Presentation is loading. Please wait.

Presentation is loading. Please wait.

DK update David Simonsen, WAYF (the federation formerly known as DK-AAI) It's a WAYFIt's about consentIt's a project.

Published byMarquise Andry Modified over 9 years ago

Similar presentations

Presentation on theme: "DK update David Simonsen, WAYF (the federation formerly known as DK-AAI) It's a WAYFIt's about consentIt's a project."— Presentation transcript:

1 DK update David Simonsen, WAYF (the federation formerly known as DK-AAI) It's a WAYFIt's about consentIt's a project

2 SAML2 LDAP Host’ed simpleSAMLphp Shibboleth 1.3 + CAS WAYF architecture

3 Supported interfaces SP: SAML2 SP: Shibboleth 1.3 IdP: SAML2 IdP: LDAP (hosted login page) IdP: CAS + LDAP

4 IdM requirements Describe your IdP routines (will not be publicly available) 24 hours after status is changed, status is changed... LoA - not supported Strenth of initial authentication not flagged

5 Attributes MUST ---- Personal information----- SurName GivenName CommonName eduPersonPricipleName Mail eduPersonPrimaryAffiliation ----- Information about the organisation----- schacHomeOrganization MAY ---- Personal information ---- norEduPersonNIN eduPersonScopedAffiliation PreferredLanguage eduPersonEntitelment ----- Information about the organisation----- - Attributtes provided / generated by WAYF eduPersonTargedID (hash (SP-ID + hash (IdP-ID + salt + unique-personID) + salt) OrganizationName

6 Attribute profiles Normal profile eduPersonPrimaryAffiliation schacHomeOrganization Extended profile with persistent ID eduPersonPrimaryAffiliation schacHomeOrganization eduPersonTargedID Extended profil with persistent ID and name eduPersonPrimaryAffiliation schacHomeOrganization eduPersonTargedID SurName GivenName CommonName Extended profil with persistent ID, name and email eduPersonPrimaryAffiliation schacHomeOrganization eduPersonTargedID SurName GivenName CommonName mail

7 WAYF is live as of 28th of March 2008 All central services running WAYF, consent, consent-admin Central federating component (CFC): simpleSAMLphp Contract draft (turned down yesterday) websites open (Danish only so far) Production evironment + QA Press release to come (with ministers)

8 Only a few services still Cross federated to FEIDE (OpenWiki, Foodle) WAYF is live

9 Connected institutions The Royal Library Roskilde University Syddansk University The State Library WAYF Orphanage Århus University Technical University of DK

10 Planned services Connect, Forskningsnettets videotjeneste DSB NetID BBC Motion Gallery Danske reklamefilm eduMedia, Forskningsnettet Studenterportaler

11 NIAS, Nordisk Inst. for Asien Studier (Kalmar) Microsoft's 'Dream Sparks' ElseVier (forlag) OVID (forlag) EBSCO (forlag) WAYF-baseret ID-oprettelse Planned services

12 Users' consent

13 The users' informed consent Obligation to inform Consent Volontarily Informed Specific No personal info is kept

14 Ingen personlige oplysninger gemmes 2km4756k4l3n43j34j3 8ds989g+sdfhkjrwk30 !

15 DEMONSTRATION www.wayf.dk www.dk-aai.dk wiki.dk-aai.dk https://wayf.wayf.dk/consent/consentAd min.php https://wayf.wayf.dk/consent/consentAd min.php

Download ppt "DK update David Simonsen, WAYF (the federation formerly known as DK-AAI) It's a WAYFIt's about consentIt's a project."

Similar presentations

Shibboleth and UKAMF-FEAR not as scary as it sounds! Rhys Smith Cardiff University.

Shibboleth and UKAMF-FEAR not as scary as it sounds! Rhys Smith Cardiff University.
Federation management A mess? 9.4.2008 Nordunet Conference Mikael Linden CSC, the Finnish IT Center for Science.

Federation management A mess? Nordunet Conference Mikael Linden CSC, the Finnish IT Center for Science.
>> Fronter Helsinki, April 8 th, 2008 Aleksander Pettersen.

