Download presentation
Presentation is loading. Please wait.
Published byRosamund Stevenson Modified over 8 years ago
1
FIFER Jasig May 2011 1 FIFER: The Free Identity Framework For Education and Research: Blackened Swan Benjamin Oshrin The Oshrinium LLC
2
FIFER Jasig May 2011 2 The Problem (I)
3
FIFER Jasig May 2011 3 (with apologies to IKEA) (and thanks to Jens)
4
Kuali Finance Coeus Student Sakai Open Registry KIM JBoss Rules Open Metadir Grouper COManage MACE-PAccMan OpenSPML OpenPTK Kerberos OpenLDAP OpenCA CAS Shibboleth OpenSSO PubCookie CoSign Spring Sec. SAML InfoCard Oauth OpenID XACML
9
FIFER Current Approach (Still!) Piecemeal Some Higher Ed (lots of HE) –I2: Shibboleth, Grouper, etc –Jasig: CAS, OpenRegistry –Kuali: Rice, KIM –Other: Kerberos, OpenMetaDir Some Not Higher Ed –OpenLDAP, RH 389, etc
10
FIFER Current Approach (Still!) Piecemeal Some More Mature –CAS –Grouper –Kerberos –OpenLDAP –Shibboleth Some Less Mature –OpenRegistry
11
FIFER The Big Picture Need to articulate the Big Picture –Think strategically –Get the message out –More about the technology options than the value proposition of IDM
12
FIFER Free IDM Framework for Education & Research Spun out of ACAMP, now a Jasig Community Of Practice https://wiki.jasig.org/display/FIFER
13
FIFER Goal #1 Provide information on current viable open source identity management technologies, suitable for both technologists and management, to inform procurement processes
14
FIFER Goal #2 Assess the state of emerging open source identity management technologies, to better align resources towards developing projects
15
FIFER Goal #3 Develop and document a reference architecture for identity and access management in higher education, based on open standards
16
FIFER Goal #4 Identify gaps in the open source identity management stack, and potential approaches for filling those gaps
17
FIFER Goal #5 Marshal resources to help deployers take advantage of available open source identity management technologies, to help emerging technologies to develop, and to fill gaps not currently being addressed
18
FIFER Status Reference Architecture drafted Marketing sorely lacking Alignment of efforts still very ad hoc –Opportunities in Registry and Provisioning, but difficult to leverage Lots of people like to talk, but converting talk into action is challenging Standard resourcing challenges still apply
19
FIFER Functional Areas: Identity Data Mgmt Person Registration and Profile Management Identity Reconciliation Identifier Management Authenticator Management Group Management Role Management Access/Permission/Privilege Management Attribute Management Identity Data Workflow Delegated Administration and Self Service
20
FIFER Functional Areas: Identity Services Provisioning and Deprovisioning Authentication Authorization Directory Single Sign On (Local and Federated) Presence Reporting
21
FIFER
22
Next Steps TCO Analysis Marketing Materials –Especially for senior management Alignment of Work Efforts –Registries –Provisioning Identification of Resources Need for Volunteers
23
FIFER Jasig May 2011 23 The Problem (II)
24
FIFER Jasig May 2011 24
25
FIFER Jasig May 2011 25 FIFER API The FIFER-API initiative is intended to advance the development and adoption of standardized APIs for identity services https://wiki.jasig.org/display/FIFER/API Currently working on Group API –Plain Old XML over HTTPS –REST? SOAP? Apache Thrift?
26
FIFER Jasig May 2011 26 getMembers() SubjectList getMembers(GroupLookup group, enum immediacy=any) Input group: GroupLookup object immediacy: Constraint on search for subject as an immediate, nonimmediate, or any member of group Output List of Subject objects Availability Mandatory
27
FIFER Jasig May 2011 27 groupGetMembersRequest <requestMetadata clientType="FIFER PHP" clientVersion="1.0.0.0" protocolVersion="1.0.0.0" /> <groupLookup handle="fifergroup://grouper.school.edu/folder/folder2/groupName" />
28
FIFER Jasig May 2011 28 groupGetMembersResponse <group id="234j2h4lk243lkj23lk23j" handle="fifergroup://grouper.school.edu/folder/folder2/groupName" /> <responseMetadata serverType="FIFER Java" requestId="1234567890abcdef1234567890" serverVersion="1.0.0.0" protocolVersion="1.0.0.0" success="T" resultCode="SUCCESS" serverMillis="345" />
29
FIFER Jasig May 2011 29 Join In FIFER API FIFER Marketing FIFER Provisioning FIFER Registry
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.