Kalmar Union 15.1.2008 Mikael Linden CSC, the Finnish IT Center for Science.

Slides:



Advertisements
Similar presentations
Federation management A mess? Nordunet Conference Mikael Linden CSC, the Finnish IT Center for Science.
Advertisements

The Art of Federations. Topics Federations of what… Federated identity versus federations Federations in other sectors – business, gov, ad hoc R&E Federations.
Eduserv Athens Federations David Orrell Eduserv Athens Technical Architect.
Access management for repositories: challenges and approaches for MAMS James Dalziel Professor of Learning Technology and Director, Macquarie E-Learning.
Resource Entitlement Management System Manne Miettinen Mikael Linden Janne Lauros CSC – IT Center for Science.
EduGAIN – Are we there yet? Lukas Hämmerle (ghost writer, Brook Schofield) FIM4R, Helsinki – 2 October 2013.
5/25/2015 AEB/Yleisesittely Roaming network access using Shibboleth in University of Helsinki Fall 2004 Internet2 Member Meeting 29th of September, 2004.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (
Innovation through participation eduGAIN federation operator training eduGAIN policy eduGAIN training in Vienna Oct 2011
Agenda Project beginnings and funding. Purpose of the federation. Federation members. Federation protocols. Special features in our federation. Pilot.
Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.
© 2010, University of KentPrimeLife Vienna, 10 Sept CardSpace in the Cloud David Chadwick, George Inman University of Kent.
Refeds federation survey update Theme of the day: Campus Identity Management TF-EMC2 Umeå 9th Jul 2008 CSC, the Finnish IT Center.
Use case: Federated Identity for Education (Feide) Identity collaboration and federation in Norwegian education Internet2 International Workshop, Chicago,
Middleware challenges to service providers, the Nordic view TERENA, Ingrid Melve, UNINETT.
CASE: Haka federation EuroCAMP, 3-5 April, 2006 CSC, the Finnish IT Center for Science
1 Addressing security challenges on a global scaleGeneva, 6-7 December 2010.
Innovation through participation Interfederation through eduGAIN - steps and challenges eduGAIN interfederation service Federated Identity Systems.
Exploring InCommon Getting Started with InCommon: Creating Your Roadmap.
SAML Right Here, Right Now Hal Lockhart September 25, 2012.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
Helsinki Institute of Physics (HIP) Liberty Alliance Overview of the Liberty Alliance Architecture Helsinki Institute of Physics (HIP), May 9 th.
Update Finland TF-EMC Mikael Linden CSC, the Finnish IT Center for Science.
HAKA project HAKA User administration inside Finnish Higher Education Institutes results from the KATO project Barbro Sjöblom EDS 2003 Uppsala.
Shibboleth in Finnish Higher Education Organisations E-ICOLC 2005 Poznan, Poland.
High-quality Internet for higher education and research AAI from the NREN perspective Schiphol, October 17, 2005
GridShib: Grid/Shibboleth Interoperability September 14, 2006 Washington, DC Tom Barton, Tim Freeman, Kate Keahey, Raj Kettimuthu, Tom Scavo, Frank Siebenlist,
Serving society Stimulating innovation Supporting legislation Danny Vandenbroucke & Ann Crabbé KU Leuven (SADL) AAA-architecture for.
Kalmar Union, a Conferedation of Nordic Identity Federations TNC2009 Mikael Linden, CSC Andreas Solberg, UNINETT.
Introduction Moonshot workshop
ShibGrid: Shibboleth access to the UK National Grid Service University of Oxford and STFC.
Towards Interconnecting the Nordic Identity Federations TNC2007 Walter M Tveter, UiO Mikael Linden, CSC/HAKA Ingrid Melve, Uninett/Feide.
10/25/2015 AEB/Yleisesittely Organising Federated Identity in Finnish Higher Education TNC2005 Mikael Linden June 8th, 2005.
Campus Identity Management Requirements (=IAP) REFEDs meeting Mikael Linden,
Schac attributes and common vocabularies TF-EMC Mikael Linden CSC, the Finnish IT Center for Science.
Kalmar Union lessons: Findings in federation harmonisation REFEDS Mikael Linden, CSC.
Comité Réseau des Universités News from CRU activities: Identity federation, eduroam, PKI, SCS, Sympa, security policies cru.fr 7th.
Federations round table Haka federation of Finland EuroCAMP Mikael Linden CSC, the Finnish IT Center for Science.
Innovation through participation eduGAIN interfederation service for research and education Cern FedID workshop in RAL, UK 2-3 Nov 2011 Mikael Linden,
Innovation through participation eduGAIN policy: A worm report TF-EMC2 Vienna Mikael Linden, CSC The worm farmer.
Federations, the Data Protection Directive and WP29 TF-EMC2 Mikael Linden, CSC, the Finnish IT Center for Science.
Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos GRNET Proposed Pilots for Libraries and eGov.
Refeds update TF-EMC2 Utrecht 3-Dec 2008 Mikael Linden CSC – the Finnish IT Center for Science.
The UK Access Management Federation John Chapman Project Adviser – Becta.
Shibboleth Trust Model Shibboleth/SAML Communities (aka Federated Administrations) Club Shib Club Shib Application process Policy decision points at the.
Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.
Clain update TF-EMC Mikael Linden, CSC.
Implementing Kuali Identity Management at your Institution Jasig Spring 2010 Wednesday, March 10, am.
Community PKIs Initiatives Updates TF-EMC2 Meeting Loughborough, UK 6-7 May, 2009 Licia Florio, TERENA
June 9, 2009 SURFfederatie: implementing a multi- protocol federation Hans Zandbelt & Joost van Dijk, SURFnet.
Innovation through participation EduGAIN policy (working draft) Status update REFEDs 30th May 2010
Growth. Interfederation PKI is globally scalable Unfortunately, its not locally deployable… Federation is locally deployable Can it.
CSC – Tieteen tietotekniikan keskus Oy CSC – IT Center for Science Ltd. SAML2 draft profile in Haka Vienna Mikael Linden.
AAI needs of the Distributed Computing Infrastructures - CLARIN Dieter Van Uytvanck Max Planck Institute for Psycholinguistics
Leveraging Campus Authentication to Access the TeraGrid Scott Lathrop, Argonne National Lab Tom Barton, U Chicago.
6/12/2016 AEB/Yleisesittely WLAN roaming experiences using Shibboleth TNC 2004, Rhodes 7th of June, 2004 Mikael Linden, Viljo Viitanen,
Workshop on Security for Web Services. Amsterdam, April 2010 Applying SAML to Identity Data Exchange.
Authentication and Authorisation for Research and Collaboration Taipei - Taiwan Mechanisms of Interfederation 13th March 2016 Alessandra.
Innovation through participation Data Protection Code of Conduct (DP CoC) TNC2013 conference, 4 June 2013 Mikael Linden, CSC – IT Center for Science
Access Policy - Federation March 23, 2016
David Millman—Columbia January 2005
Federation Systems, ADFS, & Shibboleth 2.0
Use case: Federated Identity for Education (Feide)
Scalability of trust and metadata exchange across federations
Some data about the CBIC Federation
CSC, the Finnish IT Center for Science
Amund Krane, Uninett FAS , PKI-coord meeting in Amsterdam
GNOMIS – the northern light TF-AACE, Ingrid Melve, UNINETT
GEANT Data protection Code of Conduct 2.0 REFEDS meeting 16 June 2019
Presentation transcript:

