01 October 2001 “...By Any Other Name…”. Consequences and Truths (Ken) The Pieces and the Processes (Bob) Directories (Keith) Shibboleth and SAML (Scott)

Slides:

Advertisements

Similar presentations

1 April 2014 JISC – SURF Workshop Some thoughts from Internet2 Heather Boyles Heather Boyles

Advertisements

Next Generation Athens Services Ed Zedlewski UK e-Science Town Meeting, London, 11 April 2005.

Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.

Internet2, CENIC and Merit: Partnering to Deliver Cloud Services to California.

Welcome to CAMP! Ken Klingenstein, Director, Internet2 Middleware Initiative.

2006 © SWITCH Authentication and Authorization Infrastructures in e-Science (and the role of NRENs) Christoph Witzig SWITCH e-IRG, Helsinki, Oct 4, 2006.

1 ARPA A regional infrastructure for secure role-based access to RTRT services Ing. Laura Castellani Tuscany Region.

A.Vandenberg August 7, 2001 HE PKI Summit State of Georgia and PKI Art Vandenberg Director, Advanced Campus Services Information Systems & Technology.

Understanding Active Directory

8/12/03 High-Quality Video Conferencing Richard S. Wolff, Ph. D Feb 2004.

Welcome Acknowledgments and thanks Security Acronymny: then and now What’s working What’s proving hard.

InCommon Policy Conference April Uses  In order to encourage and facilitate legal music programs, a number of universities have contracted with.

New CyberInfrastructure for Collaboration between Higher Ed and NIH.

Shibboleth and InCommon: Making Secure Collaboration a Reality Scott Cantor Internet2/MACE and The.

Welcome to CAMP Identity Management Integration Workshop Ann West NMI-EDIT EDUCAUSE/Internet2.

PKI in Higher Education: Dartmouth PKI Lab Update Internet2 Virtual Meeting 5 October 2001.

1 The Partnership Challenge Higher education’s missions are realized in increasingly global, collaborative, online relationships –Higher educations’ digital.

GridShib Grid-Shibboleth Integration Von Welch, Tom Barton, Kate Keahey, Frank Siebenlist GlobusWORLD 2005.

Australian Access Federation and other Middleware Initiatives Presented at TF-EMC2, Prague 4 Sep 2007 Patty McMillan, The University of Queensland.

What is Internet2? Ted Hanss, Internet2 5 March

Belnet Federation Belnet – Loriau Nicolas Brussels – 12 th of June 2014.

2005 © SWITCH Perspectives of Integrating AAI with Grid in EGEE-2 Christoph Witzig Amsterdam, October 17, 2005.

Of Security, Privacy, and Trust. Security Personal security is largely distinct from network security (modulo VPN’s and authentication to the network)

Shibboleth Update Michael Gettes Principal Technologist Georgetown University Ken Klingenstein Director Interne2 Middleware Initiative.

David L. Wasley Office of the President University of California Shibboleth Safe delivery of reliable authorization data David L. Wasley University of.

NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.

Shibboleth A Federated Approach to Authentication and Authorization Fed/Ed PKI Meeting June 16, 2004.

Information Technology  © 2001 The Trustees of Boston College  5/8/2003  Slide 1 Why Standards? Campus Perspective Bernard W. Gleason XML Forum Alexandria,

Rethinking Privacy As Bob Blakley says, “It’s not about privacy, it’s about discretion.” Passive privacy - The current approach. A user passes identity.

Shibboleth Update Advanced CAMP 7/31/02 RL “Bob” Morgan, Washington Steven Carmody, Brown Scott Cantor, Ohio State Marlena Erdos, IBM/Tivoli Michael Gettes,

Shibboleth at Columbia Update David Millman R&D July ’05

5/7/2002 Vidmid-vc: Middleware for Video Conferencing Services Egon Verharen, SURFnet Vidmid-vc chair Middleware Vidmid VC History, Scope, Status, Authentication.

1 Protection and Security: Shibboleth. 2 Outline What is the problem Shibboleth is trying to solve? What are the key concepts? How does the Shibboleth.

NSF Middleware Initiative: Enterprise and Desktop Integration Technologies Consortium Renee Woodten Frost Assistant Director Internet2 Middleware Initiative.

Shibboleth Update Eleventh Federal & Higher Education PKI Coordination Meeting (Fed/Ed Thursday, June 16, 2005.

Introduction to Internet2 Laurie Burns Director of Member Activities, Internet2 AN-MSI Internet 2 Planning Conference University of Texas at El Paso April.

Leveraging the InCommon Federation to access the NSF TeraGrid Jim Basney Senior Research Scientist National Center for Supercomputing Applications University.

Fundamentals: Security, Privacy, Trust. Scenarios we’d like to see... Use of licensed library materials regardless of student’s location Signed .

GridShib Grid-Shibboleth Integration An Overview Von Welch

Shibboleth Trust Model Shibboleth/SAML Communities (aka Federated Administrations) Club Shib Club Shib Application process Policy decision points at the.

Information Technology Services Strategic Directions Approach and Proposal “Charting Our Course”

05 October 2001 Directories: The Next Stage Keith Hazelton, Senior IT Architect University of Wisconsin-Madison Keith Hazelton, Senior IT Architect University.

