Presentation is loading. Please wait.

Presentation is loading. Please wait.

18 th TF-EMC2. WebEx, June 2011 Diego R. Lopez, RedIRIS On the Many Ways to Identity Exchange (Again) Digital identities are more valuable as they are.

Published byNickolas Curtis Modified over 9 years ago

Similar presentations

Presentation on theme: "18 th TF-EMC2. WebEx, June 2011 Diego R. Lopez, RedIRIS On the Many Ways to Identity Exchange (Again) Digital identities are more valuable as they are."— Presentation transcript:

1 18 th TF-EMC2. WebEx, June 2011 Diego R. Lopez, RedIRIS On the Many Ways to Identity Exchange (Again) Digital identities are more valuable as they are more widely assertable

2 18 th TF-EMC2. WebEx, June 2011 STORK Pilot for academic institutions successfully finished  https://www.eid-stork.eu/pilots/pilot3.htm https://www.eid-stork.eu/pilots/pilot3.htm  STORK IdPs integrated as special SIR IdPs “If you are in SIR, you can deal with STORK identities” Looking forward to strengthening integration  Sub-task in the current eduGAIN workplan Module for simpleSAMLPHP Metadata management Policy issues  Additional use cases proposed for STORK extension Credential management  LoA handling

3 18 th TF-EMC2. WebEx, June 2011 Proxying Two proposals submitted for REFEDS funding  Federated management of central proxy instances  Central proxy configuration services Do we need and open-source proxy?  EZProxy is well-known, widely deployed, provided in reasonably fair terms  Would it scale up to National proxy services More specific usages (Web Services, AJAX…) Other access control mechanisms (OAuth, WS-Trust…) Transformations from identity data to proxy mechanisms

4 18 th TF-EMC2. WebEx, June 2011 OAuth (2, of course…) ID in its draft 16  Rather stable: Both kernel and side standards Including SAML and JWT  OpenID integrated flow: OpenIDConnect  UMA considering the user and consent sides Use cases on their way  The RedIRIS service panel  GN3 VOOT (three-legged OAuth1 for the moment)  And Clouds A few references if your are (still) curious http://www.independentid.com/2011/02/does-oauth-have-legs.html http://www.rediris.es/oauth2/ https://spaces.internet2.edu/display/socialid/

5 18 th TF-EMC2. WebEx, June 2011 JSON Space Proposals are blooming on RESTful services using JSON as coding mechanism Out of the common standard processes  Though many proposals are IDs Supported by many of the big dogs  Google, Microsoft, Yahoo, Facebook The good news  Essentially compatible with our current federation stuff The not-so-good news  Too many fronts to be influential enough? http://self-issued.info/papers/The_Emerging_JSON-Based_Identity_Protocols.pdf

6 18 th TF-EMC2. WebEx, June 2011 The Omnipresent Cloud SCIM, previously known as Cloud Directory  Intended for identity data exchange among actors in the cloud Cloud Service Provider Enterprise Cloud Subscriber Cloud Service User  General “neutral” schema Bindings to JSON, SAML and “bare” XML RESTful API  Security and trust models still in their initial stages Experiments on access control  OpenNebula usage of Grid certificates Others initiatives not very active  OASIS IDCloud

7 18 th TF-EMC2. WebEx, June 2011 GEMBus STS Demonstrator available http://gembus.rediris.es:8181/STSDemonstrator  Adaptors for Apache ServiceMix Spring coming soon  Current token format based on GN2 relayed-trust SAML Plans for a more neutral JWT-based token  Coordination with EUGridPMA policies

Download ppt "18 th TF-EMC2. WebEx, June 2011 Diego R. Lopez, RedIRIS On the Many Ways to Identity Exchange (Again) Digital identities are more valuable as they are."

Similar presentations

Contrail and Federated Identity Management

Contrail and Federated Identity Management
Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.

Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.
REFEDS. Rome, October 2009 The OpenID Case Why It’s Not a Bad Idea to Play with The Big Guys.

REFEDS. Rome, October 2009 The OpenID Case Why It’s Not a Bad Idea to Play with The Big Guys.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public University of the Future 1 TF-Mobility future Klaas Wierenga

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public University of the Future 1 TF-Mobility future Klaas Wierenga
Case Studies in Identity Management for Scientific Collaboration 2014 Technology Exchange Jim Basney CILogon This material is.

Case Studies in Identity Management for Scientific Collaboration 2014 Technology Exchange Jim Basney CILogon This material is.
WSO2 Identity Server Road Map

WSO2 Identity Server Road Map
Www.incommon.org A View into the Mi$t 1 RL Bob Morgan University of Washington Co-chair, InCommon Technical Advisory Committee.

A View into the Mi$t 1 RL "Bob" Morgan University of Washington Co-chair, InCommon Technical Advisory Committee.
Infocard and Eduroam Enrique de la Hoz, Diego R. L ó pez, Antonio Garc í a, Samuel Mu ñ oz.

Infocard and Eduroam Enrique de la Hoz, Diego R. L ó pez, Antonio Garc í a, Samuel Mu ñ oz.
17 th TF-EMC2. Lyon, February 2011 On the Many Ways to Identity Exchange D i g i t a l i d e n t i t i e s a r e m o r e v a l u a b l e a s t h e y a.

17 th TF-EMC2. Lyon, February 2011 On the Many Ways to Identity Exchange D i g i t a l i d e n t i t i e s a r e m o r e v a l u a b l e a s t h e y a.
TF-EMC2 February 2006, Zagreb Deploying Authorization Mechanisms for Federated Services in the EDUROAM Architecture (DAME) -Technical Project Proposal-

TF-EMC2 February 2006, Zagreb Deploying Authorization Mechanisms for Federated Services in the EDUROAM Architecture (DAME) -Technical Project Proposal-
Connect. Communicate. Collaborate The eduGAIN Way Diego R. Lopez - RedIRIS.

Connect. Communicate. Collaborate The eduGAIN Way Diego R. Lopez - RedIRIS.
T-110.5140 Network Application Frameworks and XML Service Federation 30.04.2007 Sasu Tarkoma.

T Network Application Frameworks and XML Service Federation Sasu Tarkoma.
WebFTS as a first WLCG/HEP FIM pilot

WebFTS as a first WLCG/HEP FIM pilot
GRDevDay March 21, 2015 Cloud-based Identity for Applications.

GRDevDay March 21, 2015 Cloud-based Identity for Applications.
Cloud app Cloud app Cloud app Separate username/password sign-in Manual or semi-automated provisioning Active Directory App Separate username/password.

Cloud app Cloud app Cloud app Separate username/password sign-in Manual or semi-automated provisioning Active Directory App Separate username/password.
Prabath Siriwardena Senior Software Architect. An open source Identity & Entitlement management server.

Prabath Siriwardena Senior Software Architect. An open source Identity & Entitlement management server.
OFC-B317 Overview Identity Management in Office 365 Synchronization Topics Federation Topics Integration of SAML/OAUTH with Office Works with Office.

OFC-B317 Overview Identity Management in Office 365 Synchronization Topics Federation Topics Integration of SAML/OAUTH with Office Works with Office.
Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing Research Infrastructures Grant Agreement n. 306819.

Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing Research Infrastructures Grant Agreement n
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

Similar presentations

Ads by Google