Presentation is loading. Please wait.

Presentation is loading. Please wait.

17 th TF-EMC2. Lyon, February 2011 On the Many Ways to Identity Exchange D i g i t a l i d e n t i t i e s a r e m o r e v a l u a b l e a s t h e y a.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "17 th TF-EMC2. Lyon, February 2011 On the Many Ways to Identity Exchange D i g i t a l i d e n t i t i e s a r e m o r e v a l u a b l e a s t h e y a."— Presentation transcript:

1 17 th TF-EMC2. Lyon, February 2011 On the Many Ways to Identity Exchange D i g i t a l i d e n t i t i e s a r e m o r e v a l u a b l e a s t h e y a r e m o r e w i d e l y a s s e r t a b l e Diego R. Lopez, RedIRIS

2 17 th TF-EMC2. Lyon, February 2011 The Open Fronts Life beyond SAML  OpenID and “Identity 2.0”  OAuth and JWT Seeking for meeting points  eIRG  STORK  eduGAIN, PEER, MDX, …  AAI convergence and STS efforts Sort of Proxying  Inner access: TERENA SPP  Outer access: Proposal to REFEDS

3 17 th TF-EMC2. Lyon, February 2011 The twodotosphere MACE’s WG on OpenID  https://spaces.internet2.edu/display/OpenID/Home https://spaces.internet2.edu/display/OpenID/Home  Guidance, toward some degree of standardization  Examine the demand for, and applicability of, SAML/OpenID gateways Integrating identities both ways  Logins4Life  Social authsources  social2saml.org  SIR-enabled Facebook groups  Social discovery services

4 17 th TF-EMC2. Lyon, February 2011 Tokens and token formats OAuth2 consolidating  Several rather mature I-Ds making their way up in IETF  And proposals based on it UMA, inside Kantara REST token-based access, inside GN3 JWT: JSON Web Token  Intended for space constrained environments HTTP Authorization headers URI query parameters  Simpler to code and parse OAuth2 AP: http://www.rediris.es/oauth2/http://www.rediris.es/oauth2/ JWT: Proof-of-concept for SIR-REST integration

5 17 th TF-EMC2. Lyon, February 2011 Higher Convergence STORK progressing  Proposal for making EC services STORK-aware  Seeking for new use cases in academic space  Lever for integration with governmental infrastructures eIRG on AAIs  Convergence in academic space a key issue  Federations as the main enablers  Integration with the wider Internet  A long way to go, policy-wise  Acknowledgement to TERENA and REFEDS role

6 17 th TF-EMC2. Lyon, February 2011 Lower Convergence Metadata aggregators  PEER (not) vs. eduGAIN Several services integrating federations and Grid PKIs  Watch Chris’ talk on this Convergence at the WS level: STS  SURFNet experiments and CLARIN interest  EMI-EGI initiative  GEMBus STS (soon to be demonstrated)  EUGridPMA to explore policy aspects

7 17 th TF-EMC2. Lyon, February 2011 The Identity Swiss Knives Proxying is a wide concept that can address solutions to a wide variety of issues Simplify management  See Dick’s talk Increase federation usage  The most usual application Boost privacy  Only provide an IP to access resources Enhance user experience  Resolvers and deep-linking Expanding applicability  WS-based interfaces and non-Web clients

8 17 th TF-EMC2. Lyon, February 2011 A Proposal for REFEDS Funding The goals  Remote federated proxy administration  Centralized configuration of proxy meshes  Non-Web clients in third party WS environments  Neutral link resolution and deep linking The technologies  EZProxy  Apache2 proxy capabilities The players: WAYF and RedIRIS

Download ppt "17 th TF-EMC2. Lyon, February 2011 On the Many Ways to Identity Exchange D i g i t a l i d e n t i t i e s a r e m o r e v a l u a b l e a s t h e y a."

Similar presentations

Contrail and Federated Identity Management

Contrail and Federated Identity Management
2005 © SWITCH Authentication and Authorization Infrastructure Martin Sutter, Head of NetServices Thomas Lenggenhager, Deputy Project Manager AAI Christoph.

