Your Key to Privacy, Security, and Access to Services Andrew Baldwin, MS, IT Sr. Manager, Johns Hopkins University Etan Weintraub, Sr. Software Engineer, January 12, 2011 2011 Mid-Atlantic Conference
Agenda Problem Web SSO @ Hopkins Timeline Benefits Challenges Keys to Success 2011 Mid-Atlantic Conference
Problem Multiple systems creating and storing user credentials Confusion for customers (What ID/Password needed?) External application access compounds issue Hundreds of internal applications 2011 Mid-Atlantic Conference
WebSSO @ Hopkins SiteMinder – Default internal Web SSO BlueJay - Internal Federation InCommon – External Federation 2011 Mid-Atlantic Conference
CA SiteMinder Hundreds of applications Primarily for internal applications Provides Web Single Sign On Centralized Credential Collection 2011 Mid-Atlantic Conference
Blue Jay Internal Federation Internally Hosted Sympa email distribution list application EZProxy InfoSuite – Welch Medical Library Portal Multiple internally developed applications 2011 Mid-Atlantic Conference
Blue Jay Internal Federation Externally Hosted Benefits enrollment (Mercer – SAML consumer) Online pay statements (ADP – SAML consumer) Sakai Learnshare 2011 Mid-Atlantic Conference
InCommon Applications Project Muse Internet 2 request to participate in InCommon Met with Project Muse team InCommon setup CRMS Medical Research application Local Hospitals NIH 2011 Mid-Atlantic Conference
Timeline 2000 - 2005 – Centralized Directory 2005 – CA SiteMinder 2006 - Camp Shibboleth 2006 - Blue Jay Internal Federation 2007 - InCommon Participant 2008 - Project Muse 2010 - CRMS 2011 Mid-Atlantic Conference
Benefits Reduce Sign On Control attribute release InCommon recommended attribute release InCommon setup – do it once Credentials centrally collected 2011 Mid-Atlantic Conference
Challenges Identity provider setup to centralized directory Technical Understanding Costs Legal Customers understanding WAYF/Discovery Service 2011 Mid-Atlantic Conference
JHU Logon Page 2011 Mid-Atlantic Conference
Discovery Service 2011 Mid-Atlantic Conference
Keys to Success Management support Application owner support Customer acceptance Technical team Community support 2011 Mid-Atlantic Conference
What is needed? Centralized Directory Shibboleth Software Participate InCommon Federation Servers Identity Provider Train technical staff 2011 Mid-Atlantic Conference
Questions? 2011 Mid-Atlantic Conference
Contact Information Andy Baldwin Andrew.Baldwin@jhu.edu (410) 735-4268 Etan Weintraub eweintra@jhmi.edu (410) 735-7945 2011 Mid-Atlantic Conference
Useful Sites http://Shibboleth.internet2.edu http://www.incommonfederation.org 2011 Mid-Atlantic Conference