Presentation is loading. Please wait.

Presentation is loading. Please wait.

Federated Authentication at NIH: Trusting External Credentials at Known Levels of Assurance Debbie Bucci and Peter Alterman November, 2009.

Published byKathryn Murphy Modified over 8 years ago

Similar presentations

Presentation on theme: "Federated Authentication at NIH: Trusting External Credentials at Known Levels of Assurance Debbie Bucci and Peter Alterman November, 2009."— Presentation transcript:

1 Federated Authentication at NIH: Trusting External Credentials at Known Levels of Assurance Debbie Bucci and Peter Alterman November, 2009

2 Page 2 Context Background and History InCommon (Shibboleth-SAML) OpenID PKI and PIV Future Plans integration Services Center (ISC) Contact: NIHISCSupport@mail.nih.gov

3 Page 3 About NIH integration Services Center (ISC) Contact: NIHISCSupport@mail.nih.gov National Institutes of Health (NIH) Part of the U.S. Dept. of Health & Human Services Primary Federal agency for conducting and supporting biomedical research

4 Page 4 NIH Login integration Services Center (ISC) Contact: NIHISCSupport@mail.nih.gov NIH Login is the first Federated Identity Management service initiated at NIH and has been in production since February 2003.

5 Page 5 Consuming Many Credential Technologies, Federations and Trust Framework Providers integration Services Center (ISC) Contact: NIHISCSupport@mail.nih.gov 1.Validating credentials 2.Processing Levels of Assurance 3.Passing valid assertions and LOA to applications Powered by CA SiteMinder

6 Page 6 NIH Login Today Supports approximately internal and external 35,000 users Number of systems: –202 Service Level Agreements –450 URLs Over 1 million transactions per day integration Services Center (ISC) Contact: NIHISCSupport@mail.nih.gov

7 Page 7 External Users integration Services Center (ISC) Contact: NIHISCSupport@mail.nih.gov NIH provides financial support to researchers around the world. NIH invests over $28 billion in medical research each year. 7 $28 Billion in Medical Research 83% goes to almost 50,000 competitive grants that support over 325,000 researchers outside of NIH.

8 Page 8 Website: http://EnterpriseArchitecture.nih.gov Contact: EnterpriseArchitecture@mail.nih.gov NIH Federated Login NIH Federated Login

9 Page 9 Website: http://EnterpriseArchitecture.nih.gov Contact: EnterpriseArchitecture@mail.nih.gov Federal Government SAML Identity Providers –Northrop Grumman’s GovTrip, InCommon Wiki, Indiana CTS Federated with other HHS agencies –Food and Drug Administration (ADFS 1.0) –HHS Shared Services –Health Resources and Services Administration NIH PIV –Level 3 software certificates at FPKI Medium –Level 4 PIV cards at FPKI High Certificates cross-certified with Federal Bridge –DOD and Aerospace –SAFE Pharma –Other agencies

10 Page 10 Website: http://EnterpriseArchitecture.nih.gov Contact: EnterpriseArchitecture@mail.nih.gov NIH and InCommon Dec 2006 - Pilot with NSF FastLane June 2007 - Signed MOA with InCommon for LOA-1 Aug 2008 - First InCommon/NIH application –Public Information Officers Federated SharePoint Feb 2009 - NCRR enabled two major applications –Progress Reports –CTSA wiki In process: NIH Electronic Research Administration systems (LOA-2)

11 Page 11 Website: http://EnterpriseArchitecture.nih.gov Contact: EnterpriseArchitecture@mail.nih.gov NIH and InCommon – Future LOA - 2 (silver) Pilot with e-Grants –Production expected in FY11 with 200,000 users Additional Services: –Multiple Institute/Center SharePoint instances –Proxy to multiple managed services –Additional scientific wikis

