Presentation is loading. Please wait.

Presentation is loading. Please wait.

FIFER Jasig May 2011 1 FIFER: The Free Identity Framework For Education and Research: Blackened Swan Benjamin Oshrin The Oshrinium LLC.

Published byRosamund Stevenson Modified over 8 years ago

Similar presentations

Presentation on theme: "FIFER Jasig May 2011 1 FIFER: The Free Identity Framework For Education and Research: Blackened Swan Benjamin Oshrin The Oshrinium LLC."— Presentation transcript:

1 FIFER Jasig May 2011 1 FIFER: The Free Identity Framework For Education and Research: Blackened Swan Benjamin Oshrin The Oshrinium LLC

2 FIFER Jasig May 2011 2 The Problem (I)

3 FIFER Jasig May 2011 3 (with apologies to IKEA) (and thanks to Jens)

4 Kuali Finance Coeus Student Sakai Open Registry KIM JBoss Rules Open Metadir Grouper COManage MACE-PAccMan OpenSPML OpenPTK Kerberos OpenLDAP OpenCA CAS Shibboleth OpenSSO PubCookie CoSign Spring Sec. SAML InfoCard Oauth OpenID XACML

5

6

7

8

9 FIFER Current Approach (Still!) Piecemeal Some Higher Ed (lots of HE) –I2: Shibboleth, Grouper, etc –Jasig: CAS, OpenRegistry –Kuali: Rice, KIM –Other: Kerberos, OpenMetaDir Some Not Higher Ed –OpenLDAP, RH 389, etc

10 FIFER Current Approach (Still!) Piecemeal Some More Mature –CAS –Grouper –Kerberos –OpenLDAP –Shibboleth Some Less Mature –OpenRegistry

11 FIFER The Big Picture Need to articulate the Big Picture –Think strategically –Get the message out –More about the technology options than the value proposition of IDM

12 FIFER Free IDM Framework for Education & Research Spun out of ACAMP, now a Jasig Community Of Practice https://wiki.jasig.org/display/FIFER

13 FIFER Goal #1 Provide information on current viable open source identity management technologies, suitable for both technologists and management, to inform procurement processes

14 FIFER Goal #2 Assess the state of emerging open source identity management technologies, to better align resources towards developing projects

15 FIFER Goal #3 Develop and document a reference architecture for identity and access management in higher education, based on open standards

16 FIFER Goal #4 Identify gaps in the open source identity management stack, and potential approaches for filling those gaps

17 FIFER Goal #5 Marshal resources to help deployers take advantage of available open source identity management technologies, to help emerging technologies to develop, and to fill gaps not currently being addressed

18 FIFER Status Reference Architecture drafted Marketing sorely lacking Alignment of efforts still very ad hoc –Opportunities in Registry and Provisioning, but difficult to leverage Lots of people like to talk, but converting talk into action is challenging Standard resourcing challenges still apply

19 FIFER Functional Areas: Identity Data Mgmt Person Registration and Profile Management Identity Reconciliation Identifier Management Authenticator Management Group Management Role Management Access/Permission/Privilege Management Attribute Management Identity Data Workflow Delegated Administration and Self Service

20 FIFER Functional Areas: Identity Services Provisioning and Deprovisioning Authentication Authorization Directory Single Sign On (Local and Federated) Presence Reporting

21 FIFER

22 Next Steps TCO Analysis Marketing Materials –Especially for senior management Alignment of Work Efforts –Registries –Provisioning Identification of Resources Need for Volunteers

23 FIFER Jasig May 2011 23 The Problem (II)

24 FIFER Jasig May 2011 24

25 FIFER Jasig May 2011 25 FIFER API The FIFER-API initiative is intended to advance the development and adoption of standardized APIs for identity services https://wiki.jasig.org/display/FIFER/API Currently working on Group API –Plain Old XML over HTTPS –REST? SOAP? Apache Thrift?

26 FIFER Jasig May 2011 26 getMembers() SubjectList getMembers(GroupLookup group, enum immediacy=any) Input group: GroupLookup object immediacy: Constraint on search for subject as an immediate, nonimmediate, or any member of group Output List of Subject objects Availability Mandatory

27 FIFER Jasig May 2011 27 groupGetMembersRequest <requestMetadata clientType="FIFER PHP" clientVersion="1.0.0.0" protocolVersion="1.0.0.0" /> <groupLookup handle="fifergroup://grouper.school.edu/folder/folder2/groupName" />

28 FIFER Jasig May 2011 28 groupGetMembersResponse <group id="234j2h4lk243lkj23lk23j" handle="fifergroup://grouper.school.edu/folder/folder2/groupName" /> <responseMetadata serverType="FIFER Java" requestId="1234567890abcdef1234567890" serverVersion="1.0.0.0" protocolVersion="1.0.0.0" success="T" resultCode="SUCCESS" serverMillis="345" />

29 FIFER Jasig May 2011 29 Join In FIFER API FIFER Marketing FIFER Provisioning FIFER Registry

Download ppt "FIFER Jasig May 2011 1 FIFER: The Free Identity Framework For Education and Research: Blackened Swan Benjamin Oshrin The Oshrinium LLC."

