Shibboleth Update Eleventh Federal & Higher Education PKI Coordination Meeting (Fed/Ed Thursday, June 16, 2005.

Slides:



Advertisements
Similar presentations
Lousy Introduction into SWITCHaai
Advertisements

Scaling TeraGrid Access A Testbed for Attribute-based Authorization and Leveraging Campus Identity Management
The Art of Federations. Topics Federations of what… Federated identity versus federations Federations in other sectors – business, gov, ad hoc R&E Federations.
The Internet2 NET+ Services Program Jerry Grochow Interim Vice President CSG January, 2012.
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
US E-authentication and the Culture of Compliance RL “Bob” Morgan University of Washington CAMP, June 2005.
Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.
T Network Application Frameworks and XML Service Federation Sasu Tarkoma.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.
Agenda Project beginnings and funding. Purpose of the federation. Federation members. Federation protocols. Special features in our federation. Pilot.
UC Irvine’s Pre-Shib Attribute Setup PH / QI Directory Provides Authoritative Attribute Store –Had both Faculty / Staff and Student Information UCI’s Campus.
The E-Authentication Initiative: A Status Report Presented at Educause Meeting June 16, 2004 The E-Authentication Initiative.
Presenter’s Name InCommon Approximately 80 members and growing steadily More than two million “users” Most of the major research institutions (MIT joining.
The E-Authentication Initiative An Overview Peter Alterman, Ph.D. Assistant CIO for e-Authentication, NIH and Chair, Federal PKI Policy Authority The E-Authentication.
Shibboleth-intro-dec051 Shibboleth A Technical Overview Tom Scavo NCSA.
To identity federation and beyond! Josh Howlett JANET(UK) HEAnet 2008.
AAF Middleware update February Presented by Terry Smith Technical Manager and Heath Marks Manager.
Federated Security and the Federal Government Ken Klingenstein Director, Internet2 Middleware and Security.
E-Authentication: The Need for Open-Standards in Implementing E-Government October 6, 2004 The E-Authentication Initiative.
The InCommon Federation The U.S. Access and Identity Management Federation
Interfederation RL “Bob” Morgan University of Washington and Internet2 Digital ID World 2005 San Francisco.
Australian Access Federation and other Middleware Initiatives Presented at TF-EMC2, Prague 4 Sep 2007 Patty McMillan, The University of Queensland.
Elements of Trust Framework for Cyber Identity & Access Services CYBER TRUST FRAMEWORK Service Agreement Trust Framework Provider Identity Providers Credential.
1 EAP and EAI Alignment: FiXs Pilot Project December 14, 2005 David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
OASIS Week of ebXML Standards Webinars June 4 – June 7, 2007.
2005 © SWITCH Perspectives of Integrating AAI with Grid in EGEE-2 Christoph Witzig Amsterdam, October 17, 2005.
Helsinki Institute of Physics (HIP) Liberty Alliance Overview of the Liberty Alliance Architecture Helsinki Institute of Physics (HIP), May 9 th.
GridShib: Grid/Shibboleth Interoperability September 14, 2006 Washington, DC Tom Barton, Tim Freeman, Kate Keahey, Raj Kettimuthu, Tom Scavo, Frank Siebenlist,
NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.
Shibboleth A Federated Approach to Authentication and Authorization Fed/Ed PKI Meeting June 16, 2004.
E-Authentication: Simplifying Access to E-Government Presented at the PESC 3 rd Annual Conference on Technology and Standards May 1, 2006.
Social Identity Working Group Steve Carmody. Agenda Intro to Using Social Accounts Status and Recent News –Current UT Pilot –Current InCommon Pilot with.
Shibboleth Akylbek Zhumabayev September Agenda Introduction Related Standards: SAML, WS-Trust, WS-Federation Overview: Shibboleth, GSI, GridShib.
Intro to Shibboleth and Federation… Ken Klingenstein Director, Internet2 Middleware and Security.
US of A and A Activities Ken Klingenstein, Director Internet2 Middleware Initiative.
GFIPM FICAM Status Update GFIPM Delivery Team Meeting November 2011.
The Feds and Shibboleth Peter Alterman, Ph.D. Asst. CIO, E-Authentication National Institutes of Health.
Identity Federations and the U.S. E-Authentication Architecture Peter Alterman, Ph.D. Assistant CIO, E-Authentication National Institutes of Health.
Middleware Futures Internet2 Member Meeting Arlington VA, April 2006 RL “Bob” Morgan, University of Washington and Internet2.
Leveraging the InCommon Federation to access the NSF TeraGrid Jim Basney Senior Research Scientist National Center for Supercomputing Applications University.
11 ITLC – Middleware Report May 27, 2010 The work of a subgroup of ITAG.
Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.
AAI in Europe ++ Ken Klingenstein Director, Internet2 Middleware and Security.
WS Protocol Workshop Process The Path to Real-world Interoperability Jorgen Thelin, Microsoft Corporation.
Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
Identity Management, Federating Identities, and Federations November 21, 2006 Kevin Morooney Jeff Kuhns Renee Shuey.
National Geospatial Enterprise Architecture N S D I National Spatial Data Infrastructure An Architectural Process Overview Presented by Eliot Christian.
E-Authentication briefing for 11th Fed/Ed PKI Meeting Thursday June 16th, 2005.
Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority Meet FedFed.
Gridshib-intro-dec051 GridShib An Introduction Tom Scavo NCSA.
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Interoperability Shibboleth - gLite Christoph.
Leveraging the InCommon Federation to access the NSF TeraGrid Jim Basney, Terry Fleury, Von Welch TeraGrid Round Table Update May 21, 2009.
InCommon Federation: Federating Relationships. Topics Administration Library Research Student Services Personal and Collaborative Applications Federal.
SEPARATE ACCOUNTS FOR PROSPECTS? WHAT A HEADACHE! Ann West Assistant Director, InCommon Assurance and Community Internet2 at Michigan Tech.
SAML Interoperability Lab RSA Conference Agenda SAML and the OASIS SSTC SAML Timeline Brief SAML History SAML Interop Lab Q & A Demo.
The Policy Side of Federations Kenneth J. Klingenstein and David L. Wasley Tuesday, June 29, CAMP Shibboleth Implementation Workshop.
Interfederation: From Demo to Eternity RL “Bob” Morgan, University of Washington and Internet2 Internet2 Member Meeting, Chicago December, 2006.
01 October 2001 “...By Any Other Name…”. Consequences and Truths (Ken) The Pieces and the Processes (Bob) Directories (Keith) Shibboleth and SAML (Scott)
Federal Initiatives in IdM Dr. Peter Alterman Chair, Federal PKI Policy Authority.
The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.
E-Authentication Guidance Jeanette Thornton, Office of Management and Budget “Getting to Green with E-Authentication” February 3, 2004 Executive Session.
EAuthentication – Update on Federal Initiative Jacqueline Craig IR&C September 27, 2005.
Access Policy - Federation March 23, 2016
Shibboleth Roadmap
Federation Systems, ADFS, & Shibboleth 2.0
Introduction How to combine and use services in different security domains? How to take into account privacy aspects? How to enable single sign on (SSO)
Technical Approach Chris Louden Enspier
Overview and Development Plans
Presentation transcript:

