Presentation is loading. Please wait.

Presentation is loading. Please wait.

Björn Erik Abt :: Paul Scherrer Institut

Published byAurora Tikkanen Modified over 6 years ago

Similar presentations

Presentation on theme: "Björn Erik Abt :: Paul Scherrer Institut"— Presentation transcript:

1 Björn Erik Abt :: Paul Scherrer Institut
umbrellaID: eduTEAMS

2 Background It would be very useful to have additional user attributes in umbrellaID PoC of an Attribute Authority inside the umbrellaID was created: Raised data protection concerns A proposed solution was to use the functionality provided by eduTEAMS: We would get rid of the data protection concerns The service is run by GÉANT (trustworthy) No separate development needed Chance of higher visibility for umbrellaID

3 Timeline of Events : First contact and request to participate : Finalised collaboration agreement for pilot : Meeting at SWITCH in Zurich February 2016: Implementation of Registration procedure March 2017: Implementation of Login procedure April 2017: Testing and finalisation of a successful pilot

4 What is eduTEAMS? Create virtual teams and add users to it (self registration possible) Assign team specific attributes Team members can be linked to services

5 eduTEAMS in umbrellaID Context
Pilot Description Implement and install an attribute authority for the umbrellaID system. Problem umbrellaID does have a very limited set of user attributes by design. Certain service providers require more information than umbrellaID can deliver at the moment, e.g. address. Aim Allowing users to add additional attributes on their behalf to their umbrellaID account would allow umbrellaID accounts to consume services with a higher demand of released attributes. This would strengthen the umbrellaID federation in general. Pilot Goals Registration procedure Login procedure

6 How does it look like?

7 How does it look like?

8 How does it look like?

9 And how about the architecture?
Current architecture

10 And how about the architecture?
Proposed architecture

11 Where do we still see potential issues?
The user interface is quite complicated for non IT staff. Navigation in eduTEAMS requires many clicks. Editing of my attributes is rather hidden. ORCID integration is on the roadmap. Currently each service provider must be configured to use it: This could be solved at the IdP level.

12 What are the next steps? The pilot was conducted on the eduTEAMS test platform. To get on the live platform the umbrellaID IdP must join eduGAIN. Develop a possibility to aggregate the users attribute at IdP level: Prevent reconfiguration of each SP The service is free for attributes which do not feed further protection

13 Wir schaffen Wissen – heute für morgen

Download ppt "Björn Erik Abt :: Paul Scherrer Institut"

Similar presentations

JISC Metaleth Project Athens, Shibboleth and the University of Bristol 29 th January 2007.

JISC Metaleth Project Athens, Shibboleth and the University of Bristol 29 th January 2007.
2006 © SWITCH Authentication and Authorization Infrastructures in e-Science (and the role of NRENs) Christoph Witzig SWITCH e-IRG, Helsinki, Oct 4, 2006.

2006 © SWITCH Authentication and Authorization Infrastructures in e-Science (and the role of NRENs) Christoph Witzig SWITCH e-IRG, Helsinki, Oct 4, 2006.
Agenda Project beginnings and funding. Purpose of the federation. Federation members. Federation protocols. Special features in our federation. Pilot.

Agenda Project beginnings and funding. Purpose of the federation. Federation members. Federation protocols. Special features in our federation. Pilot.
Widely Distributed Access Management Tom Barton University of Chicago.

Widely Distributed Access Management Tom Barton University of Chicago.
EduGAIN Code of Conduct Workshop, 2012-02-09, Brussels GEANT eduGAIN Data Protection Code of Conduct Workshop Dieter Van Uytvanck

EduGAIN Code of Conduct Workshop, , Brussels GEANT eduGAIN Data Protection "Code of Conduct" Workshop Dieter Van Uytvanck
Copyright JNT Association 2005Copyright JNT Association 2008 www.ukfederation.org.uk An Introduction to Access Management and the UK Federation Simon Cooper.

Copyright JNT Association 2005Copyright JNT Association An Introduction to Access Management and the UK Federation Simon Cooper.
AAI-enabled VO Platform “VO without Tears” Christoph Witzig EGI TF, Amsterdam, Sept 15, 2010.

AAI-enabled VO Platform “VO without Tears” Christoph Witzig EGI TF, Amsterdam, Sept 15, 2010.
Presented by: Presented by: Tim Cameron CommIT Project Manager, Internet 2 CommIT Project Update.

Presented by: Presented by: Tim Cameron CommIT Project Manager, Internet 2 CommIT Project Update.
Supporting Are we ready? REFEDS, Oct 2013 Ann Harding

Supporting Are we ready? REFEDS, Oct 2013 Ann Harding
Géant-TrustBroker project overview Slides assembled by the Géant-TrustBroker team at Leibniz Supercomputing Centre, Germany for a short presentation by.

Géant-TrustBroker project overview Slides assembled by the Géant-TrustBroker team at Leibniz Supercomputing Centre, Germany for a short presentation by.
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.

INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.
MediMizer, Inc. 2013 iRequest Manager Work Order Request System.

MediMizer, Inc iRequest Manager Work Order Request System.
Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.

Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.
Authentication and Authorisation for Research and Collaboration Licia Florio AARC Workshop The AARC Project Brussels, 26 October.

Authentication and Authorisation for Research and Collaboration Licia Florio AARC Workshop The AARC Project Brussels, 26 October.
Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos GRNET Proposed Pilots for Libraries and eGov.

Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos GRNET Proposed Pilots for Libraries and eGov.
SAML to LDAP bridging developments Marcus Hardt. 223.04 2014Marcus kit.eduSteinbuch Centre for Computing (SCC) Motivation Allow linux logins,

SAML to LDAP bridging developments Marcus Hardt Marcus kit.eduSteinbuch Centre for Computing (SCC) Motivation Allow linux logins,
JRA1.4 Models for implementing Attribute Providers and Token Translation Services Andrea Biancini.

JRA1.4 Models for implementing Attribute Providers and Token Translation Services Andrea Biancini.
Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.

Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.
Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos Open Day Event: Towards the European Open.

Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos Open Day Event: Towards the European Open.
Networks ∙ Services ∙ People Thomas Bärecke Journée Fédération, Paris Collaboration européenne GÉANT SA5 03/07/2015 SA5 T5 team

Networks ∙ Services ∙ People Thomas Bärecke Journée Fédération, Paris Collaboration européenne GÉANT SA5 03/07/2015 SA5 T5 team

Similar presentations

Ads by Google