Presentation is loading. Please wait.

Presentation is loading. Please wait.

Shibboleth Roadmap -- 2005.

Published byHillary Harris Modified over 6 years ago

Similar presentations

Presentation on theme: "Shibboleth Roadmap -- 2005."— Presentation transcript:

1 Shibboleth Roadmap

2 Sequence Shibboleth v1.3 Restructuring of Federations
E-Authentication Certification Restructuring of Federations The Transition to InCommon “Negative Trust” Federation International Federation Peering Shibboleth and Grids Futures WS* Interop Interim Release – Support for Some of SAML 2.0 Full SAML 2.0 Support

3 Shibboleth v1.3 Planned Availability -- June 1, 2005
Major New Functionality Full SAML v1.1 support -- BrowserArtifact Profile and AttributePush Support for SAML-2 metadata schema Improved Multi-Federation Support Support for the Federal Gov’t’s E-authn Profile Native Java SP Implementation Improved build process

4 E-Authn Certification
V1.3 has already successfully navigated interoperability testing Scheduled for Certification Testing the week of June 20 Campuses could then Join the E-authn Federation Use the Shibboleth software to access e-authn enabled federal gov’t web sites More E-authn info available at

5 Restructuring of Federations
The Transition to InCommon InCommon is now “Real” Campuses and Vendors are Transitioning… May soon see negative incentives for long term membership in InQueue “Negative Trust” Federation Available for software development, testing Self-service application to register Expect to see many relatives of Donald Duck as members International Federation Peering Moving forward… Vendors moving toward supporting multi-federation world

6 Shibboleth and Grids • Shib/SAML is currently web-browser centric
so doesn't apply to more general protocols yet can easily apply to Grid portals SAML could carry certs/keys as attributes • Grid-Shib project NSF-funded focus on access to campus Attribute Authority to provide attributes for Grid service authz decisions

7 WS* Interop Web Services is a big deal • WS-Security
much practice, much promise, much hype great potential for multi-vendor integration • WS-Security base spec is OASIS standard, but only first 5% many layered specs: WS-Policy, -Trust, Conversation, -Federation, -Resource, etc standard/IPR status not clear SAML can be carried as WS-Sec “token” Microsoft federation software uses SAML assertions but WS-Fed protocol

8 WS* Interop -- Status Agreements to build WS-Fed interoperability into Shib Contracts signed; work to begin After Shib v1.3 WS-Federation + Passive Requestor Profile + Passive Requestor Interoperability Profile Discussions broached, by Microsoft, in building Shib interoperabilty into WS-Fed; no further discussions Devils in the details Can WS-Fed-based SPs work in InCommon without having to muck up federation metadata with WS-Fed-specifics? All the stuff besides WS-Fed in the WS-* stack

9 WS* Interop -- High Level Goals
Establish interoperability of the ADFS Identity Provider and Service Provider implementations (and any other WS-F/PRP/PRIP Provider conformant implementations), with the Internet2 Shibboleth System Identity Provider and Service Provider implementations. Establish ADFS as a supported option for use for Identity Provider and Service Provider deployments in the Internet2-operated InCommon Federation of US higher-education and partner sites. Build a strategic relationship with a fully deployed and leading edge federation (InCommon) and the higher ed academic community.

10 Shibboleth -- Interim Release
Target Date -- within Calendar 2005 Include some SAML-2 Functionality Rely on feedback from user community to identify SAML-2 features which are HI priority Discussion started yesterday during WG meeting

11 SAML 2.0 Support SAML-2 approved March 2005
Target Date -- mid-year 2006 Expect to provide support for ALL REQUIRED SAML-2 functionality Who wants to help?

12

Download ppt "Shibboleth Roadmap -- 2005."

Similar presentations

Lousy Introduction into SWITCHaai

Lousy Introduction into SWITCHaai
Scaling TeraGrid Access A Testbed for Attribute-based Authorization and Leveraging Campus Identity Management

Scaling TeraGrid Access A Testbed for Attribute-based Authorization and Leveraging Campus Identity Management
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.

Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
US E-authentication and the Culture of Compliance RL “Bob” Morgan University of Washington CAMP, June 2005.

US E-authentication and the Culture of Compliance RL “Bob” Morgan University of Washington CAMP, June 2005.
T-110.5140 Network Application Frameworks and XML Service Federation 30.04.2007 Sasu Tarkoma.

T Network Application Frameworks and XML Service Federation Sasu Tarkoma.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.

1 eAuthentication in Higher Education Tim Bornholtz Session #47.
UC Irvine’s Pre-Shib Attribute Setup PH / QI Directory Provides Authoritative Attribute Store –Had both Faculty / Staff and Student Information UCI’s Campus.

UC Irvine’s Pre-Shib Attribute Setup PH / QI Directory Provides Authoritative Attribute Store –Had both Faculty / Staff and Student Information UCI’s Campus.
Presenter’s Name InCommon Approximately 80 members and growing steadily More than two million “users” Most of the major research institutions (MIT joining.

Presenter’s Name InCommon Approximately 80 members and growing steadily More than two million “users” Most of the major research institutions (MIT joining.
Shibboleth-intro-dec051 Shibboleth A Technical Overview Tom Scavo NCSA.

Shibboleth-intro-dec051 Shibboleth A Technical Overview Tom Scavo NCSA.
NOS Objectives, YR 4&5 Tony Rimovsky. 4.2 Expanding Secure TeraGrid Access A TeraGrid identity management infrastructure that interoperates with campus.

NOS Objectives, YR 4&5 Tony Rimovsky. 4.2 Expanding Secure TeraGrid Access A TeraGrid identity management infrastructure that interoperates with campus.
To identity federation and beyond! Josh Howlett JANET(UK) HEAnet 2008.

To identity federation and beyond! Josh Howlett JANET(UK) HEAnet 2008.
AAF Middleware update February16 2012 Presented by Terry Smith Technical Manager and Heath Marks Manager.

AAF Middleware update February Presented by Terry Smith Technical Manager and Heath Marks Manager.
The InCommon Federation The U.S. Access and Identity Management Federation www.incommon.org.

The InCommon Federation The U.S. Access and Identity Management Federation
Saml-intro-dec051 Security Assertion Markup Language A Brief Introduction to SAML Tom Scavo NCSA.

Saml-intro-dec051 Security Assertion Markup Language A Brief Introduction to SAML Tom Scavo NCSA.
Web Services Security Standards Overview for the Non-Specialist Hal Lockhart Office of the CTO BEA Systems.

Web Services Security Standards Overview for the Non-Specialist Hal Lockhart Office of the CTO BEA Systems.
Elements of Trust Framework for Cyber Identity & Access Services CYBER TRUST FRAMEWORK Service Agreement Trust Framework Provider Identity Providers Credential.

Elements of Trust Framework for Cyber Identity & Access Services CYBER TRUST FRAMEWORK Service Agreement Trust Framework Provider Identity Providers Credential.
2005 © SWITCH Perspectives of Integrating AAI with Grid in EGEE-2 Christoph Witzig Amsterdam, October 17, 2005.

2005 © SWITCH Perspectives of Integrating AAI with Grid in EGEE-2 Christoph Witzig Amsterdam, October 17, 2005.
Helsinki Institute of Physics (HIP) - 2003 Liberty Alliance Overview of the Liberty Alliance Architecture Helsinki Institute of Physics (HIP), May 9 th.

Helsinki Institute of Physics (HIP) Liberty Alliance Overview of the Liberty Alliance Architecture Helsinki Institute of Physics (HIP), May 9 th.
GridShib: Grid/Shibboleth Interoperability September 14, 2006 Washington, DC Tom Barton, Tim Freeman, Kate Keahey, Raj Kettimuthu, Tom Scavo, Frank Siebenlist,

GridShib: Grid/Shibboleth Interoperability September 14, 2006 Washington, DC Tom Barton, Tim Freeman, Kate Keahey, Raj Kettimuthu, Tom Scavo, Frank Siebenlist,
NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.

NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.

Similar presentations

Ads by Google