Shibboleth Update Eleventh Federal & Higher Education PKI Coordination Meeting (Fed/Ed Thursday, June 16, 2005

2 Topics Shibboleth v1.3 – Shibboleth Futures -- the Roadmap after 1.3 Shibboleth and e-Authn

3 Shibboleth v1.3 Planned Availability -- June, 2005 Currently in beta Major New Functionality Full SAML v1.1 support -- BrowserArtifact Profile and AttributePush Support for SAML-2 metadata schema Improved Multi-Federation Support Support for the Federal Gov’t’s E-authn Profile Native Java SP Implementation Improved build process

4 Restructuring of Federations The Transition to InCommon InCommon is now “Real” Campuses and Vendors are Transitioning… May soon see negative incentives for long term membership in InQueue “Negative Trust” Federation Available for software development, testing Self-service application to register Expect to see many relatives of Donald Duck as members International Federation Peering Moving forward… Vendors moving toward supporting multi-federation world

5 Shibboleth and Grids Shib/SAML is currently web-browser centric so doesn't apply to more general protocols yet can easily apply to Grid portals SAML could carry certs/keys as attributes Grid-Shib project NSF-funded focus on access to campus Attribute Authority to provide attributes for Grid service authz decisions

6 WS* Interop -- Status Agreements to build WS-Fed interoperability into Shib Contracts signed; work to begin AFTER Shib v1.3 WS-Federation + Passive Requestor Profile + Passive Requestor Interoperability Profile Discussions broached, by Microsoft, in building Shib interoperabilty into WS-Fed; no further discussions Devils in the details Can WS-Fed-based SPs work in InCommon without having to muck up federation metadata with WS-Fed-specifics? All the stuff besides WS-Fed in the WS-* stack

7 WS* Interop -- High Level Goals Establish interoperability of the ADFS Identity Provider and Service Provider implementations (and any other WS-F/PRP/PRIP Provider conformant implementations), with the Internet2 Shibboleth System Identity Provider and Service Provider implementations. Establish ADFS as a supported option for use for Identity Provider and Service Provider deployments in the Internet2-operated InCommon Federation of US higher-education and partner sites. Build a strategic relationship with a fully deployed and leading edge federation (InCommon) and the higher ed academic community.

8 Shibboleth -- Future Releases “Interim” Release Target Date -- within Calendar 2005 Include some SAML-2 Functionality Rely on feedback from user community to identify SAML-2 features which are HIGH priority Lots of potential partners interested in helping….

9 Shibboleth 2.0 SAML 2.0 specification approved March 2005 Shibboleth 2.0 Expect to provide support for ALL REQUIRED SAML-2 functionality Target Date -- mid-year 2006 Who wants to help?

10 Federal eAuthentication Key driver for e-government, operating under the auspices of GSA Leveraging key NIST guidelines Setting the standard for a variety of federated identity requirements Identity proofing SAML bindings Credential assessment Risk assessment Technical components driven through the InterOp Lab

11 eAuthentication Key Concepts Approved technologies The Federal “e-Authentication Federation” Credential assessment framework Trusted Credential Service providers Agency Applications (outward facing…)

12 Shibboleth E-Authn Certification V1.3 has already successfully navigated interoperability testing Scheduled for Certification Testing the week of June 20 Campuses could then Join the E-authn Federation Use the Shibboleth software to access e-authn enabled federal gov’t web sites More E-authn info available at

13

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.