Presentation is loading. Please wait.

Presentation is loading. Please wait.

IST346: Namespaces, Identity Management

Published byAmbrogio Casagrande Modified over 6 years ago

Similar presentations

Presentation on theme: "IST346: Namespaces, Identity Management"— Presentation transcript:

1 IST346: Namespaces, Identity Management

2 Agenda Discussion Content Namespaces Identity Management Wrap-Up

3 Discussion Questions What is a namespace? What are 4 common ways to choosing names? What are the two types of namespaces? Provide 2 examples of a hierarchical namespace which is global. What is the name service for computers? For people? What is AAA? Define each term. Define self-service. Provide an example of it used on campus. What is a Distinguished Name, or DN? Is it a global namespace? Give students 1-2 minutes for each question. Its important to provide them with the opportunity to answer the questions based on the reading, labs, and assigned homework. Thematic, Functional, Descriptive, Formulaic

4 Namespaces Types: Flat Global / Heirarchial Conventions: Formulaic
mafudge Global / Heirarchial Conventions: Formulaic User001, user001 Thematic Red, blue, green Functional Mail, web, print Descriptive Ist-hinds010-pc1

5 Namespace type and Convention?
What are the namespace type and convention? An SUID? A URL? A Docker image name? Ubuntu Ubuntu:latest Course numbers? IST346, CAS104 NFL Teams? Dallas Cowboys A Twitter user

6 Identity Management Too Many Centralized Authentication Single-Sign On
Accounts Logins Passwords To Remember Centralized Authentication One place to get Authentication, Authorization, and Accounting Single-Sign On With Centralized Authentication no need to keep authenticating

7 Common IM Providers Central Authentication LDAP
Active Directory (LDAP, Kerberos) Federated – multi-institution Shibboleth SSO Protocols OAUTH2, CAS, SAML2

8 Shibboleth Blackboard Sign in Example
Blackboard is the service provider. Needs identities and authenticated used. SU is the identity provider. Provides identities and authenticated users. SAML2 (Security Assertion Markup Language v2) is the protocol

9 CAS (Central Authentication Service)
 

10 OAUTH Demos Sign in g.syr.edu Setup 2 step verification
Message sent to my phone Login in to fa.ischool.syr.edu Login to stack overflow.com or trello.com

11 Group Activity Namespacing Exercise

12 Namespace design Divide into groups of 3.
You are in charge of your organization’s Identity Management initiative. Design a namespace for managing user accounts and devices on the network. Justify your namespace plan for: Users Devices (printers, computers, etc) Running a centralized service, but delegating administration.

13 Your To-Do List What to work on for next class
ALWAYS CONSULT THE SYLLABUS What to work on for next class

14 Exit Ticket Share one thing you learned today that you didn’t know before class!

15 Questions?

Download ppt "IST346: Namespaces, Identity Management"

Similar presentations

Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.

Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.
Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
Trusted 3 rd Party Authentication & Friends: SSO and IdM NWACC Security Workshop 2013 Portland.

Trusted 3 rd Party Authentication & Friends: SSO and IdM NWACC Security Workshop 2013 Portland.
Virtualization and Cloud Computing

Virtualization and Cloud Computing
IST346:  Namespaces  Directories  Documentation.

IST346:  Namespaces  Directories  Documentation.
 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.

 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.
Shibboleth & IMPETUS 1.What are they? 2.Demo. Shibboleth - A system to support the sharing of Web resources among organisations IMPETUS - Infrastructure.

Shibboleth & IMPETUS 1.What are they? 2.Demo. Shibboleth - A system to support the sharing of Web resources among organisations IMPETUS - Infrastructure.
Www.eduserv.org.uk/openathens Alumni Authentication… Explained Robert Scaysbrook – OpenAthens UK Account Manager.

Alumni Authentication… Explained Robert Scaysbrook – OpenAthens UK Account Manager.
Active Directory Lecture 3 – Domain Services Primer.

Active Directory Lecture 3 – Domain Services Primer.
Aegis Identity Software, Inc. presents Trends in Identity and Access Management in Higher Education to US Federations June 20, 2012 Janet Yarbrough – Director.

Aegis Identity Software, Inc. presents Trends in Identity and Access Management in Higher Education to US Federations June 20, 2012 Janet Yarbrough – Director.
CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+

CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+
Lecture 23 Internet Authentication Applications modified from slides of Lawrie Brown.

Lecture 23 Internet Authentication Applications modified from slides of Lawrie Brown.
SSL, Single Sign On, and External Authentication Presented By Jeff Kelley April 12, 2005.

SSL, Single Sign On, and External Authentication Presented By Jeff Kelley April 12, 2005.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 22 – Internet Authentication.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 22 – Internet Authentication.
LDAP Authentication Copyright © 2000-2007 Liferay, Inc. All Rights Reserved. No material may be reproduced electronically or in print without written permission.

LDAP Authentication Copyright © Liferay, Inc. All Rights Reserved. No material may be reproduced electronically or in print without written permission.
Shibboleth: An Introduction

Shibboleth: An Introduction
- NCSU project goals and requirements - Adoption Drivers - Current challenges and pain points - Identacor at NCSU - Identacor Features - NCSU Key Benefits.

- NCSU project goals and requirements - Adoption Drivers - Current challenges and pain points - Identacor at NCSU - Identacor Features - NCSU Key Benefits.
Technology and the Promise of Individualized Learning Ira Goldstein Siena College Computer Science Department.

Technology and the Promise of Individualized Learning Ira Goldstein Siena College Computer Science Department.
CEG 2400 Fall 2012 Directory Services Active Directory Tree Domain.

CEG 2400 Fall 2012 Directory Services Active Directory Tree Domain.
CERN IT Department CH-1211 Genève 23 Switzerland www.cern.ch/i t Single Sign On, Identity and Access management at CERN Alex Lossent Emmanuel Ormancey,

CERN IT Department CH-1211 Genève 23 Switzerland t Single Sign On, Identity and Access management at CERN Alex Lossent Emmanuel Ormancey,

Similar presentations

Ads by Google