2005 © SWITCH Authentication and Authorization Infrastructure Martin Sutter, Head of NetServices Thomas Lenggenhager, Deputy Project Manager AAI Christoph.
TAC - Poznan, 6 June 2005 Building trust with a European style Diego R. Lopez RedIRIS.

TAC - Poznan, 6 June 2005 Building trust with a European style Diego R. Lopez RedIRIS.
TF-EMC2 February 2006, Zagreb Deploying Authorization Mechanisms for Federated Services in the EDUROAM Architecture (DAME) -Technical Project Proposal-

TF-EMC2 February 2006, Zagreb Deploying Authorization Mechanisms for Federated Services in the EDUROAM Architecture (DAME) -Technical Project Proposal-
Connect. Communicate. Collaborate The eduGAIN Way Diego R. Lopez - RedIRIS.

Connect. Communicate. Collaborate The eduGAIN Way Diego R. Lopez - RedIRIS.
T-110.5140 Network Application Frameworks and XML Service Federation 30.04.2007 Sasu Tarkoma.

T Network Application Frameworks and XML Service Federation Sasu Tarkoma.
GRDevDay March 21, 2015 Cloud-based Identity for Applications.

GRDevDay March 21, 2015 Cloud-based Identity for Applications.
The TERENA Academic CA Repository. eIRG Meeting. Dublin, 16/04/2004 Diego R. Lopez – TF-AACE  Task Force on Authentication and.

The TERENA Academic CA Repository. eIRG Meeting. Dublin, 16/04/2004 Diego R. Lopez – TF-AACE  Task Force on Authentication and.
Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.

Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.
18 th TF-EMC2. WebEx, June 2011 Diego R. Lopez, RedIRIS On the Many Ways to Identity Exchange (Again) Digital identities are more valuable as they are.

18 th TF-EMC2. WebEx, June 2011 Diego R. Lopez, RedIRIS On the Many Ways to Identity Exchange (Again) Digital identities are more valuable as they are.
Here Come the Feds Federated identity management: the consumer’s perspective Jens Jensen, STFC On behalf of EUDAT AAI TF EGI CF Manchester April 2013.

Here Come the Feds Federated identity management: the consumer’s perspective Jens Jensen, STFC On behalf of EUDAT AAI TF EGI CF Manchester April 2013.
Federated Identity Management in New Zealand Sat Mandri Service Manager TNC15 REFEDs Meeting, 14 th June 2015.

Federated Identity Management in New Zealand Sat Mandri Service Manager TNC15 REFEDs Meeting, 14 th June 2015.
Developments and challenges in authentication and authorisation Klaas Wierenga Berlin, 23 May 2006.

Developments and challenges in authentication and authorisation Klaas Wierenga Berlin, 23 May 2006.
Identity Management Report By Jean Carreon and Marlon Gonzales.

Identity Management Report By Jean Carreon and Marlon Gonzales.
Workgroup Discussion on RESTful Application Programming Interface (API) Security Transport & Security Standards Workgroup January 12, 2014.

Workgroup Discussion on RESTful Application Programming Interface (API) Security Transport & Security Standards Workgroup January 12, 2014.
Belnet Federation Belnet – Loriau Nicolas Brussels – 12 th of June 2014.

Belnet Federation Belnet – Loriau Nicolas Brussels – 12 th of June 2014.
High-quality Internet for higher education and research AAI from the NREN perspective Schiphol, October 17, 2005

High-quality Internet for higher education and research AAI from the NREN perspective Schiphol, October 17, 2005
Connect. Communicate. Collaborate Federation Interoperability Made Possible By Design: eduGAIN Diego R. Lopez (RedIRIS)

Connect. Communicate. Collaborate Federation Interoperability Made Possible By Design: eduGAIN Diego R. Lopez (RedIRIS)
Shibboleth Akylbek Zhumabayev September 2008. Agenda Introduction Related Standards: SAML, WS-Trust, WS-Federation Overview: Shibboleth, GSI, GridShib.

Shibboleth Akylbek Zhumabayev September Agenda Introduction Related Standards: SAML, WS-Trust, WS-Federation Overview: Shibboleth, GSI, GridShib.
AAI WG EMI Christoph Witzig on behalf of EMI AAI WG.

AAI WG EMI Christoph Witzig on behalf of EMI AAI WG.

Similar presentations

Ads by Google