January 19-21, 2011 Washington, D.C. GEOSS Data Sharing Task Force 2011 Scoping Meeting 1 GEOSS Data CORE and the GCI User Registration.

Slides:



Advertisements
Similar presentations
Suchin Rengan Principal Technical Architect Salesforce.com
Advertisements

March 28-29, AIP-6 Data Sharing Working Group Breakout Steven F. Browdy OMS Tech, Inc. IEEE.
SIF Status to ADC Co-Chairs
Core Task Status, AR Doug Nebert September 21, 2008.
KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.
Eric Raff. Usergroup up
JISC Metaleth Project Athens, Shibboleth and the University of Bristol 29 th January 2007.
AIP Data Sharing investigations for GEOSS Summary of AIP-3 Data Sharing Guidelines Working Group George Percivall AIP Task Leader Open Geospatial Consortium.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
Microsoft Ignite /16/2017 4:55 PM
Alumni Authentication… Explained Robert Scaysbrook – OpenAthens UK Account Manager.
V v Business Process AMTV Streaming TV Streaming.
Naam van de Auteur 7 januari 2008 Kennisnet Entree: federated authentication Pieter BruringTechnical Product Manager.
Aegis Identity Software, Inc. presents Trends in Identity and Access Management in Higher Education to US Federations June 20, 2012 Janet Yarbrough – Director.
UMA Could I Manage My Own Data. Please?. Agenda Business Trends & Technical Solutions Distributed Business (Decentralisation) Mobility & Automation Delegation.
Copyright 2006 Archistry Limited. All Rights Reserved. SOA Federated Identity Management How much do you really need? Andrew S. Townley Founder and Managing.
Identity Management in Education. Welcome Scott Johnson, NetProf, Inc. Creator of OmnID Identity Management for Education
ADC Meeting ICEO Standards Working Group Steven F. Browdy, Co-Chair ADC Workshop Washington, D.C. September, 2007.
Identity Management Report By Jean Carreon and Marlon Gonzales.
SUNY System Administration Federation Overview Gavin Hogan July 15th, 2009 A work in progress….
Using AS 10g with EBS What are the Benefits of Integrating AS 10g with Oracle Applications?
OracleAS 10G SSO: A “Fan-Out” Configuration Overview for Decentralized Implementation Presented By: Tony Macedo "This work was performed under the auspices.
1 Emergency Alerts as RSS Feeds with Interdomain Authorization Filippo Gioachin 1, Ravinder Shankesi 1, Michael J. May 1,2, Carl A. Gunter 1, Wook Shin.
Presented by: Presented by: Tim Cameron CommIT Project Manager, Internet 2 CommIT Project Update.
Shibboleth 2.0 IdP Training: Authentication January, 2009.
Openness and Extending Blackboard Software Asbed Bedrossian Otto Khera USC.
Social Identity Working Group Steve Carmody. Agenda Intro to Using Social Accounts Status and Recent News –Current UT Pilot –Current InCommon Pilot with.
Openid Connect
GEOSS Common Infrastructure Internal Structure and Standards Steven F. Browdy (IEEE)
Shibboleth: An Introduction
May 7, 2013 CEOS WGISS-35 Meeting 1 GEOSS Authentication and Single Sign-On Steven F. Browdy OMS Tech, Inc. IEEE.
What Makes Users Refuse Web Single Sign-On? An Empirical Investigation of OpenID Daniel Smith.
January 9, 2002 Internet2 WebISO Project RL "Bob" Morgan, University of Washington.
Shibboleth What is it and what is it good for? Chad La Joie, Georgetown University.
Claims-Based Identity Solution Architect Briefing zoli.herczeg.ro Taken from David Chappel’s work at TechEd Berlin 2009.
All Rights Reserved 2014 © CMG Consulting LLC Federated Identity Management and Access Andres Carvallo Dwight Moore CMG Consulting, LLC October
Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.
Authentication and Authorisation for Research and Collaboration Peter Solagna Milano, AARC General meeting Report and plans Attribute.
Discussion Issues for IIB Presented by Steve Browdy.
Access resources in a federation partner organization.
Data Sharing Task Force Update Ivan DeLoatch, USGS, ADC Co-chair Alan Edwards, EC, DSTF Co-chair ADC/CBC Joint Committees Meeting Sao Paulo, Brazil 28.
Standards and Interoperability Forum SIF Update and Status Steven F. Browdy, Chair.
Core Task Status, AR Doug Nebert September 22, 2008.
Attribute Delivery - Level of Assurance Jack Suess, VP of IT
KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.
Copyright © 2006 by the University of Kansas Providing Intra-campus SSO Service Kathryn Huxtable Identity Management/Core Middleware Information Technology,
ISWG / SIF / GEOSS OOSSIW - November, 2008 GEOSS “Interoperability” Steven F. Browdy (ISWG, SIF, SCC)
INFORMATION DEPLOYED. SOLUTIONS ADVANCED. MISSIONS ACCOMPLISHED. Procurement Desktop Defense (PD²) and the New System for Award Management (SAM) SPS Spotlight.
What is Cloud Computing 1. Cloud computing is a service that helps you to perform the tasks over the Internet. The users can access resources as they.
© 2016 IBM Corporation Virtual Appliance migration self-assessment May 2016 IBM Security Identity Manager.
ADFS - Does it Still have a Place? Fitting into the EMS puzzle Frank C. Drewes III 2016 Redmond Summit | Identity.
Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.
L’Oreal USA RSA Access Manager and Federated Identity Manager Kick-Off Meeting March 21 st, 2011.
Access Policy - Federation March 23, 2016
GEOSS Federated Single Sign-On
Shibboleth Architecture
LIGO Identity and Access Management
Shibboleth Integration Fairfield University
User Authentication and Metrics Parallel Session 4b - Friday, May 4 at 09:00 in Room 4 - Session Leaders: Steve Browdy, Lucia Lovison AIP-5 Kickoff.
Core Task Status, AR Doug Nebert September 22, 2008.
Addressing the Beast: Single Sign-On II
ESA Single Sign On (SSO) and Federated Identity Management
Data Sharing Guidelines
AIP Disaster Management Using Single-Sign-On
Mechanisms for Distributed Global Authentication David R Newman.
GEOSS AIP-5 Data Sharing Working Group
Device Registration and Multi-Factor Authentication
Shibboleth 2.0 IdP Training: Introduction
Presentation transcript:

