© 2011 The University of Chicago Organizational Grouping, or Some New Authority & Risk Issues In Absentia: RL "Bob" Morgan, Kevin Morooney, Michael Gettes.

Slides:



Advertisements
Similar presentations
GridShib Tom Barton, U Chicago. 2 Grid Computing Distributed computing and/or data resources Heterogeneous computing & storage environments Interfaces.
Advertisements

1 Student Engagement in Times of Crisis. Session Aims By the end of the session you will be able to: analyse what kind of relationship you have with your.
IAM Online Friday, February 12, 2010 “Introduction to Federated Identity Management” John O’Keefe, Lafayette College Questions either via Adobe Connect.
Federated Identity, Shibboleth, and InCommon Tom Barton University of Chicago © 2009 The University of Chicago.
A Different View of IdM Biz Process? Michael R Gettes Duke University Denver, June 2005.
Starting Your Roadmap: Concepts and Terms Paul Caskey, The University of Texas System Copyright Paul Caskey This work is the intellectual property.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
NSF Middleware Initiative: GridShib Tom Barton University of Chicago.
Widely Distributed Access Management Tom Barton University of Chicago.
June 30, 2004CAMP Shibboleth Implementation Workshop Shibboleth Mockup - ARP GUI Management by Steven Carmody Brown University proxy Walter Hoehn.
Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.
Welcome to CAMP Identity Management Integration Workshop Ann West NMI-EDIT EDUCAUSE/Internet2.
Peer Information Security Policies: A Sampling Summer 2015.
A Model for Enterprise Group and Affiliation Management RL “Bob” Morgan University of Washington CAMP, June 2005.
Use case: Federated Identity for Education (Feide) Identity collaboration and federation in Norwegian education Internet2 International Workshop, Chicago,
GridShib: Grid-Shibboleth Integration (Identity Federation and Grids) April 11, 2005 Von Welch
1 Kuali Identity Management Advanced CAMP: Identity Services Summit for Higher Ed Open / Community-Source Projects.
Identity Management 2.0 George O. Strawn NSF CIO.
Introduction to Grouper Part 1: Access Management & Grouper Tom Barton University of Chicago and Internet2 Manager – Grouper Project.
Interfederation RL “Bob” Morgan University of Washington and Internet2 Digital ID World 2005 San Francisco.
1 The Partnership Challenge Higher education’s missions are realized in increasingly global, collaborative, online relationships –Higher educations’ digital.
October 13, 2004 © Campus Strategies 1 West Virginia Higher Education Policy Commission GASB Statement No. 39 October 13, 2004 Larry Goldstein, President.
Virtual Organizations, Real Support RL “Bob” Morgan University of Washington Advance CAMP, June 2005.
NERCOMP 2002 Ten Things IT Staff Need to Know About Education Records Privacy Jeff von Munkwitz-Smith University Registrar University of Connecticut.
Access Management with Grouper Tom Barton University of Chicago.
InCommon as Infrastructure: How Recommended Practices and Federation Features Help Scale Federated Identity Management Michael R. Gettes, Carnegie Mellon.
(Inter)Federation as Identity Management Policy Driver? RL "Bob" Morgan University of Washington.
Federated or Not: Secure Identity Management Janemarie Duh Identity Management Systems Architect Chair, Security Working Group ITS, Lafayette College.
Stuff, including interfederation stuff Dr Ken Klingenstein, Director, Middleware and Security, Internet2.
Federated Access to US CyberInfrastructure Jim Basney CILogon This material is based upon work supported by the National Science.
Identity Management in Open Science Grid Identity Management in Open Science Grid Challenges, Needs, and Future Directions Mine Altunay OSG Security Officer.
Integrated Institutional Identity Infrastructure: Implications and Impacts RL “Bob” Morgan University of Washington Internet2 Member Meeting, May 2005.
Outsourcing Student at USC Institute for Computer Policy and Law Cornell University, August 2008 Asbed Bedrossian Director of Enterprise Applications.
Baltic IT&T, Riga 2007 Identity Management within the educational sector in Norway Senior Adviser Jan Peter Strømsheim, Norwegian ministry of Education.
1 Protection and Security: Shibboleth. 2 Outline What is the problem Shibboleth is trying to solve? What are the key concepts? How does the Shibboleth.
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.
February 1, 2002 Internet2 Middleware Initiative and MACE RL "Bob" Morgan, University of Washington.
Intra- to Inter-institutional Use of Shibboleth Bruce Vincent, Stanford University June 28, 2006.
© 2006 The University of Chicago Team Science, Team Scholarship Tom Barton Chad Kainz.
More Allergic Reactions Some Potential Next Steps Tom Barton University of Chicago.
University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.
Identity Management, Federating Identities, and Federations November 21, 2006 Kevin Morooney Jeff Kuhns Renee Shuey.
October 2, 2001 Middleware: Pieces and Processes RL "Bob" Morgan, University of Washington.
Brown University Leveraging Social Identities Steve Carmody CSG, May 15, 2013.
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.
Welcome to CAMP Directory Workshop Ken Klingenstein, Internet2 and University of Colorado-Boulder.
Leveraging Campus Authentication to Access the TeraGrid Scott Lathrop, Argonne National Lab Tom Barton, U Chicago.
Americans with Disabilities Act (ADA) 1990 What Teachers Should know about Title II – Public Educational Institutions. Presented by Janie Beverley.
UCTrust Integration for UC Grid David Walker University of California, Davis ucdavis.edu Kejian Jin University of California, Los Angeles kjin.
Tom Barton, Senior Director for Integration, University of Chicago
Use case: Federated Identity for Education (Feide)
I2/NMI Update: Signet, Grouper, & GridShib
John O’Keefe Director of Academic Technology & Network Services
Identity & Access Management InCommon Research and Scholarship
Virtual organization support services:
A Business Case for Identity Management in Higher Education
PASSHE InCommon & Federated Identity Workshop
Context, Gaps and Challenges
Registrars are a Barrier to Collaboration: Truth or CIO Pretext?
Shibboleth as Attribute Delivery for Authorization
Library Participation in Learning Analytics Initiatives:
IAM Online Friday, February 12, 2010 “Introduction to Federated Identity Management” John O’Keefe, Lafayette College Questions either via Adobe Connect.
Managing Enterprise Directories: Operational Issues
Agenda Purpose for Project Goals & Objectives Project Process & Status Common Themes Outcomes & Deliverables Next steps.
Shibboleth 2.0 IdP Training: Introduction
Kingdom of Saudi Arabia
Student Engagement in Times of Crisis
Baseline Expectations for Trust in Federation
RESPONDING TO STUDENT VOICE: PRINCIPLES OF PRACTICE
NSF Middleware Initiative: GridShib
Presentation transcript:

© 2011 The University of Chicago Organizational Grouping, or Some New Authority & Risk Issues In Absentia: RL "Bob" Morgan, Kevin Morooney, Michael Gettes In Conscripta: Tom Barton, U Chicago

 Integrating institutional groups into a group management system increases capability but also both enhances and challenges authority and risk management  Financial & course groups  Enabling users to access federated services they value by releasing a few attributes about them.  Eg, NIH apps Ken showed us yesterday  Grids, VOs, services discounted for students CSG June Discussion Areas

CSG June 20113

4

5

Discussion questions – institutional groups 1.Do you lift institutional groups out of their native context and use them for new things? 2.Have you assessed whether these new uses pose new risks? 3.Who’s responsible for determining appropriate use and appropriate controls? How widely accessible are these groups? 4.Do you (intend to?) enable delegated use of institutional groups? CSG June 20116

How many HE Participants enable users to decide to access how many Sponsored Partners? CSG June 20117

The Problem  Federations like InCommon enable inter-organizational transactions to happen at scale (do the math!)  But most campuses send specified attributes about their users only to Service Providers with whom they have made a specific arrangement  What happens when a user wants to go somewhere else, if that place needs an attribute about them? Doesn’t work.  What should they, or Service Provider people, do to resolve the matter? They don’t know. CSG June 20118

Two approaches to cut this problem down  user consent (not discussed today)  pre-approved attribute release policies  What kinds of attributes seem to be needed?  name   affiliation (faculty, staff, student, …)  persistent and lucent identifier, eg, rather than 09ju4fncon43jc3fdfe3 CSG June 20119

Which of these policies work for you? Automatically release that “attribute bundle” for … CSG June OptionWhich Service ProvidersWhich Campus People 1All members of InCommonFaculty & staff 2All non-commercial members of InCommon Faculty & staff 3All members of InCommonFaculty, staff, students that haven’t exercised Buckley under FERPA 4All non-commercial members of InCommon Faculty, staff, students that haven’t exercised Buckley under FERPA 5discuss

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.