Presentation is loading. Please wait.

Presentation is loading. Please wait.

Workshop Presentation [1] Investigating Liberty Alliance and Shibboleth Integration Nishen Naidoo, 30396468 Supervisor: Dr. Steve Cassidy.

Published byEunice Jordan Modified over 8 years ago

Similar presentations

Presentation on theme: "Workshop Presentation [1] Investigating Liberty Alliance and Shibboleth Integration Nishen Naidoo, 30396468 Supervisor: Dr. Steve Cassidy."— Presentation transcript:

1 Workshop Presentation [1] Investigating Liberty Alliance and Shibboleth Integration Nishen Naidoo, 30396468 Supervisor: Dr. Steve Cassidy

2 Workshop Presentation [2] Talk Outline Introduction to Federated Identity Management –Example Multiple Frameworks –Shibboleth –Liberty Alliance Project Objectives and Motivation Deconstructing the Frameworks Conclusion

3 Workshop Presentation [3] Federated Identity Management (FIM) Reduce number of online identities Reduce privacy exposure User controls who sees what Enables easy sharing of resources

4 Workshop Presentation [4] Main Actors in FIM Users –Using a User Agent (Browser) Service Provider –Provide resources and services –Protect resources and services Identity Provider –Authenticates users –Provides security assertions to Service Providers

5 Workshop Presentation [5] Example Interaction 1.Resource Request 2.Redirection to IdP SAML Authentication Request IdP authenticates User 3.Form Response SAML Authentication Response 4.Automatic Form Submission Process Assertion 5.Resource Acquired

6 Workshop Presentation [6] Multiple Frameworks Shibboleth –Higher Education focus –Resource Sharing, privacy, security –InCommon, AAF Liberty Alliance –Commercial sector focus –Service integration, privacy, security –Intel, GM

7 Workshop Presentation [7] Issues with Multiple Frameworks User perspective –More credentials due to technology limitation –Less privacy Unnecessary federations –Formed from having to support multiple technologies Increases difficulty of forming federations –Need to support services within each framework? What do you do?

8 Workshop Presentation [8] Project Objectives Investigating whether we can extend a federation beyond the boundaries imposed by the technologies it employs – integration…

9 Workshop Presentation [9] Deconstructing the Frameworks Both frameworks base on SAML specification Identified the following: –Assertions – identical to each other (both SAML) –Protocols – identical (SAML) –Bindings - Different –Profiles – Similar enough (derived from SAML).

10 Workshop Presentation [10] Relevant Logical Subcomponents Service Provider –Attribute Requester –Assertion Consumer Service Identity Provider –Attribute Authority –Single Sign On Service

11 Workshop Presentation [11] Technology Example Shibboleth Identity Provider –Java Web Application based –Employs servlets as endpoint processors –Has filter capabilities (interceptor pattern)

12 Workshop Presentation [12] Conclusion Identified the binding differences and conversions –Message structure –Parameter referencing Identified strategic architectural locations for adaptation Provided technology example Identified implementation as future work

Download ppt "Workshop Presentation [1] Investigating Liberty Alliance and Shibboleth Integration Nishen Naidoo, 30396468 Supervisor: Dr. Steve Cassidy."

Similar presentations

Lousy Introduction into SWITCHaai

Lousy Introduction into SWITCHaai
Identity Network Ideals – Heterogeneity & Co-existence

Identity Network Ideals – Heterogeneity & Co-existence
Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
OOI-CI–Ragouzis–2007.10.15 Ocean Observatories Initiative Cyberinfrastructure Component CI Design Workshop 17-19 October 2007.

OOI-CI–Ragouzis– Ocean Observatories Initiative Cyberinfrastructure Component CI Design Workshop October 2007.
Dispatcher Conditional Expression Static Request Filter Attribute Filter Portal 1 1 2 2 4 4 3,6 5 5 7 7 8 8 9 9 1010 1010 DNS Hello User Sample (Gateway)

Dispatcher Conditional Expression Static Request Filter Attribute Filter Portal , DNS Hello User Sample (Gateway)
Integration Considerations Greg Thompson April 20 th, 2006 Copyright © 2006, Credentica Inc. All Rights Reserved.

Integration Considerations Greg Thompson April 20 th, 2006 Copyright © 2006, Credentica Inc. All Rights Reserved.
Saml-v2_0-intro-dec051 Security Assertion Markup Language An Introduction to SAML 2.0 Tom Scavo NCSA.

Saml-v2_0-intro-dec051 Security Assertion Markup Language An Introduction to SAML 2.0 Tom Scavo NCSA.
Access Control Patterns & Practices with WSO2 Middleware Prabath Siriwardena.

Access Control Patterns & Practices with WSO2 Middleware Prabath Siriwardena.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST 24-27 May 2005, Edinburgh.

1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
T-110.5140 Network Application Frameworks and XML Service Federation 30.04.2007 Sasu Tarkoma.

T Network Application Frameworks and XML Service Federation Sasu Tarkoma.
Attributes, Anonymity, and Access: Shibboleth and Globus Integration to Facilitate Grid Collaboration 4th Annual PKI R&D Workshop Tom Barton, Kate Keahey,

Attributes, Anonymity, and Access: Shibboleth and Globus Integration to Facilitate Grid Collaboration 4th Annual PKI R&D Workshop Tom Barton, Kate Keahey,
December 19, 2006 Solving Web Single Sign-on with Standards and Open Source Solutions Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007.

December 19, 2006 Solving Web Single Sign-on with Standards and Open Source Solutions Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007.
Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.

Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.
© 2009 The MITRE Corporation. All rights Reserved. April 28, 2009 MITRE Public Release Statement Case Number 09-017 Norman F. Brickman, Roger.

© 2009 The MITRE Corporation. All rights Reserved. April 28, 2009 MITRE Public Release Statement Case Number Norman F. Brickman, Roger.
Carl A. Foster.  What is SAML?  Security Assertion and Markup Language is an XML-based standard for exchanging authentication and authorization between.

Carl A. Foster.  What is SAML?  Security Assertion and Markup Language is an XML-based standard for exchanging authentication and authorization between.
OpenID And the Future of Digital Identity Alicia Bozyk April 1, 2008.

OpenID And the Future of Digital Identity Alicia Bozyk April 1, 2008.
WebFTS as a first WLCG/HEP FIM pilot

WebFTS as a first WLCG/HEP FIM pilot
SAML-based Delegation in Shibboleth Scott Cantor Internet2/The Ohio State University.

SAML-based Delegation in Shibboleth Scott Cantor Internet2/The Ohio State University.
Shibboleth-intro-dec051 Shibboleth A Technical Overview Tom Scavo NCSA.

Shibboleth-intro-dec051 Shibboleth A Technical Overview Tom Scavo NCSA.

Similar presentations

Ads by Google