridge,
A centre of expertise in data curation and preservation DCC Workshop: Curating sApril 24 – 25, 2006 Funded by: This work is licensed under the Creative.
Joint Information Systems Committee 25/08/2014 | slide 1 JISC Core Middleware Programme Meeting Middleware in Development Joint Information Systems CommitteeSupporting.
KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.
Ms Joyce Tam, Principal Assistant Secretary for Information Technology and Broadcasting Presentation on “Developing an E-Government” to IIAC Members Thursday.
Access management for repositories: challenges and approaches for MAMS James Dalziel Professor of Learning Technology and Director, Macquarie E-Learning.
JISC Metaleth Project Athens, Shibboleth and the University of Bristol 29 th January 2007.
Joint Information Systems Committee 19/05/2015 | | Slide 1 Connecting People to Resources The UK Access Management Federation Nicole Harris Programme Manager.
Hosted at the Institute for Learning and Research Technology, University of Bristol. Technical Advisory Service for Images International Seminary on Digitisation.
Joint Information Systems Committee 19/05/2015 | | Slide 1 Voyage of the UK JISC Federation: Shibbolising the UK’s Research, Higher and Further Education.
Technical Review Group (TRG)Agenda 27/04/06 TRG Remit Membership Operation ICT Strategy ICT Roadmap.
2006 © SWITCH Authentication and Authorization Infrastructures in e-Science (and the role of NRENs) Christoph Witzig SWITCH e-IRG, Helsinki, Oct 4, 2006.
Copyright JNT Association 20051Optional Copyright JNT Association Joining the UK Access Management Federation 4th April.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.
Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (
1 eAuthentication in Higher Education Tim Bornholtz Session #47.
Electronic Authentication for Flexible Learning Workshop Presentation (5 August 2003) Chris Connolly, CEO, Galexia Consulting.
Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.
Developments in Access and Identity Management Phil Leahy – Athens Product Manager.
SWITCHaai Team Federated Identity Management.
Implications for UK infrastructure No more dependency on the VERY LARGE centralised database of Athens Need for implementation of a national WAYF service.
Australian Access Federation Robert Hazeltine Identity and Access Management Enterprise Systems Office.
PERSEU S : Portal-enabled Resources via Shibbolized End-user Security 3 May 05Spring 2005 Internet2 Member meeting 1 News from the ‘misty’ Albion: Shibboleth.
Supporting further and higher education AA(A) – What does it mean to the service provider? Alan Robiette, JISC Development Group.
New Developments in Authentication and Access Management Alan Robiette JISC Development Group JISC-NSF-DLI2 Meeting, 2002.
Identity Management Report By Jean Carreon and Marlon Gonzales.
Copyright JNT Association 2005Copyright JNT Association An Introduction to Access Management and the UK Federation Simon Cooper.
Supporting further and higher education UK Middleware Update TF-EMC2 Meeting, 4 November 2004 Alan Robiette, JISC Development Group.
I2Q & WMnet Pilot Presented by Jason Rousell – i2Q Jay Neale - i2Q.
2005 © SWITCH Perspectives of Integrating AAI with Grid in EGEE-2 Christoph Witzig Amsterdam, October 17, 2005.
Presented by: Presented by: Tim Cameron CommIT Project Manager, Internet 2 CommIT Project Update.
TERENA NORDUnet Networking Conference 1999 Lund Norman Wiseman JISC Head of Programmes JISC Programme for Middleware Development.
Shibboleth: An Introduction
MAT U M A T U Middleware Assisted Take-Up Service For JISC Funded Early Adopters.
Copyright JNT Association 20051Optional Copyright JNT Association The UK federation Mark Tysom, JANET(UK) 9 October 2007.
State of e-Authentication in Higher Education August 20, 2004.
UK Access Management Federation Matthew Dovey Programme Director, Digital Infrastructures (Research) 10 June 2011 CERN.
New Developments in Access Management: Setting the Scene Alan Robiette JISC Development Group JISC-CNI Conference, June 2002.
The UK Access Management Federation John Chapman Project Adviser – Becta.
Copyright JNT Association 20051Optional Copyright JNT Association The UK federation TNC - 22 nd May 2007 Mark Tysom, UKERNA.
KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.
Connect communicate collaborate Trust & Identity EC meets GÉANT 19 June 2014 Brussels Valter Nordh, NORDUnet Federation as a Service Task Leader Trust.
Introducing the RSP Chris Yates, University of Wales, Aberystwyth.
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Interoperability Shibboleth - gLite Christoph.
Shibboleth Use at the National e-Science Centre Hub Glasgow at collaborating institutions in the Shibboleth federation depending.
INTRODUCTION TO IDENTITY FEDERATIONS Heather Flanagan, NSRC.
The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.
LIGO Identity and Access Management
Richard Waller NOF Technical Advisor UKOLN is supported by:
UK Federation 101 Ian A. Young EDINA, University of Edinburgh (and the UK Federation) Internet2 Fall Member Meeting, 7 Dec Shibboleth Development.
Presentation transcript:

MATU: Middleware Assisted Take Up Service For JISC Funded Early Adopters Steve Edwards - MATU - Windermere 14 – 15 November 2005

Where We Are From - Eduserv Eduserv is a not-for-profit IT services group –born from services developed within universities The Eduserv Foundation –funds initiatives supporting application of IT in education Over 10 years experience delivering Access Management –Athens Contracted by the JISC to provide the MATU service –assist HE & FE with early adoption of Shibboleth

MATU Objectives Middleware Assisted Take Up Service –A JISC sponsored Eduserv Service Support JISC Core Middleware Project Early Adopters Provide a central repository –information –advice –training

The Problem Shibboleth ® Addresses Users accessing many different systems –proliferation of credentials –one pair of credentials per resource –forgotten passwords –Security & Integrity compromised abc123 issue –passwords sent in the clear and shared –proprietary systems – locked in –no organisational control centre

What Shibboleth ® is NOT NOT an all-in-one identity management solution –one of many components NOT an authentication or a SSO system –need to plug one in (CAS, pubcookie, …) NOT an Attribute Store –need to plug one in (Directory, Database, …) NOT a fixed specification –ongoing evolution

Internet2 Collection of over 200 U.S. Universities involved in a wide variety of initiatives: –advanced network applications –research and higher education –creating tomorrows Internet Wide variety of: –Groups Working, Specialist Interest, Advisory, … –Initiatives

Internet2 - Middleware Initiative Initiatives: –Shibboleth ® –eduPerson both of which are under umbrella of MACE Others MACE activities: –Grouper –Middleware End-To-End Diagnostics Advisory Group –Signet

Internet2 - Shibboleth ® Share secured online services Control access to restricted digital content Leverages campus identity and access management infrastructures –authenticate individual users –sends information about users to resource site –enables resource provider to make authorisation decisions Common SSO layer over existing systems

What is a Federation … Group of organizations sharing set of agreed policies, rules for access to online resources –enable the members to establish trust and shared understanding of language or terminology –provide a structure / legal framework that enables authentication and authorization Supporting technologies: –Shibboleth –SAML

SWITCHaai - Switzerland Useful demo SWITCHaai: -

SWITCHaai - Process Demo

Adoption History - World Wide … Europe –SWITCH - AAI - Switzerland Authentication & Authorization Infrastructure 8 universities, > 110k users –integrated user directories into AAI e-learning shared resources –> 10k users on a regular basis –HAKA - Finland Identity Federation of Universities

… Adoption History - World Wide USA –widespread adoption by educational and commercial organisations Australia –MAMS Meta Access Management System Macquarie - lead University

Adoption History - UK … Started with Core Middleware Programme –started July 2004 / first trial November 2004 –strategic initiative A subset - Early Adopters –over 20 H.E. institutions –includes e-Learning strand –interim reports available

… Adoption History - UK Bodington –open source Virtual Learning Environment / Learning Management System –supports teaching and learning across entire range of learning institutions –UK and worldwide Guanxi Project –UHI - University of Highlands and Islands –institutional collaborations –e-learning & e-delivery