>> Fronter Helsinki, April 8 th, 2008 Aleksander Pettersen.
Enabling UCTrust Access for Your Application Introduction to The UC CSC Conference UC Santa Barbara, July 21-22, 2008.

Enabling UCTrust Access for Your Application Introduction to The UC CSC Conference UC Santa Barbara, July 21-22, 2008.
Innovation through participation Data Protection Code of Conduct (DP CoC) REFEDS Helsinki 2.10.2013 Mikael Linden, CSC – IT Center for Science

Innovation through participation Data Protection Code of Conduct (DP CoC) REFEDS Helsinki Mikael Linden, CSC – IT Center for Science
Why a special Danish SAML 2.0 profile? Cultural extensions – e.g Attributes like Business number, etc. Remove complexity in subset of standard that fulfills.

Why a special Danish SAML 2.0 profile? Cultural extensions – e.g Attributes like Business number, etc. Remove complexity in subset of standard that fulfills.
ELAG Trondheim 2004 1 Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.

ELAG Trondheim Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.
The WAYF way Trusted Third Party federation (TTP) David Simonsen, EMC2 Utrecht December 4, 2008.

The WAYF way Trusted Third Party federation (TTP) David Simonsen, EMC2 Utrecht December 4, 2008.
Shibboleth at Newcastle Caleb Racey Webteam ISS Shibboleth experiences Program  Background  What shib has enabled  Benefits of shib  How to do shib.

Shibboleth at Newcastle Caleb Racey Webteam ISS Shibboleth experiences Program  Background  What shib has enabled  Benefits of shib  How to do shib.
Kalmar Union 15.1.2008 Mikael Linden CSC, the Finnish IT Center for Science.

Kalmar Union Mikael Linden CSC, the Finnish IT Center for Science.
Why are HEAnet in this space? –Collaborative, shared and cloud services –IP address access control and IPv6 –Synergy with eduroam (single credential, eduGAIN)

Why are HEAnet in this space? –Collaborative, shared and cloud services –IP address access control and IPv6 –Synergy with eduroam (single credential, eduGAIN)
Brown University Shibboleth at Brown University James Cramton May 28, 2009 Copyright © James Cramton 2009 This work is the intellectual property of the.

Brown University Shibboleth at Brown University James Cramton May 28, 2009 Copyright © James Cramton 2009 This work is the intellectual property of the.
Brown University Shibboleth at Brown University James Cramton March 5, 2009 Copyright © James Cramton 2009 This work is the intellectual property of the.

Brown University Shibboleth at Brown University James Cramton March 5, 2009 Copyright © James Cramton 2009 This work is the intellectual property of the.
Shibboleth & IMPETUS 1.What are they? 2.Demo. Shibboleth - A system to support the sharing of Web resources among organisations IMPETUS - Infrastructure.

Shibboleth & IMPETUS 1.What are they? 2.Demo. Shibboleth - A system to support the sharing of Web resources among organisations IMPETUS - Infrastructure.
TERENA EUROCamp 2010 Dyonisius Visser

TERENA EUROCamp 2010 Dyonisius Visser
SWITCHaai Team Federated Identity Management.

SWITCHaai Team Federated Identity Management.
AAI with simpleSAMLphp

AAI with simpleSAMLphp
Feide is a identity management system on a national level for the educational sector in Norway. Federated Electronic Identity for Norwegian Education Tromsø,

Feide is a identity management system on a national level for the educational sector in Norway. Federated Electronic Identity for Norwegian Education Tromsø,
AAF Middleware update February16 2012 Presented by Terry Smith Technical Manager and Heath Marks Manager.

AAF Middleware update February Presented by Terry Smith Technical Manager and Heath Marks Manager.
CASE: Haka federation EuroCAMP, 3-5 April, 2006 CSC, the Finnish IT Center for Science

CASE: Haka federation EuroCAMP, 3-5 April, 2006 CSC, the Finnish IT Center for Science

Similar presentations

Ads by Google