05 October 2001 Directories: The Next Stage Keith Hazelton, Senior IT Architect University of Wisconsin-Madison Keith Hazelton, Senior IT Architect University.

Slides:



Advertisements
Similar presentations
04 June 2002, TERENA, Limerick MACE: Directories at Work Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Chair, MACE-Dir Working Group.
Advertisements

FAME-PERMIS Project University of Manchester University of Kent London, July 2006.
1 Leveraging Your Existing Campus Systems to Access Resource Partners: Federated Identity Management and Tales of Campus Participation EDUCAUSE 2006 October.
EduPerson and Federated K-12 Activities InCommon/Quilts Pilot Group February 27, 2014 Keith Hazelton UW-Madison, InCommon/I2.
Internet2 Middleware BASE CAMP slides Michael R. Gettes Principal Technologist Georgetown University
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
Welcome to CAMP Shibboleth Ken Klingenstein, Director, Internet2 Middleware Initiative.
Welcome to CAMP! Ken Klingenstein, Director, Internet2 Middleware Initiative.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
NSF Middleware Initiative: GridShib Tom Barton University of Chicago.
CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,
InCommon Policy Conference April Uses  In order to encourage and facilitate legal music programs, a number of universities have contracted with.
Welcome to CAMP Identity Management Integration Workshop Ann West NMI-EDIT EDUCAUSE/Internet2.
NMI-EDIT Outreach: The first five years. Topics for Today  NMI-EDIT background  Activities  Outcomes  Resources.
Directories and PKI Keith Hazelton Senior IT Architect, UW-Madison PKI Summit, Snowmass, 9-Aug-01.
EDUCAUSE PKI Working Group Where Are We and Where are We Going.
07 May 2002, I2 Member Meeting MACE: Directories at Work Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Chair, MACE-Dir Working Group.
Ray Collins27th September 2005LGfL Project – workshop report1 LGfL Project Report Proof of Principle of the Shibboleth Authentication & Authorisation Infrastructure.
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.
Directory Services at UMass  Directory Services Overview  Some common definitions  What can a directory do or not do?  User Needs Assessment  What.
01 February 2002 Directories are Fundamental Keith Hazelton, Senior IT Architect University of Wisconsin-Madison Keith Hazelton, Senior IT Architect University.
Australian Access Federation and other Middleware Initiatives Presented at TF-EMC2, Prague 4 Sep 2007 Patty McMillan, The University of Queensland.
Shib-Grid Integrated Authorization (Shintau) George Inman (University of Kent) TF-EMC2 Meeting Prague, 5 th September 2007.
What is Cyberinfrastructure? Russ Hobby, Internet2 Clemson University CI Days 20 May 2008.
Top Issues Facing Information Technology at UAB Sheila M. Sanders UAB Vice President Information Technology February 8, 2007.
Shibboleth Update Michael Gettes Principal Technologist Georgetown University Ken Klingenstein Director Interne2 Middleware Initiative.
UCLA Enterprise Directory Identity Management Infrastructure UC Enrollment Service Technical Conference October 16, 2007 Ying Ma
NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.
Internet2 Middleware Initiative. Discussion Outline  What is Middleware why is it important why is it hard  What are the major components of middleware.
Shibboleth at Columbia Update David Millman R&D July ’05
Shibboleth: An Introduction
Shibboleth Access Management System Walter Hoehn & David Millman, Columbia University.
19 May 2003, TERENA, Zagreb Civilizing eduPerson Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Chair, MACE-Dir Working Group Keith Hazelton,
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 NMI R3 Enterprise Directory Components.
1 Protection and Security: Shibboleth. 2 Outline What is the problem Shibboleth is trying to solve? What are the key concepts? How does the Shibboleth.
Going Forward: Year 2 NMI and Higher Ed Middleware.
GRID Overview Internet2 Member Meeting Spring 2003 Sandra Redman Information Technology and Systems Center and Information Technology Research Center National.
February 1, 2002 Internet2 Middleware Initiative and MACE RL "Bob" Morgan, University of Washington.
Mairéad Martin The University of Tennessee December 16, 2015 Federated Digital Rights Management.
Shibboleth & Federated Identity A Change of Mindset University of Texas Health Science Center at Houston Barry Ribbeck
A Word from the Sponsors NMI-EDIT comprises Internet2 and EDUCAUSE –NSF Middleware Initiative (NMI)-Enterprise and Desktop Integration Technologies Consortium.
NMI-EDIT AND Small College Security & ID Management Issues Discussion John Bruggeman, Director of Information Systems, Hebrew Union College-Jewish Institute.
Welcome to Base CAMP: Enterprise Directory Deployment Ken Klingenstein, Director, Internet2 Middleware Initiative Copyright Ken Klingenstein This.
University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.
NSF Middleware Initiative Purpose To design, develop, deploy and support a set of reusable, expandable set of middleware functions and services that benefit.
30 November 2001 Advisory Panel on Cyber Infrastructure National Science Foundation Douglas Van Houweling November 30, 2001 National Science Foundation.
Shibboleth Update January, 2001 Ken Klingenstein, Project Director, Internet2 Middleware Initiative Chief Technologist, University of Colorado at Boulder.
October 2, 2001 Middleware: Pieces and Processes RL "Bob" Morgan, University of Washington.
Authorization: Just when you thought middleware was no fun anymore Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Member, Internet2 Middleware.
NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Renee Woodten Frost Internet2/University of Michigan.
2-Oct-0101 October 2001 Directories as Middleware Keith Hazelton, Senior IT Architect University of Wisconsin-Madison Keith Hazelton, Senior IT Architect.
Bringing it All Together: Charting Your Roadmap CAMP: Charting Your Authentication Roadmap February 8, 2007 Paul Caskey Copyright Paul Caskey This.
May I introduce you to eduPerson? Keith Hazelton Sr. IT Architect, UW-Madison TNC 2001, Antalya, Turkey, 15-May-2001.
NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.
TF-EMC2 – Campus Issues Torbjörn Wiberg Malaga
Authority Management Systems Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Middleware Architecture Committee for Education, Internet2.
Welcome to CAMP Directory Workshop Ken Klingenstein, Internet2 and University of Colorado-Boulder.
Middleware: Directories LDAP-Recipe Michael R Gettes Georgetown University.
CAMP Shibboleth: Next Steps Steve Carmody, Brown University Ann West, Educause/Internet2/Michigan Tech.
CAMP Wrap-up: Identity Management Resources from NMI-EDIT.
Directory based Middleware Services Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Middleware Architecture Committee for Education, Internet2.
01 October 2001 “...By Any Other Name…”. Consequences and Truths (Ken) The Pieces and the Processes (Bob) Directories (Keith) Shibboleth and SAML (Scott)
NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Mark Luker, EDUCAUSE Copyright Mark Luker, This work is the intellectual.
Vidmid Session Overview
Shibboleth Project at GSU
Current Activities in Middleware
University of Texas System
Federated Digital Rights Management
4th Annual Conference on Technology and Standards Washington
NSF Middleware Initiative: GridShib
Presentation transcript:

05 October 2001 Directories: The Next Stage Keith Hazelton, Senior IT Architect University of Wisconsin-Madison Keith Hazelton, Senior IT Architect University of Wisconsin-Madison

5-Oct-01 2 N O T E ! ! ! For this morning’s session, send questions via to: internet2.edu

5-Oct-01 3 Directories, the Next Stage: Outline MACE-Dir growth courtesy of NMI Game plan for this morning’s session Projects directly under MACE-Dir eduPerson, other object classes Shibboleth support Affiliated directories & VidMid dir bits

5-Oct-01 4 MACE-Dir growth courtesy of NMI NSF Middleware Initiative (NMI) NSF-funded program ($12m) to establish standard environment for scientific and educational computing Recipients: Internet2, Educause, SURA, Grids

5-Oct-01 5 MACE-Dir growth courtesy of NMI Directory work prominent in Internet2 NMI Panelists: volunteers of yesteryear, their home institutions will now be reimbursed The top tasks for year one? Watch today’s presentations

5-Oct-01 6 MACE-Dir growth courtesy of NMI I2 Middleware Architecture Committee for Education Shibboleth VidMid HEPKIMACE-Dir Groups MetadirAffil. Dirs....

5-Oct-01 7 MACE-Dir growth courtesy of NMI MACE-Dir Technical Advisory Board World class experts like: David Chadwick (X.500 fame) Kurt Zeilenga (IBM, OpenLDAP) Kim Cameron (MS, Zoomit) & more To stress-test and improve our ideas

5-Oct-01 8 Gameplan for this session Keith Hazelton: eduObjects, affiliated dirs. Michael Gettes: Dir. of Dirs. for Higher Ed. Tom Barton: Groups and roles in directories Richard Jones: Metadirectories Panel discussion / Q & A

5-Oct-01 9 eduPerson, other eduObject classes eduObjects: People, Organizations, Services, Resources,… Widely implemented common attributes Extensible object classes (your attr.here) Lower impedance in application access to info No need to invest in your own wheel factory

5-Oct eduPerson, other eduObject classes The tough parts: Being smart in picking the attributes worth the long, hard journey to consensus Being modest about how much of the ocean to boil Engaging the critical stakeholders Promulgating achieved goodness

5-Oct eduObject win: Shibboleth support Authenticate locally, access resources globally Secure sharing of authorization information between home institution and target site eduOrganization information essential

5-Oct eduObject win: Shibboleth support Person taking a for-credit course at a different institution: Need to define, create and share new data elements such as class names, majors, without risking naming chaos Need to define equivalency mappings

5-Oct eduObject win: Shibboleth support And further out there: What if we had shareable object classes that could carry access control policies? A more flexible and dynamic Shibboleth

5-Oct Affiliated directories Discarded goal: Single huge institutional directory with all attributes anyone and any application will ever need New goal: One institutional directory that manages identity across IT systems; Plus a federation of special-purpose directories with complementary contents

5-Oct Affiliated directories wins If we find a solid approach and offer tools: NASA could launch object classes at the same time as a new International Space Station experimental module Auto-linked to the assigned investigators at research centers and universities Keep investigator contact info current

5-Oct Affiliated directories wins MACE-VidMid could create vendor supported solution for authenticated, controlled access to video streams Basic person information in general purpose directory Video attributes in application-specific directory Mappings from person to workstation

5-Oct Affiliated directories: the challenges How to associate an attribute value with its ultimate, authoritative source, and trust that it has not been altered in transit Digital signatures look like part of the solution How to agree upon who is authoritative for what

5-Oct Affiliated directories: the challenges How to link identities across directories How to make the linkage persistent in the face of identifier changes How not to degrade privacy as information repositories aggregate bits and pieces of personal information

5-Oct Affiliated directories: the challenges Not to mention synchronizing data without benefit of synchronization standards If MACE-Dir and its working groups can meet challenges such as these, NMI will have gotten real value for its investment

5-Oct Conclusion Track NMI Directory work, or better yet, participate

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.