Presentation is loading. Please wait.

Presentation is loading. Please wait.

Origins: The Requirements of Participating in Federations CAMP Shibboleth June 29, 2004 Barry Ribbeck & David Wasley.

Published byAmbrose Evans Modified over 8 years ago

Similar presentations

Presentation on theme: "Origins: The Requirements of Participating in Federations CAMP Shibboleth June 29, 2004 Barry Ribbeck & David Wasley."— Presentation transcript:

1 Origins: The Requirements of Participating in Federations CAMP Shibboleth June 29, 2004 Barry Ribbeck & David Wasley

2 Credential Providers: Requirements for Participation in Federations CAMP Shibboleth June 29, 2004 Barry Ribbeck & David Wasley

3 The Essence of Federation  A federation is much like a digital community  Communities “work” if People speak a common (enough) language People behave in ways that enable successful coexistence  Trust in the real world is often defined as much by experience as by rules Hard to replicate with machines that expect 1’s or 0’s.  In order to participate in an electronic identity federation, an institution must understand and play by the rules and must communicate with other participants using a common language (syntax and semantics)

4 Federated Identity  Credential Providers establish electronic identities “Identity” is the set of information associated with a person An “electronic credential” issued to the person is linked to their “identity”  Resource Providers offer access to resources for specific groups of people Based in part on some aspect(s) of their identity  Resource Providers are asked to trust Credential Providers to offer accurate information  Credential Providers and their subjects trust Resource Providers to not misuse that information  Why should they?

5 Why a Federation for the Academic Community?  Scenario #1: Instruction Professor teaches at USC, which has enrolled students from CMU, through an inter-institutional cooperative agreement of universities. During scheduled office hours, the professor works at her workstation, when a pop-up box appears that John Doe from CMU is requesting to initiate a videoconference with her. (authZ #1) Info is also conveyed that CMU asserts that this is, in fact, who he claims to be and further, is an enrolled student in the class. She can make an informed decision about whether to accept the videoconference invitation. (authZ #2) The info is believed because it has been delivered in the context of a trusted federation.

6 Why a Federation for the Academic Community?  Scenario #2: Research A group of researchers, spread across a number of participating institutions of the federation, want to securely share a web site located on one of the campuses. Each researcher can use his or her own campus identity and login to access the restricted site. Confidence is based on the fact that the institutions belong to a trusted federation.

7 Why a Federation for the Academic Community?  Scenario #3: Living and learning A content provider (aka “target”) wants to change from IP access controls to better technologies for gating content to an institutional customer, and is therefore willing to accept campus credentials for access to content. This provides better security and enables higher levels of granularity in controlling access if restricted access is desired. The basis for the content provider trusting in the origin is the trusted federation.

8 The InCommon Federation  The InCommon federation is intended to support production- level end-user access to protected resources by providing the means to allow organizations to make effective decisions about sharing resources, based upon the attributes presented by an authoritative source on behalf of requesting user.  InCommon Federation operations – supported by Internet2 Establishes minimum standards for the community Issues credentials for use with federation service platforms Distributes metadata about federation participants  InCommon Federating software and data schema Shibboleth 1.1 and above, though others may be added later eduPerson200210 or later and eduOrg200210 or later  InCommon registers participants and distributes metadata

9 Participants trust in the Federation  Participants trust the federated operations to perform the federation’s activities well Vetting process for InCommon component identity credentials for participants’ Shib platforms Reliable process for collecting & distributing necessary operational information among participants The operator (Internet2) posts its procedures, attempts to execute them faithfully, and makes no warranties InCommon will make a reasonable effort to ensure that it is working with individuals who truly can represent the participant organization. Organizations read the procedures and decide if they want to participate

10 Participants trust in each other  Credential Providers trust that Resource Providers will do what they say  Resource Providers trust that Credential Providers have in place the proper controls and procedures to manage credentials  CPs and RPs trust each other through bilateral arrangements Participants post a statement of basic information (POP) Risks and liabilities managed by end enterprises, in separate ways

11 What is required of a Credential Provider?  Establish “Identity Management” as part of critical business practices Visible and supported at high levels Backed by institutional policy and practices  Develop authoritative Person Registry What elements of identity are needed? What office is authoritative for which elements?  Decide what type of credentials are needed Depends on risk associated with use of associated identity UserID/pwd - weak but OK for many things PKI on smartchip device - strong and needed for some things  Implement operational practices & technology

12 Inventory of campus identity elements  Typically starts with Registrar and HR data But not -all- such data is needed in this context  Campus adds things like person IDs, email addresses, affiliations, roles (some day)  The identifier inventory informs the process of determining the requirements for trust, including what assertions are acceptable for what purposes.  Risk and trust requirements are determined by the resource providers and the users considering their personal privacy risk.  How all this is managed is important!