Similar presentations

Pennsylvania Banner Users Group 2008 Fall Conference Campus Identity Management in a Banner World.

Pennsylvania Banner Users Group 2008 Fall Conference Campus Identity Management in a Banner World.
Towards Common Identity Services Tom Barton University of Chicago.

Towards Common Identity Services Tom Barton University of Chicago.
June 10-15, 2012 Growing Community; Growing Possibilities Benn Oshrin, The Oshrinium, LLC Keith Hazelton, UW-Madison, Internet2 CIFER Community Identity.

June 10-15, 2012 Growing Community; Growing Possibilities Benn Oshrin, The Oshrinium, LLC Keith Hazelton, UW-Madison, Internet2 CIFER Community Identity.
Presenter(s): Candace Soderston Matt Sargent Bill Yock Date:November 16, 2011 Time:2:30 to 3:30 pm Help Shape the Future of Open Source Identity and Access.

Presenter(s): Candace Soderston Matt Sargent Bill Yock Date:November 16, 2011 Time:2:30 to 3:30 pm Help Shape the Future of Open Source Identity and Access.
Copyright Dave Steiner and Jeremy Rosenberg 2010. This work is the intellectual property of the authors. Permission is granted for this material to be.

Copyright Dave Steiner and Jeremy Rosenberg This work is the intellectual property of the authors. Permission is granted for this material to be.
Kuali Identity Management: Introduction and Implementation Options Jasig - Spring 2010 Wednesday, March 10, 2010 8:30 am.

Kuali Identity Management: Introduction and Implementation Options Jasig - Spring 2010 Wednesday, March 10, :30 am.
Introduction to Kuali Rice ITANA Screen2Screen: Kuali on Campus May 2009 Eric Westfall – Kuali Rice Project Manager.

Introduction to Kuali Rice ITANA Screen2Screen: Kuali on Campus May 2009 Eric Westfall – Kuali Rice Project Manager.
Bill Yock University of Washington Coordinating Education and Research Communities to radically improve Identity and Access Management. Shel.

Bill Yock University of Washington Coordinating Education and Research Communities to radically improve Identity and Access Management. Shel.
WSO2 Identity Server Road Map

WSO2 Identity Server Road Map
Emory University Case Study I2 Day Camp November 5, 2010 John Ellis & Elliot Kendall.

Emory University Case Study I2 Day Camp November 5, 2010 John Ellis & Elliot Kendall.
Presenter(s): Candace Soderston Matt Sargent Bill Yock Date:November 16, 2011 Time:2:30 to 3:30 pm Help Shape the Future of Open Source Identity and Access.

Presenter(s): Candace Soderston Matt Sargent Bill Yock Date:November 16, 2011 Time:2:30 to 3:30 pm Help Shape the Future of Open Source Identity and Access.
Prabath Siriwardena Senior Software Architect. An open source Identity & Entitlement management server.

Prabath Siriwardena Senior Software Architect. An open source Identity & Entitlement management server.
Aegis Identity Software, Inc. presents Trends in Identity and Access Management in Higher Education to US Federations June 20, 2012 Janet Yarbrough – Director.

Aegis Identity Software, Inc. presents Trends in Identity and Access Management in Higher Education to US Federations June 20, 2012 Janet Yarbrough – Director.
 Wikipedia Says… “Single Sign On (SSO) is a property of access control of multiple, related, but independent software systems. With this property a user.

 Wikipedia Says… “Single Sign On (SSO) is a property of access control of multiple, related, but independent software systems. With this property a user.
June 10-15, 2012 Growing Community; Growing Possibilities Dedra Chamberlin, UCSF/UC Berkeley Eric Westfall, Indiana University.

June 10-15, 2012 Growing Community; Growing Possibilities Dedra Chamberlin, UCSF/UC Berkeley Eric Westfall, Indiana University.
Technical Overview of Kuali Rice UC Davis, Information & Educational Technology January 2009.

Technical Overview of Kuali Rice UC Davis, Information & Educational Technology January 2009.
Authorization Scenarios with Signet RL “Bob” Morgan University of Washington Internet2 Member Meeting, September 2004.

Authorization Scenarios with Signet RL “Bob” Morgan University of Washington Internet2 Member Meeting, September 2004.
APS (Keystone) Security “dial tone” Doron Grinstein Chief Architect October 2012 | Version 0.2 | Confidential.

APS (Keystone) Security “dial tone” Doron Grinstein Chief Architect October 2012 | Version 0.2 | Confidential.
Kuali Rice at Indiana University Rice Setup Options July 29-30, 2008 Eric Westfall.

Kuali Rice at Indiana University Rice Setup Options July 29-30, 2008 Eric Westfall.
BfB: Supporting Collaboration with Infrastructure.

BfB: Supporting Collaboration with Infrastructure.

Similar presentations

Ads by Google