Shibboleth & Federated Identity A Change of Mindset University of Texas Health Science Center at Houston Barry Ribbeck

Internet2 and Cyberinfrastructure Russ Hobby Program Manager,

Shibboleth: Overview and Status The Shibboleth Architecture Team.

Day 3 Roadmap and PKI Update. When do we get to go home? Report from the BoFs CAMP assessment, next steps PKI technical update Break Research Issues in.

Welcome to Base CAMP: Enterprise Directory Deployment Ken Klingenstein, Director, Internet2 Middleware Initiative Copyright Ken Klingenstein This.

University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.

NSF Middleware Initiative Purpose To design, develop, deploy and support a set of reusable, expandable set of middleware functions and services that benefit.

30 November 2001 Advisory Panel on Cyber Infrastructure National Science Foundation Douglas Van Houweling November 30, 2001 National Science Foundation.

InCommon® for Collaboration Institute for Computer Policy and Law May 2005 Renee Shuey Penn State Andrea Beesing Cornell David Wasley Internet 2.

Advanced research and education networking in the United States: the Internet2 experience Heather Boyles Director, Member and Partner Relations Internet2.

October 2, 2001 Middleware: Pieces and Processes RL "Bob" Morgan, University of Washington.

NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Renee Woodten Frost Internet2/University of Michigan.

2-Oct-0101 October 2001 Directories as Middleware Keith Hazelton, Senior IT Architect University of Wisconsin-Madison Keith Hazelton, Senior IT Architect.

Internet2 Spring Meeting NSF Middleware Initiative Purpose To design, develop, deploy and support a set of reusable, expandable set of middleware functions.

Welcome to CAMP Directory Workshop Ken Klingenstein, Internet2 and University of Colorado-Boulder.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Interoperability Shibboleth - gLite Christoph.

REN-ISAC Research and Education Networking Information Sharing and Analysis Center Doug Pearson REN-ISAC Director Internet2 Security WG BoF October 14,

Agenda  Microsoft Directory Synchronization Tool  Active Directory Federation Server  ADFS Proxy  Hybrid Features – LAB.

INTRODUCTION TO IDENTITY FEDERATIONS Heather Flanagan, NSRC.

NSF Middleware Initiative and Enterprise Middleware: What Can It Do for My Campus? Mark Luker, EDUCAUSE Copyright Mark Luker, This work is the intellectual.

Shibboleth Roadmap

Vidmid Session Overview

University of Texas System

Innovative Solutions from Internet2

Michael R Gettes, Duke University On behalf of the shib project team

Shibboleth Deployment Overview

Shibboleth and Federations

Egon Verharen, SURFnet Vidmid-vc chair

Presentation transcript:

01 October 2001 “...By Any Other Name…”

Consequences and Truths (Ken) The Pieces and the Processes (Bob) Directories (Keith) Shibboleth and SAML (Scott) The Human Issues (Stewart) Q&A (Bob, Ken)

Consequences to our members Provide the infrastructure for , calendaring, portals, desktop video, course management systems, etc. Link legacy systems to new applications Enable a rich set of inter-institutional collaborations and environments

Consequences to the R&E community Enable wider deployments of distributed computing environments Build a consistent base for international science and collaboration

Consequences to the R&E community Permit “personal objects” to be exchanged Support new instructional and professional development opportunities in K-20

Consequences at large Our issues have become their issues Federated administration Privacy Flexible trust models Open standards

Consequences at large Our urgency presages their urgency Sharing resources Use of video for conferencing and collaboration

Our corporate partners tell the story IBM/Tivoli - interrealm exchange of attributes (Shibboleth) Sun on large-scale directories (DoDHE) RADvision and Polycomm/Accord on videoconferencing (vidmid) Metamerge on metadirectories (mace-dir)

Our federal partners tell the story US Government in PKI (HEPKI) NSF and the Grid Centers in the NSF Middleware Initiative

Truths Reworking security Rethinking privacy Restructuring trust

Reworking Security Security is a bigger space Network and host security is mission critical Personal security is urgent and just now developing Human nature must be accounted for Is it security or is it liability?

Network/Host Security Activities Abilene leadership in the effort to characterize and to respond to all classes of Distributed Denial of Service Indiana NOC – operational response approaches Collaborative relationships with Internet2 Corporate Member start-ups: Arbor Networks, Asta Networks Ohio ITEC – real-time traffic information

Internet2 Security Working Group Focus on campus and collaborative efforts Planning for Intensive Training program Will request identification of Internet2 contact for Security Work with EDUCAUSE Systems Security Groups

Personal Security Activities HEPKI-TAG and HEPKI-PAG Web-ISO PKILABS at Wisconsin and Dartmouth NIH/NIST/Internet2 Personal Security Research Conference next April Shibboleth

Rethinking Privacy Privacy can only be degraded; it cannot be repaired People will part with privacy for good reasons and appropriately defined rubber squeeze toys Is it privacy or is it discretion?

Privacy Built In - Shibboleth Passive privacy - A user passes identity to the target. The user has no control, and no responsibility. Active privacy - A user, through a security domain, releases attributes to the target which can include identity. The user has control and commensurate responsibility.

Restructuring Trust Federated administration now a theme of Microsoft and the Liberty Alliance. Tribes can form agreements more easily than broader, more formal associations Trust tends to grow rather than be delivered Is is trust or is it risk management?

Leadership trust activities Higher Ed Certificate Policy/Certificate Practice Drafts Club Shib International discussions on broader trust models