UK Federations Athens UK Shibboleth Federation –production federation SDSS project at EDINA –building development Shibboleth federation … academic online resources –put in place essential technical components –provide environment to assist other projects JISC –Core Middleware: Infrastructure Programme –SWISh, Gilead,

JISC - Shibboleth ® The Joint Information Systems Committee –UK HE / FE support organisation JISC - Middleware Adoption –funding a major initiative - 4 years –access to internally and externally produced resources is a one step process for users –development of next generation access management system based on Shibboleth –UK Federation

MATU Support - Ethos / Approach "One Stop Shop" –Informed –Authoritative –Impartial Avoid dilution of message and advice Long term individual relationships Mutual support – cyclical –we also need assistance & feedback –returned to early adopters community

MATU People Service Manager- Richard Dunning –operations and project specialist Service Analyst- Richard Annett –formerly DSP and AthensDA support Trainer- Steve Edwards –consulting & development: J2EE, XML, Web Services –International activities: IBM, BEA, … Others involved include: –James Mulhern project director, head of R & D –David Orrell technical architect heavily involved in the middleware arena nationally & internationally

MATU Service A Comprehensive Website –FAQS, Guidance, Installation guides, business cases, downloads Software downloads –Internet2 software –Eduserv software –Other software e.g. Guanxi Service desk –Telephone and support –Access to some of the leading experts on Access Management and Shibboleth –Test infrastructure Training –Seminars / Workshops –Conferences

MATU Assisted Projects Twenty projects in total comprising of: –Over 20 early adopter projects 16 institutions –9 e-learning strand early adopter projects 11 institutions new projects to be announced mid-November 2005

Workshops & Events October –Introduction to Shibboleth: v1.3 - IdP & SP November –JISC Conference December –Introduction to Shibboleth: v1.3 - IdP & SP October workshop repeated for new project intake January –Deploying Shibboleth: v1.3 IdP –Deploying Shibboleth: v1.3 SP –LDAP - Lightweight Directory Access Protocol February –Federations and the Law

Current Activities Getting to know the projects –aims: give early adopters confidence –get early adopters to outline their projects –form relationships –help with problem solving at an early stage One-to-one meetings with project owners include: –University of Essex (Chimera) –London School of Economics –University of Essex (UK Data Archive (SAFARI)) –Liverpool University –University of Nottingham –University of Bristol –University of Exeter –University of Cardiff –University of Staffordshire

Shibboleth / Athens Interoperability Eduserv's JISC contract for Access Management services to UK HE & FE, commits us to delivering full Shibboleth Athens interoperability: Athens Federation –providing a governance framework for Athens registered organisations and online resources Athens Identity Manager (AthensIM) –fully supported and standalone Shibboleth Identity Provider (origin) software Shibboleth to Athens Gateway –providing Shibboleth-enabled organisations access to Athens-enabled resources

Prerequisites Users IDs and credentials –Database –Directory –Flat files A web-based Single Sign-On System –e.g. Pubcookie Yale CAS Bespoke Network & Server Infrastructure Skilled People

Getting Started? MATU Support Think carefully about how you are going to use Shibboleth –who and where are your users –what are you looking to access / share / protect –what Federation is best for you Make sure you know who you and your stakeholders are! –Identity Provider –Service Provider –both! Align your Access Management to your IT strategy –and adapt Align your Attribute Release Policy with Institutional DP & Privacy Ensure you have all the necessary building blocks –A populated Information Store –A Web SSO system Plan how you are going to deliver and resource your new service Decide what software is best for you

Advice to Projects Plan –especially access to institutional data Keep it simple –limit the use of user attributes at least initially Try, test, prototype –but avoid live kit Put the necessary prerequisites in place Weigh up privacy v. personalisation Do not go it alone

And Now? MATU is here to support early adopters in using Shibboleth We want to: –talk to them –understand their requirements to ensure a smoother start to assist with minimising problems

Contact Us Contact the MATU team at: Postal address: –Eduserv MATU Queen Anne House 11 Charlotte Street Bath BA1 2NE Phone: Fax: Website: –