Digital Diversity: Multi- institutional Access to Distributed Course Resources Barry Ribbeck UT HSC - Houston.

Slides:



Advertisements
Similar presentations
Experiences in Middleware Deployment: Teach a man to fish… Mary Fran Yafchak NMI Integration Testbed Manager SURA IT Program Coordinator.
Advertisements

Student, Faculty, and Staff Data Availability and Protection What’s the Back-Up Plan? (for academic computing) Sponsored by.
A Web-based Bibliography Management Initiative: Collaborating for Classroom and Library Technology Integration Brian Nielsen, Academic Technologies Denise.
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
CAMP Med CAMP Wrap-up: Identity Management Resources.
Copyright Ann West This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
Andrea Eastman-Mullins Information & Technology Coordinator University of North Carolina, Office of the President Teaching and Learning with Technology.
Multi-Organizational Authorization Services RL “Bob” Morgan, University of Washington Internet2/Educause Advanced CAMP Boulder, Colorado July 2003.
An Identity Management Vision for California Education A. Michael Berman, Cal Poly Pomona Mark Crase, CSU Office of the Chancellor Copyright A. Michael.
Dr. Andrea Henne Dean, Online & Distributed Learning San Diego Community College District Real-World Strategies Changing your Course Management System.
Embedded Librarian Program: Librarians and Faculty Partnering to Serve Online Students NERCOMP Annual Conference Innovation and Reliability: Finding the.
GatorAid: Identity Management at the University of Florida Mike Conlon Director of Data Infrastructure
Darrel S. Huish Katherine J. Ranes Arizona State University Lessons Learned During the First Year of myASU, a Large Institution Portal Copyright Darrel.
Shibboleth and InCommon Copyright Texas A&M University This work is the intellectual property of the author. Permission is granted for this material.
Learning Management Systems Camp June 2004 Barry R Ribbeck UT HSC Houston Copyright, Barry Ribbeck, This work is the intellectual property of the.
LionShare Presented by Eric Ferrin, Sr Director, Digital Library Technologies Feb 3, 2004 Copyright Penn State University, This work is.
CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,
EDUCAUSE April 25, 2006Enforcing Compliance with Security Policies … Enforcing Compliance of Campus Security Policies Through a Secure Identity Management.
1 No More Paper, No More Stamps: Targeted myWSU Communications Lavon R. Frazier April 27, 2005 Copyright Lavon R. Frazier, This work is the intellectual.
Welcome to CAMP Identity Management Integration Workshop Ann West NMI-EDIT EDUCAUSE/Internet2.
NMI-EDIT Outreach: The first five years. Topics for Today  NMI-EDIT background  Activities  Outcomes  Resources.
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.
Mairéad Martin The University of Tennessee September 13, 2015 Federated Digital Rights Management.
EDUCAUSE Midwest Regional March 24, 2003 Copyright Ann West This work is the intellectual property of the author. Permission is granted for this.
Welcome to CAMP: Charting Your Authentication Roadmap Mike Grady Senior Technology Architect and Strategist Campus Information Technologies and Educational.
Middleware: Addressing the Top IT Issues on Campus Renee Woodten Frost Internet2 and University of Michigan CUMREC May 13, 2003.
Shibboleth Update Michael Gettes Principal Technologist Georgetown University Ken Klingenstein Director Interne2 Middleware Initiative.
Policy and Technology in Enterprise Directory and Authentication Services No Room to Swing a Cat Michael Gettes, MACE, Duke University Keith Hazelton,
Using Levels of Assurance Well, at least thinking about it…. MAX (just MAX)
Internet2 Middleware Initiative Shibboleth Ren é e Shuey Systems Engineer I Academic Services & Emerging Technologies The Pennsylvania State University.
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 NMI R3 Enterprise Directory Components.
1 Protection and Security: Shibboleth. 2 Outline What is the problem Shibboleth is trying to solve? What are the key concepts? How does the Shibboleth.
Mairéad Martin The University of Tennessee December 16, 2015 Federated Digital Rights Management.
Shibboleth & Federated Identity A Change of Mindset University of Texas Health Science Center at Houston Barry Ribbeck
EDUCAUSE 2003 Copyright Toshiyuki Urata 2003 This work is the intellectual property of the author. Permission is granted for this material to be shared.
A Word from the Sponsors NMI-EDIT comprises Internet2 and EDUCAUSE –NSF Middleware Initiative (NMI)-Enterprise and Desktop Integration Technologies Consortium.
What’s Happening at Internet2 Renee Woodten Frost Associate Director Middleware and Security 8 March 2005.
NMI-EDIT AND Small College Security & ID Management Issues Discussion John Bruggeman, Director of Information Systems, Hebrew Union College-Jewish Institute.
Welcome to Base CAMP: Enterprise Directory Deployment Ken Klingenstein, Director, Internet2 Middleware Initiative Copyright Ken Klingenstein This.
NSF Middleware Initiative Purpose To design, develop, deploy and support a set of reusable, expandable set of middleware functions and services that benefit.
NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Renee Woodten Frost Internet2/University of Michigan.
WebISO, Single Sign-On & Authorization General Overview Shelley Henderson Project Manager, Grid Software USC Information Services Copyright.
Bringing it All Together: Charting Your Roadmap CAMP: Charting Your Authentication Roadmap February 8, 2007 Paul Caskey Copyright Paul Caskey This.
NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.
Welcome to CAMP Directory Workshop Ken Klingenstein, Internet2 and University of Colorado-Boulder.
Further Resources and Getting Involved Steven Carmody Ann West.
CAMP Shibboleth: Next Steps Steve Carmody, Brown University Ann West, Educause/Internet2/Michigan Tech.
CAMP Wrap-up: Identity Management Resources from NMI-EDIT.
Resources to CAMP: Charting Your Authentication Roadmap.
NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Mark Luker, EDUCAUSE Copyright Mark Luker, This work is the intellectual.
Blackboard Learning System r6 and Shibboleth Barry Ribbeck U.Texas Health Science Center at Houston Christopher Etesse Blackboard Inc.
Federated Identity Management at Virginia Tech
Shibboleth Project at GSU
John O’Keefe Director of Academic Technology & Network Services
e-Infrastructure Workshop 28th March 2006, University of Leeds
Federating with NIH, NSF, and the National Student Clearinghouse
Copyright Notice Copyright Bob Bailey This work is the intellectual property of the author. Permission is granted for this material to be shared.
Privilege Management: the Big Picture
Federated Digital Rights Management
Open Source Web Initial Sign-On Packages
myIS.neu.edu – presentation screen shots accompany:
Signet Privilege Management
Technical Topics in Privilege Management
Shibboleth Deployment Overview
Signet Privilege Management
Presentation transcript:

Digital Diversity: Multi- institutional Access to Distributed Course Resources Barry Ribbeck UT HSC - Houston

Copyright Statement Copyright Barry Ribbeck, This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.

Blackboard Learning System Requirements –Shib 1.0 or greater* –Blackboard or higher Support –Shibboleth will be fully supported as a custom authentication option in Bb (currently in a limited Alpha release) Disclaimer –Limited support, tested only on Red Hat Linux and Sun Solaris implementations

Connection Details User connecting to {shib(Bb)} is redirected to Wayf as expected Target requires eppn and eduPersonEntitlement If AA assertions are accepted, Bb remote user is populated with eppn –BbShibbolethAuthModule gets the remote user and creates the user object in BbLS Can be extended via “Bb Advanced Data and Authentication Manual” See next slide Bb can create user account in DB on login (User Account Generation on Gateway: Enable ) or it can be created a priori Currently, course admin must add user to respective courses manually or in batch process * * This assumes a particular database management model

Current Processes Join a Federation! Get a list of eppns from remote site authority for proper assignment into BB Populate into BB course (can be done in bulk) Agree on assertion exchange for authZ Agree on what to do with the data after the course is completed

Yet to be done? Updated Standardization on value to populate remote user DONE! EPPN A way to mix local and shib users by redirection at portal by user choice or failover to Shib DONE!

Ongoing Work Standardized Course attributes in LDAP (see Mace Course ID work) Shibboleth protected Portals (EZ Proxy coming soon) Non-Web based shibboleth protected resources (Pen State LionShare, Napster, ShibIM) RBAC (see Mace Dir Group) Just-in-time provisioning using asserted courseid attributes from origin

Shibboleth and Blackboard Home University Attribute Authority Authentication System (ISO/SSO/Cert) Handle Service Resource Provider SHIRE Allow HomeU AA SHAR Resource Manager Browser Federation WAYF SERVICE (IN COMMON) 1. I would like access? 3. Where are you from? 4. I am from HU, logged in? ORIGIN TARGET 5. Authenticate me to HU 2. Can you authenticate via my Wayf ? 7. Need eppn & eduPersonEntitlemnt for X? 6. AuthN ok send handle X to Target 8. Link Handle X to user and Lookup attributes RBAC Authorization System - LDAP (eduperson) 9. Attributes found and Released 10. If ARP allows, attributes are sent to Target. If attributes are sufficient, access is granted by Resource Manager on Target Bb remoteuser=eppn auto acct generation = off 11 Logged onto Bb Shib Software =

The Ever Risky Live Demo

Acknowledgments

A Word from the Sponsors National Science Foundation Middleware Initiative (NMI) Enterprise and Desktop Integration Technologies Consortium (NMI-EDIT) –Internet2, EDUCAUSE, and SURA –Project Goals Create a common, persistent and robust core middleware infrastructure for the R&E community Provide tools and services in support of inter-institutional and inter-realm collaborations

NMI-EDIT Tutorials, Seminars, and Workshops EDUCAUSE Regional, Annual, and CUMREC Conferences –Look for the “sponsored by…” –Track and preconference seminars –March Regionals Western – Enterprise Directory Implementation seminar and track session on CSU’s Secure IdM Infrastructure NERCOMP – Shibboleth Deployment seminar and track session on Projects at Penn State

Tutorials, Seminars, and Workshops (cont.) 2004 CAMPs –June 28-July 2, Boulder, CO CAMP June – Shibboleth Implementation Advanced CAMP June 30-July 2 – Authority Architectures –November 15-29, San Diego CAMP and Advanced CAMP

Websites Shibboleth –shibboleth.internet2.edu Internet2 Middleware Initiative –middleware.internet2.edu NMI-EDIT NSF Middleware Initiative –

Lists EDUCAUSE Middleware Constituent Group –General discussion on middleware – Shibboleth lists –Shibboleth users and announce lists – misc.html#mailinglist NMI lists –Information about NMI releases, press announcements, and upcoming events –