Presentation is loading. Please wait.

Presentation is loading. Please wait.

Keeping Your Federation in Shape Discussion with InCommon Technical Advisory Committee Members Jim Basney Scott Cantor Tom Barton.

Published byNeal Manning Modified over 8 years ago

Similar presentations

Presentation on theme: "Keeping Your Federation in Shape Discussion with InCommon Technical Advisory Committee Members Jim Basney Scott Cantor Tom Barton."— Presentation transcript:

1 Keeping Your Federation in Shape Discussion with InCommon Technical Advisory Committee Members Jim Basney Scott Cantor Tom Barton

2 TAC’s Role Facilitate campus tech implementations –Metadata management –InCommon metadata schema extensions –Specifications, guidance & notifications –Supportive services Advise & recommend to Steering Committee on tech matters –SSL & end-user certs –eduRoam? Community engagement –Working groups –IAM Online (with EDUCAUSE & MACE/Internet2) –Gather feedback & requirements

3 Topics for Today Gotcha’s to watch out for Federated Security Incident Response Upgrading to shib 2.X uApprove Balancing metadata for InCommon, ASPs, other external federations, internal webSSO Campus openID needs What aren’t we doing that we should?

4 Watch out for these SOAP endpoint issues New InC signing cert Good entityId practice: use URLs –But watch out for older SPs that assume URN form Keep your metadata up to date! –Publishing schedule Keys – yes. PKI – no! Expiring certs

5 How to upgrade to shib 2.X (or maybe how not to) Show of hands: –Running 2.X IdP –Running 1.X IdP –# months until upgrade Stories from the room InC’s support for test IdP’s SAML/shib 2 metadata –SOAP endpoint issues

6 FEDERATED SECURITY INCIDENT MANAGEMENT

7 uApprove Who is doing it? How’s it going? Who plans to? What’s needed on campus in addition to uApprove itself? Requirements for metadata extensions?

8 Comodo User Certs Who wants them? –Sooner, later For what? –Authentication? –Signing? –Encryption? Key escrow? For which campus groups? Comodo-campus interface needs –How many points of contact? –What capabilities?

9 Balancing campus metadata management Campus stories in managing –InC metadata –Other external federation’s metadata –ASP metadata –Metadata for shib-based campus SSOWA* *SSO with Attributes

10 More discussion, time permitting Shib, InC, and campus openID needs What do you wish InC would do but doesn’t? –Should we stop or change something we’re doing? Silver  this afternoon at 2:30

11 https://spaces.internet2.edu/display/InCCollaborate/Home https://spaces.internet2.edu/display/SHIB2 http://www.incommonfederation.org/

Download ppt "Keeping Your Federation in Shape Discussion with InCommon Technical Advisory Committee Members Jim Basney Scott Cantor Tom Barton."

Similar presentations

Federated Identity for Grid Architects Tom Scavo NCSA

Federated Identity for Grid Architects Tom Scavo NCSA
Eduserv Athens Federations David Orrell Eduserv Athens Technical Architect.

Eduserv Athens Federations David Orrell Eduserv Athens Technical Architect.
TIER – before, now and after If you do not talk this will be a very long hour because we can only repeat the same stuff for so long… 1.

TIER – before, now and after If you do not talk this will be a very long hour because we can only repeat the same stuff for so long… 1.
Trends in Identity Management Nate Klingenstein Internet2 EDUCAUSE Security Professional 2007.

Trends in Identity Management Nate Klingenstein Internet2 EDUCAUSE Security Professional 2007.
GridShib: Campus/Grid RBAC Integration GGF15 Workshop: Leveraging Site Infrastructure for Multi-Site Grids October 3th, 2005 Von Welch

GridShib: Campus/Grid RBAC Integration GGF15 Workshop: Leveraging Site Infrastructure for Multi-Site Grids October 3th, 2005 Von Welch
Federated Identity, Shibboleth, and InCommon Tom Barton University of Chicago © 2009 The University of Chicago.

Federated Identity, Shibboleth, and InCommon Tom Barton University of Chicago © 2009 The University of Chicago.
Interfederation subgroup of InCommon Technical Advisory Committee (TAC) spaces.internet2.edu/display/incinterfed.

Interfederation subgroup of InCommon Technical Advisory Committee (TAC) spaces.internet2.edu/display/incinterfed.
US E-authentication and the Culture of Compliance RL “Bob” Morgan University of Washington CAMP, June 2005.

US E-authentication and the Culture of Compliance RL “Bob” Morgan University of Washington CAMP, June 2005.
Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.

Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.
Attributes, Anonymity, and Access: Shibboleth and Globus Integration to Facilitate Grid Collaboration 4th Annual PKI R&D Workshop Tom Barton, Kate Keahey,

Attributes, Anonymity, and Access: Shibboleth and Globus Integration to Facilitate Grid Collaboration 4th Annual PKI R&D Workshop Tom Barton, Kate Keahey,
Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.

Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.
UC Irvine’s Pre-Shib Attribute Setup PH / QI Directory Provides Authoritative Attribute Store –Had both Faculty / Staff and Student Information UCI’s Campus.

UC Irvine’s Pre-Shib Attribute Setup PH / QI Directory Provides Authoritative Attribute Store –Had both Faculty / Staff and Student Information UCI’s Campus.
Federated Identity for Scientific Collaborations: Policy Issues Jim Basney 2 nd Workshop on Federated Identity Systems for Scientific.

Federated Identity for Scientific Collaborations: Policy Issues Jim Basney 2 nd Workshop on Federated Identity Systems for Scientific.
Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.

Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.
Winter 2011 CSG Workshop: InCommon Silver January 12, 2011.

Winter 2011 CSG Workshop: InCommon Silver January 12, 2011.
University of Chicago University of Illinois Indiana University University of Iowa University of Maryland University of Michigan Michigan State University.

University of Chicago University of Illinois Indiana University University of Iowa University of Maryland University of Michigan Michigan State University.
1 11 th Fed/Ed PKI Meeting Some quick updates from recent HEPKI-TAG and SURA work Jim Jokl

1 11 th Fed/Ed PKI Meeting Some quick updates from recent HEPKI-TAG and SURA work Jim Jokl
Using InCommon Client Certs for eduroam Jeff Hagley and Ryan Martin October 3 rd, 2011 Internet2 Fall Member Meeting.

Using InCommon Client Certs for eduroam Jeff Hagley and Ryan Martin October 3 rd, 2011 Internet2 Fall Member Meeting.
Shibboleth 2.0 : An Overview for Developers Scott Cantor The Ohio State University / Internet2 Scott Cantor The Ohio.

Shibboleth 2.0 : An Overview for Developers Scott Cantor The Ohio State University / Internet2 Scott Cantor The Ohio.
SAML-based Delegation in Shibboleth Scott Cantor Internet2/The Ohio State University.

SAML-based Delegation in Shibboleth Scott Cantor Internet2/The Ohio State University.

Similar presentations

Ads by Google