13 Credentials  Electronic credentials connect a person to information about them  How does your campus ensure this connection is valid? The initial I&A process is critical Different processes result in different levels of assurance  Are credentials shared (or sharable)?  High risk or sensitive applications may require more than one credential  Some people may require more than one credential And possibly more than one identity

14 Developing levels of assurance  How much assurance is needed for various purposes?  Risk and trust requirements will be determined by the resource holder as well as the user considering their personal privacy risk. Taken together, these requirements will determine the technologies and policies implemented. At the low risk & low trust end of the continuum: public information websites, videoconferencing meeting for the Shib Development Team. –What assertions— if any — should be required? At the mid-level of risk and trust: access to copyrighted materials, course management systems, business services, etc. At the high risk & high trust end of the continuum: access to medical records, data from a bio-terrorism lab, videoconferencing meeting of security experts discussing response to network security emergency.

15 Theoretical Risk-Trust Matrix

16 The potential for InCommon  The federation as a networked trust facilitator  Needs to scale in two fundamental ways Policy underpinnings need to move to normative levels among the participants; “post and read” is a starting place… Inter-federation issues need to be engineered; we are trying to align structurally with emerging federal recommendations  Needs to integrate with other emerging federations and and with federal and international activities  If it does scale and grow, it could become a most significant component of cyber-infrastructure…

17 InCommon Trust - ongoing  Use trust  Build trust cycle  Clearly need consensus levels of I/A  Multiple levels of I/A for different needs Two factor for high-risk Distinctive requirements (campus in Bejing or France, distance ed, mobility)  Standardized data definitions unclear  Audit requirements unclear  International issues (language, legal, political,…)

18 Getting to first base  Alphonse-Gaston: establishing a set of rules to determine criteria for InCommon participation Individual participants may not want to know the details about other participants’ policies. Do they need to? –Trust engendered through optional disclosures. Federation participants use different assumptions, e.g, some University Systems may want to join as a collective system, while others would prefer to join as individual campuses. Is consistency important? Are multiple federation memberships problematic? Should participants be asked to vouch for other potential participants?

19 Authenticate locally, Act federally  For general information http://incommon.internet2.edu http://www.incommonfederation.org  For participation information incommon-info@internet2.edu

Download ppt "Origins: The Requirements of Participating in Federations CAMP Shibboleth June 29, 2004 Barry Ribbeck & David Wasley."

Similar presentations

Appropriate Access InCommon Identity Assurance Profiles David L. Wasley Campus Architecture and Middleware Planning workshop February 2008.

Appropriate Access InCommon Identity Assurance Profiles David L. Wasley Campus Architecture and Middleware Planning workshop February 2008.
Trust Router. Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any.

Trust Router. Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any.
1 The Challenges of Creating an Identity Management Infrastructure for the University of California David Walker Karl Heins Office of the President University.

1 The Challenges of Creating an Identity Management Infrastructure for the University of California David Walker Karl Heins Office of the President University.
Standard 13 Related Educational Activities Robert K. Clark Cumberland County College Vineland, NJ.

Standard 13 Related Educational Activities Robert K. Clark Cumberland County College Vineland, NJ.
1 The Evolving Definition of Student: Identity Management at Duke University Klara Jelinkova Director, Computing Systems Office of Information Technology.

1 The Evolving Definition of "Student": Identity Management at Duke University Klara Jelinkova Director, Computing Systems Office of Information Technology.
Federations in Texas Barry Ribbeck University of Texas Health Science Center at Houston.

Federations in Texas Barry Ribbeck University of Texas Health Science Center at Houston.
1 Authentication Trustworthiness The Next Stage in Identity-Based Access and Security Tom Board, NUIT.

1 Authentication Trustworthiness The Next Stage in Identity-Based Access and Security Tom Board, NUIT.
1 ARPA A regional infrastructure for secure role-based access to RTRT services Ing. Laura Castellani Tuscany Region.

1 ARPA A regional infrastructure for secure role-based access to RTRT services Ing. Laura Castellani Tuscany Region.
Copyright JNT Association 20051Optional www.ukfederation.org.uk Copyright JNT Association 2007 1 Joining the UK Access Management Federation 4th April.

Copyright JNT Association 20051Optional Copyright JNT Association Joining the UK Access Management Federation 4th April.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST 24-27 May 2005, Edinburgh.

1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.

David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.

1 eAuthentication in Higher Education Tim Bornholtz Session #47.
Identity & Access Management DCS 861 Team2 Kirk M. Anne Carolyn Sher-Decaustis Kevin Kidder Joe Massi John Stewart.

Identity & Access Management DCS 861 Team2 Kirk M. Anne Carolyn Sher-Decaustis Kevin Kidder Joe Massi John Stewart.
Information Resources and Communications University of California, Office of the President Current Identity Management Initiatives at UC & Beyond: UCTrust.

Information Resources and Communications University of California, Office of the President Current Identity Management Initiatives at UC & Beyond: UCTrust.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.

Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.

Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.
Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.

Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.
CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,

CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,
InCommon Policy Conference April 2005. 2 Uses  In order to encourage and facilitate legal music programs, a number of universities have contracted with.

InCommon Policy Conference April Uses  In order to encourage and facilitate legal music programs, a number of universities have contracted with.
Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.

Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.

Similar presentations

Ads by Google