Kalmar Union Mikael Linden CSC, the Finnish IT Center for Science

Four national identity federations Haka (Finland): Operational (Shibboleth) FEIDE (Norway): Operational (Moria, SAML2.0) DK-AAI (Denmark): Piloting (A-Select) SWAMID (Sweden):Piloting (Shibboleth)

Kalmar Union in digital identity?  Do we need 4 national federations? Could we have just one Nordic (con)federation? A federation of federations  Is >4?  Are there services that would benefit from easy authentication and authorisation between the Nordic countries?

Kalmar union demonstrated in Nordunet Conference September 2006  ”Scientist’s Interface” (Service Provider) CSC’s supercomputers available for federated access in Finland since 3/2006 Shibboleth 1.DEMO1: Federated log-in to Scientist’s Interface from the Norwegian FEIDE federation FEIDE login server (Sun Access Manager) adjusted to talk Shibboleth 2.DEMO2: Federated log-in to Scientist’s Interface from the Danish DK-AAI pilot federation Shibboleth

Kalmar union technical sketch 1/2  No protocol gateways, make IdP&SP talk directly to each other  Just aggregate the metadata from the four federations technically speaking, IdPs and SPs would see just one federation FEIDE Identity&Service Providers … Haka Identity&Service Providers … Kalmar union metadata … …

Kalmar union technical sketch 2/2  Schema for attribute syntax and semantics All the Nordic federations based on eduPerson schema Schac covers some of the rest (e.g. SSN)  PKI for server certificates Haka: certs provided by TeliaSonera UNI·C: certs provided by GlobalSign SWAMID: certs by SwUPKI FEIDE: certs by VeriSign and Globalsign  perhaps we could accept each other’s CAs  the WAYF/IdP discovery each federation would have a national WAYF, with the flags of other countries linked to the corresponding WAYF

Tough part: the federation policy  There should not be extensive gaps in our federations’ policies requirements for joining IdP’s & SPs obligations of the federation operator Mechanisms and practices for data protection liability and indemnification…  First studies done by Walter Tweter of U Oslo Kalmar union would be established by signing a multilateral agreement Published by Emerald

How to go on  Nordforsk has decided to provide funding for 2008  prepare and sign a confederation agreement for the four federations  make necessary technical modifications  identify applications making use of Kalmar

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.