12 Page 12 Website: http://EnterpriseArchitecture.nih.gov Contact: EnterpriseArchitecture@mail.nih.gov NIH and OpenID Current Status: Full implementation pending OpenID Foundation approval as Trust Framework Provider and Foundation members’ compliance with Federal OpenID profile and scheme Early LOA-1 applications targeting use of OpenID credentials National Library of Medicine Medical wikis Conference registration Regional library access Others Early OpenID providers Google Yahoo AOL Microsoft

13 Page 13 Website: http://EnterpriseArchitecture.nih.gov Contact: EnterpriseArchitecture@mail.nih.gov Next Steps Production service with OpenID member credential providers InCommon member credential providers at LOA-2 Continue adding NIH and other Agency apps as relying parties Add InfoCard to the mix – open NIH-wide Identity Provider discovery/workflow – need to present a scalable, user-friendly interface

14 Page 14 Website: http://EnterpriseArchitecture.nih.gov Contact: EnterpriseArchitecture@mail.nih.gov Contact Information NIH Federated Login –http://federatedidentity.nih.govhttp://federatedidentity.nih.gov –http://isc.nih.govhttp://isc.nih.gov –nihfederationrequest@mail.nih.govnihfederationrequest@mail.nih.gov NIHEnterprise Architecture –http://enterprisearchitechure.nih.govhttp://enterprisearchitechure.nih.gov NIH Enterprise Architecture Community in the NIH Portal –enterprisearchitecture@mail.nih.goventerprisearchitecture@mail.nih.gov

Download ppt "Federated Authentication at NIH: Trusting External Credentials at Known Levels of Assurance Debbie Bucci and Peter Alterman November, 2009."

Similar presentations

NIH-EDUCAUSE PKI Interoperability Project Electronic Grant Application With Multiple Digital Signatures Peter Alterman, Ph.D. Director of Operations Office.

NIH-EDUCAUSE PKI Interoperability Project Electronic Grant Application With Multiple Digital Signatures Peter Alterman, Ph.D. Director of Operations Office.
Single Sign-On and Federated Authentication at NIH and Beyond

Single Sign-On and Federated Authentication at NIH and Beyond
Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.

Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.
Levels of Assurance: An Overview Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.

Levels of Assurance: An Overview Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.

Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.
Case Studies in Identity Management for Scientific Collaboration 2014 Technology Exchange Jim Basney CILogon This material is.

Case Studies in Identity Management for Scientific Collaboration 2014 Technology Exchange Jim Basney CILogon This material is.
The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer,

The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer,
Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.

Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.
PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.

PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.
U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.

U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
1 Trust Framework Portable Identity Schemes Trust Framework Portable Identity Schemes NIH iTrust Forum December 10, 2009 Chris Louden.

1 Trust Framework Portable Identity Schemes Trust Framework Portable Identity Schemes NIH iTrust Forum December 10, 2009 Chris Louden.
The U.S. Federal PKI and the Federal Bridge Certification Authority

The U.S. Federal PKI and the Federal Bridge Certification Authority
EDUCAUSE Fed/Higher ED PKI Coordination Meeting

EDUCAUSE Fed/Higher ED PKI Coordination Meeting
Building Trusted Transactions Identity Authentication & Attribute Exchange In Public and Private Federations OASIS Conference September 2010 Joni Brennan,

Building Trusted Transactions Identity Authentication & Attribute Exchange In Public and Private Federations OASIS Conference September 2010 Joni Brennan,
Federated Access to US CyberInfrastructure Jim Basney CILogon This material is based upon work supported by the National Science Foundation.

Federated Access to US CyberInfrastructure Jim Basney CILogon This material is based upon work supported by the National Science Foundation.
Www.incommon.org InCommon and Federated Identity Management 1 www.incommon.org.

InCommon and Federated Identity Management 1
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign InCommon and TeraGrid Campus Champions Jim Basney

National Center for Supercomputing Applications University of Illinois at Urbana-Champaign InCommon and TeraGrid Campus Champions Jim Basney
NIH iTrust Peter Alterman/Debbie Bucci National Institutes of Health October 2010.

NIH iTrust Peter Alterman/Debbie Bucci National Institutes of Health October 2010.

Similar presentations

Ads by Google