Presentation is loading. Please wait.

Presentation is loading. Please wait.

Implementing Shibboleth-based Virtual Organisations and VO Federations using IAMSuite (including AAF update) James Dalziel & Alan Lin Professor of Learning.

Published byKelly Perry Modified over 9 years ago

Similar presentations

Presentation on theme: "Implementing Shibboleth-based Virtual Organisations and VO Federations using IAMSuite (including AAF update) James Dalziel & Alan Lin Professor of Learning."— Presentation transcript:

1 Implementing Shibboleth-based Virtual Organisations and VO Federations using IAMSuite (including AAF update) James Dalziel & Alan Lin Professor of Learning Technology, and Director, Macquarie E-Learning Centre Of Excellence (MELCOE) Macquarie University james@melcoe.mq.edu.au www.melcoe.mq.edu.au Presentation for Internet2 Conference, San Diego, USA, Monday 8 th October, 2007

2 Overview MAMS & AAF update –Other federation collaboration services IAMSuite –VO Federation management –VOs and workspaces –People picker for finding potential members National collaboration services

3 MAMS Testbed Federation http://federation.org.au/FedManager/listMembers.do “Level-2” Federation (at 26/6/07) : 21 Service Providers 19 Identity Providers (approx 900,000 end users) Growing…

4 Admin tool: ShARPE 17 - 18 April 2007 IdP Administrators import “service descriptions” and create site & group ARPs

5 User privacy: Autograph 17 - 18 April 2007 Users can view attributes released to a SP and manage User ARPs.

6 Australian Access Federation The Australian Access Federation project is taking forward the work of the MAMS (Shibboleth) and e-Security (PKI) projects to develop a unified trust federation for higher education and research –Policy and governance –PKI and Shibboleth production rollout –Adoption support, workshops, supporting systems, etc Overall AAF rollout led by University of Queensland –Macquarie University leading Shibboleth & AusCERT leading PKI

7 AAF Shib Trust Fed Components 17 - 18 April 2007

8 Examples of collaboration services Trusted (secure) repositories (documents, data, media) –DSpace (integration of “traditional” application) –Fedora (native support for SAML, XACML for authorisation) –Others to come Secure Real-Time Text Chat –Example: Online Librarian Trusted Gridsphere portal and Virtual Organisation management (“IAMSuite”) –Including access to Grid services via Shibboleth/PKI bridge Workflow for collaborative research (“RAMS”)

9 A A Shibboleth-enabled DSpace repository

10 A A “Muradora” - Shibboleth and XACML-based Fedora Repository

11 A A Shibboleth-based Secure chat service (Jabber) – Online Librarian

12 RAMS workflow authoring: Online research group meeting

13 A A Shibboleth-based Virtual Organisation system - IAMSuite

14 IAMSuite Overview A framework & toolkit for managing a VO Federation under a larger national federation where additional user attributes are managed within VOs. –Core identity attributes come from home IdP each session; only “extras” held in VO –VO attributes can be used for access to VO Federation-only Service Providers, or VO-only features of national Service Providers –IAMSuite provides tools and templates for configuring extra attributes to be released to VO Service Providers, eg for levels of SP authorization (eg, view vs edit wiki) –VO Federation-specific OpenIdP is available (but no access to national federation) VO members can be selected via "People Picker", a federated IdP search –People Picker & IAMSuite may provide a stronger identity foundation than simple email "roundtrips" for VO invitation/membership (foundation based on current directory attributes, not working email) –Provides email roundtrips as alternative function if no People Picker Current IAMSuite integrated services such as wikis, instant messaging, document repository, video meeting, shared calendars and MyProxy integration The V1 beta release is currently available, and the production V1 release is planned for early 2008.

15 IAMSuite VO Federation Architecture Fed A VO Fed SP IAMSuite VO VO IdP IdP SP … External SP 1 External SP 2 External SP 3 IdP SP IdP SP OpenIdP WAYF SP

16 A IAMSuite Toolkit for management of VO Federations and VOs (secure workspaces)

17 A VO frontpage (right) and components (Services, Content, Roles, Participants - left)

18 Use PeoplePicker to find a Federation Member.

19 Configure IdPs to search. Select IdPs from list. Set Search Time-out and limit no. of results to be displayed.

20 Perform a search based on surname Select the required user information row.

21 A A IAMSuite VO: Configuring User Authorisation for Trusted Services

22 A IAMSuite integration with Grid Portlet for Certificates

23 MAMS is implementing IAMSuite for VeRSI eResearch projects

24 National collaboration services? Current discussion of federation-level (national) provision of basic collaboration services for any eResearch users For example: –WAYF, People Picker, Virtual Home Organisation (OpenIdP), MyProxy, IAMSuite, Wiki, Mailing List, Shib Instant Messaging, audio & video conf, collaborative activity workflow, etc –Could also provide data federation national services (ANDS “data commons”), eg, Persistent Identifier infrastructure, Data collections registries, National Discovery Service/Authenticated Federated Search, National authorisation fabric, etc Importance of high availability, redundancy, backup, 24x7 support, helpdesk, etc

25 NB: Under development IAMSuite, People Picker, SP integrations/adaptors, etc are all under current development –Final version may resemble current screenshots IAMSuite & People Picker V1 production release late 07/early 08 Muradora V1 production release this week RAMS (collab workflow) out already, Shib to come soon Online Librarian (Shib Jabber) out already

Download ppt "Implementing Shibboleth-based Virtual Organisations and VO Federations using IAMSuite (including AAF update) James Dalziel & Alan Lin Professor of Learning."

