Presentation is loading. Please wait.

Presentation is loading. Please wait.

UCLA’s Shibboleth Plan Shibboleth is an integral part of UCLA’s Enterprise Directory & Identity Management Infrastructure (EDIMI) Project Integrate with.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "UCLA’s Shibboleth Plan Shibboleth is an integral part of UCLA’s Enterprise Directory & Identity Management Infrastructure (EDIMI) Project Integrate with."— Presentation transcript:

1 UCLA’s Shibboleth Plan Shibboleth is an integral part of UCLA’s Enterprise Directory & Identity Management Infrastructure (EDIMI) Project Integrate with ISIS, UCLA’s Web SSO –Replace existing attribute query interface in ISIS with Shibboleth –Improve User Experience –Revamp Administration Model

2 Shibboleth in EDIMI Shibboleth is the standard web attribute query API in the EDIMI project. UCLA’s Shibboleth will query the enterprise directory for data. Currently developing Enterprise Directory: Phase I release in Fall 2005 ED schema is designed with Shibboleth in mind: eduPerson and eduPerson style entitlement attributes.

3 Shibboleth in EDIMI As we add more data in to the ED, Shibboleth becomes richer. –Phase I: basic identity and contact data –Phase II: eduPerson and employee data related role and entitlement attributes –Phase III: student related role and entitlement attributes –Other: Through out the project, we will seek opportunity to include miscellaneous attributes of interest: e.g., departmentalNetworkAdministrator; computerSupportCoordinator;

4 Integrating Shibboleth with ISIS Shibboleth offers richer set of attributes with user-controlled privacy release policy. Shibboleth is not just for cross-institution authentication. All UCLA Web applications will eventually be Shib-enabled. Migration will take time – With nearly 100 applications, this will be a multi-year process.

5 UCLA Shibboleth Status Server Status: –Currently in test –Integrated with test ISIS Federation Status: –UCLA is a member of InQueue –Will join InCommon as soon as our IdM scheme complies with requirements Rollout: –Need to identify suitable early adopters

6 Evangelizing Shibboleth Shibboleth in Outsourced Administrative Apps: UCLA HR is looking to outsource its employment and position management system to PeopleAdmin, a vendor hosted HR application vendor. PeopleAdmin’s primary client-base is Higher- Ed and the public sector. Convince PeopleAdmin to develop support for Shibboleth in its software.

7 Evangelizing Shibboleth Shibboleth in Affiliated Service Organizations: Apple and ASUCLA wants to post restricted promotional material on ASUCLA’s web site. Push ASUCLA to use Shibboleth. … and reaching out to an OS vendor… Conversation with Apple engineer: possible Shibboleth support from within Mac OS, iTune and iChat?

8 Evangelizing Shibboleth Shibboleth in grass-root implementations: A group of computer science students have developed a Jabber chat client and are looking for authentication solutions. Working with the group to develop Shibboleth connector to Jabber/XMPP

9 Evangelizing Shibboleth Ongoing projects at Internet2/nation-wide level: Content Management Software: WebCT, Blackboard, Sakai, Moodle Online journal vendors: JSTOR Grid computing and Shibboleth Integration US Federal Government E-Authentication initiative

10 Evangelizing Shibboleth Other possibilities: Penn State implemented Shibboleth with Napster. UC just signed a similar music download service. Shib? Bruinwalk.com, a student run web site at UCLA, has been using UCLA’s BOL ID/password to log user in via shady techniques. Shib is a good way to enable student run organizations to legitimately support users without compromising security.

Download ppt "UCLA’s Shibboleth Plan Shibboleth is an integral part of UCLA’s Enterprise Directory & Identity Management Infrastructure (EDIMI) Project Integrate with."

Similar presentations

Next Generation Athens Services Ed Zedlewski UK e-Science Town Meeting, London, 11 April 2005.

Next Generation Athens Services Ed Zedlewski UK e-Science Town Meeting, London, 11 April 2005.
Enabling UCTrust Access for Your Application Introduction to The UC CSC Conference UC Santa Barbara, July 21-22, 2008.

Enabling UCTrust Access for Your Application Introduction to The UC CSC Conference UC Santa Barbara, July 21-22, 2008.
Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
Establishing an OU Hierarchy for Managing and Securing Clients Base design on business and IT needs Split hierarchy Separate user and computer OUs Simplifies.

Establishing an OU Hierarchy for Managing and Securing Clients Base design on business and IT needs Split hierarchy Separate user and computer OUs Simplifies.
The Internet2 NET+ Services Program Jerry Grochow Interim Vice President CSG January, 2012.

The Internet2 NET+ Services Program Jerry Grochow Interim Vice President CSG January, 2012.
Emory University Case Study I2 Day Camp November 5, 2010 John Ellis & Elliot Kendall.

Emory University Case Study I2 Day Camp November 5, 2010 John Ellis & Elliot Kendall.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.

1 eAuthentication in Higher Education Tim Bornholtz Session #47.
UC Irvine’s Pre-Shib Attribute Setup PH / QI Directory Provides Authoritative Attribute Store –Had both Faculty / Staff and Student Information UCI’s Campus.

UC Irvine’s Pre-Shib Attribute Setup PH / QI Directory Provides Authoritative Attribute Store –Had both Faculty / Staff and Student Information UCI’s Campus.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.

Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
Business Productivity Online Suite Enterprise class software delivered via subscription services hosted by Microsoft and sold with partners.

Business Productivity Online Suite Enterprise class software delivered via subscription services hosted by Microsoft and sold with partners.
Shibboleth and InCommon Copyright Texas A&M University 2008. This work is the intellectual property of the author. Permission is granted for this material.

Shibboleth and InCommon Copyright Texas A&M University This work is the intellectual property of the author. Permission is granted for this material.
Administrative Information Systems Shibboleth: The Next Generation ISIS Technical Information Session for Developers Datta Mahabalagiri March 3. 2008.

Administrative Information Systems Shibboleth: The Next Generation ISIS Technical Information Session for Developers Datta Mahabalagiri March
Shibboleth Case Studies: Shibboleth as the Campus Web SSO Albert Wu, UCLA Datta Mahabalagiri, UCLA.

Shibboleth Case Studies: Shibboleth as the Campus Web SSO Albert Wu, UCLA Datta Mahabalagiri, UCLA.
State of Information Technology Presentation for Faculty Council November 14, 2013 Mike Carlin Vice Chancellor for IT and CIO.

State of Information Technology Presentation for Faculty Council November 14, 2013 Mike Carlin Vice Chancellor for IT and CIO.
Australian Access Federation Robert Hazeltine Identity and Access Management Enterprise Systems Office.

Australian Access Federation Robert Hazeltine Identity and Access Management Enterprise Systems Office.
CASE: Haka federation EuroCAMP, 3-5 April, 2006 CSC, the Finnish IT Center for Science

CASE: Haka federation EuroCAMP, 3-5 April, 2006 CSC, the Finnish IT Center for Science
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.

3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.
Exploring InCommon Getting Started with InCommon: Creating Your Roadmap.

Exploring InCommon Getting Started with InCommon: Creating Your Roadmap.
Australian Access Federation and other Middleware Initiatives Presented at TF-EMC2, Prague 4 Sep 2007 Patty McMillan, The University of Queensland.

Australian Access Federation and other Middleware Initiatives Presented at TF-EMC2, Prague 4 Sep 2007 Patty McMillan, The University of Queensland.
SUNY System Administration Federation Overview Gavin Hogan July 15th, 2009 A work in progress….

SUNY System Administration Federation Overview Gavin Hogan July 15th, 2009 A work in progress….

Similar presentations

Ads by Google