January 19-21, 2011 Washington, D.C. GEOSS Data Sharing Task Force 2011 Scoping Meeting 1 GEOSS Data CORE and the GCI User Registration

January 19-21, 2011 Washington, D.C. GEOSS Data Sharing Task Force 2011 Scoping Meeting 2 Recap from Yesterday (Items Needed) Legal perspective –Disclaimers –Notifications of Understanding –Pop-ups (tool-tips) for definitions of things As of now, there will not be … –Any special review process –Any GCI assisted cost recovery However, should we use an icon on discovery to indicate costs are involved? What does cost recovery mean for machine-to-machine processing?

January 19-21, 2011 Washington, D.C. GEOSS Data Sharing Task Force 2011 Scoping Meeting 3 Major Questions When should it be done? Who should do it? Who are the players? –DSTF, ADC, GCI-CT –Supported by: AIP, SIF, GCI Component Providers

January 19-21, 2011 Washington, D.C. GEOSS Data Sharing Task Force 2011 Scoping Meeting 4 High Level Requirements Single Sign-On (SSO) Metrics –Duration of login without activity –Password longevity –Resources accessed Implementation Impact –Desired Light impact for data providers Light impact for GCI –Realistic Tradeoff between data providers and GCI One will most likely have much more to do than the other –AIP still looking into this (will continue in AIP-4) Data user perspective –Easy to register Possibly identified as “GEOSS User” –No repeat logins desired Legal perspective –User privacy issues –Data provider access issues (time to logout)

January 19-21, 2011 Washington, D.C. GEOSS Data Sharing Task Force 2011 Scoping Meeting 5 When Should It Be Done (Development/Test/Deploy Schedule) Process –DSTF -> ADC -> AIP -> GCI-CT … –Or something else Development –Specification to be written (no matter how small) –GCI component providers to develop (AIP-4) –AIP to experiment/test –GCI-CT to update and test against consolidated requirements Make sure that all technical goals have been met DSTF Sign-off –Make sure that all data sharing goals have been met Deploy into the GCI –Code release –Maintenance on existing users (if necessary)

January 19-21, 2011 Washington, D.C. GEOSS Data Sharing Task Force 2011 Scoping Meeting 6 Current Status AIP-3 assumed SSO from two perspectives: –Federated solution Impact on data providers (possibly non-trivial) Virtually no impact on GCI –GCI-centric solution Light impact on data providers Heavy impact on GCI Two technologies researched –OpenID –Shibboleth

January 19-21, 2011 Washington, D.C. GEOSS Data Sharing Task Force 2011 Scoping Meeting 7 Current Status OpenID –Federated solution –User must register at an OpenID server Use OpenID itself Use some other implementation of OpenID server (possibly in the GCI) –Somewhat light impact on data provider –Checking authentication, not authorization –However, Most notable OpenID solutions leverage external identity providers such as Google, Yahoo, and Paypal. Metrics across multiple providers will be problematic without heavier impact on providers. Machine-to-machine issues may exist, but haven’t been tested yet.

January 19-21, 2011 Washington, D.C. GEOSS Data Sharing Task Force 2011 Scoping Meeting 8 Current Status

January 19-21, 2011 Washington, D.C. GEOSS Data Sharing Task Force 2011 Scoping Meeting 9 Current Status Shibboleth –Federated solution –There must exist an Identity Provider (IdP) Needs to be provided by GCI or some other provider. –Not provided by trusted 3 rd parties, such as Google, Yahoo, etc. works in conjunction with a user directory –Active Directroy –LDAP –Very heavy impact on data provider and potentially the GCI –Checking authentication and authorization –However, Metrics across multiple providers will be problematic without a GCI- provided IdP. Machine-to-machine issues may exist without a GCI-provided IdP.

January 19-21, 2011 Washington, D.C. GEOSS Data Sharing Task Force 2011 Scoping Meeting 10 GCI-Centric Solution

January 19-21, 2011 Washington, D.C. GEOSS Data Sharing Task Force 2011 Scoping Meeting 11 Things to Consider Relative impact between data providers and GCI If a GCI component is deemed the way to go, then it needs to be written into the AIP-4 CFP. As seamless and painless as possible for users and providers. Will require a complete implementation guideline for data providers. Should there be a “GEOSS User”? Work continues with AIP-4, how soon is it needed?