Why Scoping a is MUST HAVE in a centralized federation model Jacob-Steen Madsen WAYF-sekretariatet

Slides:

Advertisements

Similar presentations

Yahoo OpenID UI Updates Aanchal Gupta November 09.

Advertisements

Federation management A mess? Nordunet Conference Mikael Linden CSC, the Finnish IT Center for Science.

EIFL Thursday, December 15 th, 2011 Brook Schofield Project Development Officer Slide 1.

DK update David Simonsen, WAYF (the federation formerly known as DK-AAI) It's a WAYFIt's about consentIt's a project.

Ørnulf Risnes FIM Workshop #4 Nijmegen, The Netherlands, 22 June 2012 Norwegian Social Science Data Services CESSDA-PPP And Federated Id Management.

FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.

A View into the Mi$t 1 RL "Bob" Morgan University of Washington Co-chair, InCommon Technical Advisory Committee.

1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.

Federated Identity Management for the context of storage Bart Kerver - TERENA Storage-meeting, Amsterdam,

Naam van de Auteur 7 januari 2008 Kennisnet Entree: federated authentication Pieter BruringTechnical Product Manager.

18 th TF-EMC2. WebEx, June 2011 Diego R. Lopez, RedIRIS On the Many Ways to Identity Exchange (Again) Digital identities are more valuable as they are.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

SASL-SAML update Klaas Wierenga Kitten WG 9-Nov-2010.

SWITCHaai Team Introduction to Shibboleth.

Websitepipeline ™ university Customer Logins.  Customer and Account relationship  How to add Customers to the website.

Presented to: TIM Participants By: Dominic (Bud) Timoteo Date: May 4, 2011 Federal Aviation Administration SWIM Laboratory Update Demonstrations and Prototypes.

FIspace SPT Seyhun Futaci. Technology behind FIspace Authentication and Authorization IDM service of Fispace provides SSO solution for web apps, mobile.

AAI-enabled VO Platform “VO without Tears” Christoph Witzig EGI TF, Amsterdam, Sept 15, 2010.

FIM, , Nijmegen CLARIN: status of FIM Dieter Van Uytvanck 1.

Kalmar Union, a Conferedation of Nordic Identity Federations TNC2009 Mikael Linden, CSC Andreas Solberg, UNINETT.

Shibboleth 2.0 IdP Training: Authentication January, 2009.

Administering an Assessment in Thinkgate

Towards Interconnecting the Nordic Identity Federations TNC2007 Walter M Tveter, UiO Mikael Linden, CSC/HAKA Ingrid Melve, Uninett/Feide.

MAT U M A T U Middleware Assisted Take-Up Service For JISC Funded Early Adopters.

Kalmar Union lessons: Findings in federation harmonisation REFEDS Mikael Linden, CSC.

Jamie Hall (ILL). SciencePAD Persistent Identifiers Workshop PANData Software Catalogue January 30th 2013 Jamie Hall Developer IT Services, Institut Laue-Langevin.

Géant-TrustBroker project overview Slides assembled by the Géant-TrustBroker team at Leibniz Supercomputing Centre, Germany for a short presentation by.

Federated Access Management The Motherwell Experience Carole Gray.

Tool to specify User Schema Entity Search –co-ordinates -date/time -class/layer Source Schemas Source 1 Source 2 Source n... GML Data Source 1 Source.

Shibboleth 2.0 Update Ken Klingenstein. 2 Topics Shib v1.3 Status SAML new features Shibboleth 2.0 Features Shibboleth 2.x Features We Need Feedback.

Electronic Student Case File ESCF Presenters: Heather McKay Debbie Borie-Holtz Suzanne Michael Lauren McKim.

Authentication and Authorisation for Research and Collaboration Peter Solagna Milano, AARC General meeting Current status and plans.

Authentication and Authorisation for Research and Collaboration Michał Jankowski, Maciej Brzeźniak AARC General Meeting, Milan.

The UK Access Management Federation John Chapman Project Adviser – Becta.

Haka federation status  24 institutions and IdPs end users 96% coverage in universities, 41% in polytechnics  41 services Elearning Libraries.

Géant-TrustBroker Project Overview Daniela Pöhn 7 th FIM4R meeting Frascati, Italy April 24 th, 2014.

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential.

Fidelity Feedback on SAML 1.X and ID-FF 1.X Patrick Harding Enterprise Architecture Fidelity Investments.

Administrative Information Systems Shibboleth Install Session Technical Information Session for Developers Datta Mahabalagiri.

REFEDS. Rome, October 2009 Attribute space: LoAs, aggregation and reputation.

CSC – Tieteen tietotekniikan keskus Oy CSC – IT Center for Science Ltd. SAML2 draft profile in Haka Vienna Mikael Linden.

Workshop on Security for Web Services. Amsterdam, April 2010 Applying SAML to Identity Data Exchange.

B2access.eudat.eu B2ACCESS User Training How to register with B2ACCESS Version 1 February 2016 This work is licensed under the Creative Commons.

Networks ∙ Services ∙ People Licia Florio TNC, Lisbon Consuming identities across e- Infrastructures 16 June 2015 PDO GÈANT.

Authentication and Authorisation for Research and Collaboration Peter Solagna, Davide Vaghetti, et al. Topics for PY2 activities.

How eduGAIN can help education: a real life story Sabita Behari Product Manager TNC14.

The EGI AAI “CheckIn” Service

Shibboleth Architecture

Azure Active Directory - Business 2 Consumer

Mechanisms of Interfederation

Federation made simple

Prime Service Catalog 12.0 Integration Best Practices – LDAP and SAML Settings.

HMA Identity Management Status

Jean-François Perrin (ILL) - Umbrella Annual Meeting 2015

Scalability of trust and metadata exchange across federations

OpenID Connect Working Group

Identity Federations - Installation and operation

ESA Single Sign On (SSO) and Federated Identity Management

ACS Functionality.

Multi-Domain User Applications Research (JRA3)

It Is All about Identity (Whatever the Sphere)

Single Sign-On (SSO) Authentication

What is a brand in the NSDL as it relates to resources?

Shibboleth 2.0 IdP Training: Introduction

Unit 4. Day 6..

eIDAS-enabled Student Mobility

David Orrell, Adam Snook. REFEDS 40, Tallinn

INTEGRATIONS WITH Single Sign-On

Presentation transcript:

Why Scoping a is MUST HAVE in a centralized federation model Jacob-Steen Madsen WAYF-sekretariatet

Charactaristics of models

Todays user experience in WAYF

Best or Worst of both Worlds?

Business case Price: Password reset costs: 1€ yearly pr. user in direct costs. Inconvinience: It can take up till 3 days

Business case Password reset service using national unique identifier. National unique identifier login is IdP for WAYF National unique identifier login aka’s Bank Login

Scoping as Solution

Commercial Break Please go to JANUS and give us feedback on our Metadata administation module s-1

Attribute Collection (JRA3-T2) Digging out attributes from >1 IdP

Exisisting work - Artifact (SWITCH) (SAML2, back channel) - Oauth (FEIDE) (back channel)

YAAAG Requirements SAML2 Front channel aggregation only (FWPI, Federation Wide Persistent Identifyer)

Plan Work item lead by WAYF SAML2 front channel attribute quiry profile Draft -> circulation -> input -> standardisation Reference implementation in simpleSAMLphp