Similar presentations

PERSEUS : Portal-enabled Resources via Shibbolized End-user Security 16 May 2005JISC Core Middleware Programme Meeting, Loughborough 1 PERSEUS Project.

PERSEUS : Portal-enabled Resources via Shibbolized End-user Security 16 May 2005JISC Core Middleware Programme Meeting, Loughborough 1 PERSEUS Project.
Next Generation Athens Services Ed Zedlewski UK e-Science Town Meeting, London, 11 April 2005.

Next Generation Athens Services Ed Zedlewski UK e-Science Town Meeting, London, 11 April 2005.
EGI-InSPIRE RI-261323 EGI-InSPIRE EGI-InSPIRE RI-261323 AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Introducing the Macquarie E-learning Centre of Excellence (MELCOE) James Dalziel Adjunct Professor and Director

Introducing the Macquarie E-learning Centre of Excellence (MELCOE) James Dalziel Adjunct Professor and Director
Access management for repositories: challenges and approaches for MAMS James Dalziel Professor of Learning Technology and Director, Macquarie E-Learning.

Access management for repositories: challenges and approaches for MAMS James Dalziel Professor of Learning Technology and Director, Macquarie E-Learning.
Using a Shibboleth Trust Federation to create “Joint Lessons” with LAMS James Dalziel & Ernie Ghiglione Macquarie E-Learning Centre Of Excellence (MELCOE)

Using a Shibboleth Trust Federation to create “Joint Lessons” with LAMS James Dalziel & Ernie Ghiglione Macquarie E-Learning Centre Of Excellence (MELCOE)
The RAMP Project: Authorisation and Activityflow for eResearch James Dalziel Professor of Learning Technology, and Director, Macquarie E-Learning Centre.

The RAMP Project: Authorisation and Activityflow for eResearch James Dalziel Professor of Learning Technology, and Director, Macquarie E-Learning Centre.
18/05/2015 META ACCESS MANAGEMENT SYSTEM Virtual Organisations Accomodating Research Groups in a Shibboleth Federation Peter Schendzielorz Macquarie University’s.

18/05/2015 META ACCESS MANAGEMENT SYSTEM Virtual Organisations Accomodating Research Groups in a Shibboleth Federation Peter Schendzielorz Macquarie University’s.
2006 © SWITCH Authentication and Authorization Infrastructures in e-Science (and the role of NRENs) Christoph Witzig SWITCH e-IRG, Helsinki, Oct 4, 2006.

2006 © SWITCH Authentication and Authorization Infrastructures in e-Science (and the role of NRENs) Christoph Witzig SWITCH e-IRG, Helsinki, Oct 4, 2006.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST 24-27 May 2005, Edinburgh.

1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
Alex Reid, AARNet Australia Middleware Update; 16-Oct-06 Middleware in Australia - Update TF-ECM2 Malaga 16-Oct-06 Alex Reid Director, eResearch/Middleware.

Alex Reid, AARNet Australia Middleware Update; 16-Oct-06 Middleware in Australia - Update TF-ECM2 Malaga 16-Oct-06 Alex Reid Director, eResearch/Middleware.
16/3/2015 META ACCESS MANAGEMENT SYSTEM Implementing Authorised Access Dr. Erik Vullings MAMS Programme Manager

16/3/2015 META ACCESS MANAGEMENT SYSTEM Implementing Authorised Access Dr. Erik Vullings MAMS Programme Manager
NSF Middleware Initiative: GridShib Tom Barton University of Chicago.

NSF Middleware Initiative: GridShib Tom Barton University of Chicago.
Integrating Innovative E-Learning Systems: Challenges and Solutions from LAMS James Dalziel Professor of Learning Technology, and Director, Macquarie E-Learning.

Integrating Innovative E-Learning Systems: Challenges and Solutions from LAMS James Dalziel Professor of Learning Technology, and Director, Macquarie E-Learning.
Federated A(A(A))I Jens Jensen hepsysman, RAL, 20110701.

Federated A(A(A))I Jens Jensen hepsysman, RAL,
RAMS Overview: An update on the research workflow tool James Dalziel Professor of Learning Technology, and Director, Macquarie E-Learning Centre Of Excellence.

RAMS Overview: An update on the research workflow tool James Dalziel Professor of Learning Technology, and Director, Macquarie E-Learning Centre Of Excellence.
Open Code and Open Content for Education: The LAMS Experience

Open Code and Open Content for Education: The LAMS Experience
AAF Middleware update February16 2012 Presented by Terry Smith Technical Manager and Heath Marks Manager.

AAF Middleware update February Presented by Terry Smith Technical Manager and Heath Marks Manager.
Australian Access Federation Robert Hazeltine Identity and Access Management Enterprise Systems Office.

Australian Access Federation Robert Hazeltine Identity and Access Management Enterprise Systems Office.
Shib in the present and the future Ken Klingenstein Director, Internet2 Middleware and Security.

Shib in the present and the future Ken Klingenstein Director, Internet2 Middleware and Security.

Similar presentations

Ads by Google