Presentation is loading. Please wait.

Presentation is loading. Please wait.

E-Authentication October 2003. Objectives Provide a flexible, easy to implement authentication system that meets the needs of AES and its clients. Ensure.

Published byElmer Mason Modified over 9 years ago

Similar presentations

Presentation on theme: "E-Authentication October 2003. Objectives Provide a flexible, easy to implement authentication system that meets the needs of AES and its clients. Ensure."— Presentation transcript:

1 e-Authentication October 2003

2 Objectives Provide a flexible, easy to implement authentication system that meets the needs of AES and its clients. Ensure compliance with the Gramm-Leach- Bliley Act (GLBA), federal guidelines, and applicable state privacy laws. Assure data owners that only appropriately authenticated end users have access to data. Ensure compliance to internal security and privacy guidelines.

3 Requirements User was required to provide an ID and a shared secret. Assignment and delivery of shared secret must be secure. Assignment of shared secret is based on validated information. Reasonable assurances that the storage of the IDs shared secrets are secure.

4 Policies Member must ensure appropriate authentication for each end user Member must provide authentication policy to AES Member must provide AES with 30 day advance notice of changes to authentication policy Member must agree to appropriate use of data Additional requirements to be defined by legal representatives (may include auditing/logging requirements)

5 Process End user authenticates at member site Member creates authentication assertion Member signs authentication assertion with digital certificate Control is passed to AES AES sends attribute request Member returns attribute assertion AES verifies assertion using the member’s public key stored in the registry. End user is provided access to appropriate AES product

6 Standards Leveraged OASIS SAML XML security standard Internet2 Shibboleth Digital Certificates Secure transactions using SSL SOAP

7 Registry Requirements Each participant will be required to register, sign a participation agreement, and submit policies and procedures surrounding their authentication process. Central registry will store: –a unique ID for each organization –the public key for each organization –additional elements to be defined

8 Additional Assertion Attributes Role of end user Social Security Number Authentication Process ID Level of Authentication Opaque ID Application ID Additional attributes to be determined

9 Contact Information Matthew Sessa msessa@aessuccess.org Mark Malinoski mmalinos@aessuccess.org

10 e-Authentication

Download ppt "E-Authentication October 2003. Objectives Provide a flexible, easy to implement authentication system that meets the needs of AES and its clients. Ensure."

Similar presentations

Open Grid Forum 19 January 31, 2007 Chapel Hill, NC Stephen Langella Ohio State University Grid Authentication and Authorization with.

Open Grid Forum 19 January 31, 2007 Chapel Hill, NC Stephen Langella Ohio State University Grid Authentication and Authorization with.
Inter-Institutional Registration UNC Cause December 4, 2007.

Inter-Institutional Registration UNC Cause December 4, 2007.
Campus Based Authentication & The Project Presented By: Tim Cameron National Council of Higher Education Loan Programs.

Campus Based Authentication & The Project Presented By: Tim Cameron National Council of Higher Education Loan Programs.
By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.

By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.
Lecture 23 Internet Authentication Applications

Lecture 23 Internet Authentication Applications
Will Darby 91.514 5 April 2010.  What is Federated Security  Security Assertion Markup Language (SAML) Overview  Example Implementations  Alternative.

Will Darby April  What is Federated Security  Security Assertion Markup Language (SAML) Overview  Example Implementations  Alternative.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
1 ARPA A regional infrastructure for secure role-based access to RTRT services Ing. Laura Castellani Tuscany Region.

1 ARPA A regional infrastructure for secure role-based access to RTRT services Ing. Laura Castellani Tuscany Region.
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
T-110.5140 Network Application Frameworks and XML Service Federation 30.04.2007 Sasu Tarkoma.

T Network Application Frameworks and XML Service Federation Sasu Tarkoma.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.

1 eAuthentication in Higher Education Tim Bornholtz Session #47.
Core Web Service Security Patterns

Core Web Service Security Patterns
Using Digital Credentials On The World-Wide Web M. Winslett.

Using Digital Credentials On The World-Wide Web M. Winslett.
ALT-C2010 7/09/2010 14:50 Giving you back control of your data: An e-Qualification system for e-Portfolios Learning Societies Laboratory, School of Electronic.

ALT-C2010 7/09/ :50 Giving you back control of your data: An e-Qualification system for e-Portfolios Learning Societies Laboratory, School of Electronic.
1 July 2005© 2005 University of Kent1 Seamless Integration of PERMIS and Shibboleth – Development of a Flexible PERMIS Authorisation Module for Shibboleth.

1 July 2005© 2005 University of Kent1 Seamless Integration of PERMIS and Shibboleth – Development of a Flexible PERMIS Authorisation Module for Shibboleth.
Service Broker Lesson 11. Skills Matrix Service Broker Service Broker, provides a solution to common problems with message delivery and consistency that.

Service Broker Lesson 11. Skills Matrix Service Broker Service Broker, provides a solution to common problems with message delivery and consistency that.
Digital Signature Technologies & Applications Ed Jensen Fall 2013.

Digital Signature Technologies & Applications Ed Jensen Fall 2013.
Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.

Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Similar presentations

Ads by Google