Joint Information Systems Committee 04/06/2015 | | Slide 1 Mark Williams Services Outreach, JISC federated access management London.

Slides:



Advertisements
Similar presentations
Athens and Shibboleth ® : the choices Phil Leahy Athens Product Manager.
Advertisements

ICT Services Suppliers Briefing Thursday, 17 September 2009.
Module N° 4 – ICAO SSP framework
Financing of OAS Activities Sources of cooperation Cooperation modalities Cooperation actors Specific Funds management models and resources mobilization.
Joint Information Systems Committee 01/04/2014 | | Slide 1 Connecting People to Resources The JISC Access Management Strategy Nicole Harris Programme Manager.
Joint Information Systems Committee 01/04/2014 | slide 1 Support e-Research at JISC Access Management and Security Joint Information Systems CommitteeSupporting.
RIPPLL Regional Interoperability Project on Progression for Lifelong Learning Dr Angela Smallwood, Project Director Sandra.
Options appraisal, the business case & procurement
A centre of expertise in digital information management Developing a Quality Culture For Digital Library Programmes Author & Presenter Brian Kelly UKOLN.
Enabling Secure Internet Access with ISA Server
COMBASE: strategic content management system Soft Format, 2006.
Using New Technologies and Approaches Pamela Bigart World Bank.
Joint Information Systems Committee 25/08/2014 | slide 1 JISC Core Middleware Programme Meeting Middleware in Development Joint Information Systems CommitteeSupporting.
A centre of expertise in digital information management A QA Framework To Support Your Library Web Site Review Brian Kelly UKOLN University of Bath Bath.
KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.
Near East Plant Protection Network for Regional Cooperation & Knowledge Sharing Food and Agriculture Organization of the United Nations An Overview on.
1 Professionalising Programme & Project Management Developing programme & project management capacities for UNDP and national counterparts External Briefing.
Joint Information Systems Committee Connecting People to Resources Federated Access Management within the UK Nicole Harris Senior Services Transition Manager,
How to Document A Business Management System
INITIATING THE PLANNING PROCESS. CONTENT Outputs from this stage Stage general description Obtaining government commitment Raising awareness Establishing.
Joint Information Systems Committee 19/05/2015 | | Slide 1 Connecting People to Resources The UK Access Management Federation Nicole Harris Programme Manager.
Joint Information Systems Committee 19/05/2015 | | Slide 1 Voyage of the UK JISC Federation: Shibbolising the UK’s Research, Higher and Further Education.
Dr. Julian Lo Consulting Director ITIL v3 Expert
Technical Review Group (TRG)Agenda 27/04/06 TRG Remit Membership Operation ICT Strategy ICT Roadmap.
Copyright JNT Association 20051Optional Copyright JNT Association Joining the UK Access Management Federation 4th April.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
Security Controls – What Works
Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (
Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.
1 Sharing Learning Objects in Health Care - 24 th March 2009www.jorum.ac.uk Repositories and communities: how Jorum can enhance sharing Nicola Siminson.
Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.
Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.
Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
RC14001 ® Update GPCA Responsible Care Committee September 23, 2013.
Executive Overview. PLEASE READ (hidden slide) To deliver this presentation effectively, you need to be familiar with Windows Server 2008 R2 management.
Understanding Active Directory
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs Content may be customized.
Developments in Access and Identity Management Phil Leahy – Athens Product Manager.
SWITCHaai Team Federated Identity Management.
Supporting further and higher education Current A&A Developments in the UK Alan Robiette, JISC Development Group.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
Hands-On Microsoft Windows Server 2008
Global Customer Partnership Council Forum | 2008 | November 18 1IBM - GCPC MeetingIBM - GCPC Meeting IBM Lotus® Sametime® Meeting Server Deployment and.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Better Deal for Business Presentation to LSC West Yorkshire Skills Team Pat Lister Better Deal for Business Officer at Yorkshire Forward.
Strategic partnerships Elaine Paterson Fund Development Committee Chair and Monjeya ElGhadamsy Committee Member.
Copyright JNT Association 2005Copyright JNT Association An Introduction to Access Management and the UK Federation Simon Cooper.
TNC 2008 JANET(UK) Shibboleth on Windows Trial TNC May 2008 Louis Searchwell Please note that the Shibboleth installer for Windows described in this presentation.
ETICS2 All Hands Meeting VEGA GmbH INFSOM-RI Uwe Mueller-Wilm Palermo, Oct ETICS Service Management Framework Business Objectives and “Best.
I2Q & WMnet Pilot Presented by Jason Rousell – i2Q Jay Neale - i2Q.
Welcome slide. From innovation to implementation to sector change: the view from HEFCE JISC Innovation Forum Keele University, 15 July 2008 Dr John Selby.
Toolkit for Mainstreaming HIV and AIDS in the Education Sector Guidelines for Development Cooperation Agencies.
General Principles for the Procurement of Goods and Services Asst. Prof. Muhammad Abu Sadah.
…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.
MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # ) Chapter Four Windows Server 2008 Remote Desktop Services,
Improving Integration of Learning and Management Systems Paul Shoesmith Director of Technical Strategy Becta.
Key themes covered Search engines Locating/ assessing suitable resources Information Skills – knowing where to look Free web-based RDN,NLN, Ferl JISC or.
Shibboleth: An Introduction
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
The UK Access Management Federation John Chapman Project Adviser – Becta.
JRA1.4 Models for implementing Attribute Providers and Token Translation Services Andrea Biancini.
KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.
Exam : Upgrading Your Skills to MCSA: Windows Server 2016
Securing the Network Perimeter with ISA 2004
Chapter 9 e-Commerce Systems McGraw-Hill/Irwin
Liberate Our fully managed solution for access management 07/12/2018
UK Federation 101 Ian A. Young EDINA, University of Edinburgh (and the UK Federation) Internet2 Fall Member Meeting, 7 Dec Shibboleth Development.
PLANNING A SECURE BASELINE INSTALLATION
Presentation transcript:

Joint Information Systems Committee 04/06/2015 | | Slide 1 Mark Williams Services Outreach, JISC federated access management London

Joint Information Systems Committee 04/06/2015 | slide 2

Joint Information Systems Committee 04/06/2015 | slide 3

Joint Information Systems Committee 04/06/2015 | slide 4

Joint Information Systems Committee 04/06/2015 | slide 5

Joint Information Systems Committee 04/06/2015 | slide 6 Update Shibboleth update

Joint Information Systems Committee 04/06/2015 | slide 7 Update Shibboleth update Focus on Federated Access Management –Shibboleth just one of / part of the technologies

Joint Information Systems Committee 04/06/2015 | slide 8 Introduction What is access management? The Situation The Choices The Business case The Support Discussion

Joint Information Systems Committee 04/06/2015 | slide 9 Explaining federated access management Video highlights: –Issues –Advantages –Situation Video Audience: –SMT –Curriculum –LRC Tool for YOU to use

Joint Information Systems Committee 04/06/2015 | slide 10 The Situation: JISC Announcement March 2006 July 2008 Athens post July 2008 JISC funded resources / Federation JISC and BECTA Transition Gateways

Joint Information Systems Committee 04/06/2015 | slide 11 What is Federated Access Management? Current Athens service is a centralised service: –Institution provides information about users to Athens (identity information). –Athens brokers both authentication and authorisation on the part of the institution with service providers. Federated Access Management devolves authentication back to the institution: –Authentication achieved through normal institutional log-on. –Service Providers trust institutions to appropriately authenticate. –Service Providers and institutions exchange information about users to determine what they can access (attributes: staff, student, law). –Same system can be used for internal, external and collaborative access (e- learning partnerships with other institutions, e-portfolios).

Joint Information Systems Committee 04/06/2015 | slide 12 The Push JISC Collections access IDENTITY ISSUES 3rd Party pricing pricing structure Focus on legitimate use – Emphasis on correct use- non sharing of passwords etc Expiry policy Policy for populating user directory

Joint Information Systems Committee 04/06/2015 | slide 13 Institutional Options BECOME A FULL MEMBER OF THE FEDERATION USING COMMUNITY SUPPORTED TOOLS –COSTS: Institutional effort to implement software, join federation and enhance institutional directories –BENEFITS: Full institutional control, skilled staff and access management solution for internal, external and collaborative resources BECOME A FULL MEMBER OF THE FEDERATION USING TOOLS WITH PAID-FOR SUPPORT –COSTS: Cost of support from supplier and institutional effort in liaison with supplier and Federation –BENEFITS: Full support in implementation and access management solution for internal, external and collaborative resources SUBSCRIBE TO AN ‘OUTSOURCED IDENTITY PROVIDER’ TO WORK THROUGH THE FEDERATION ON YOUR BEHALF (SUCH AS USE OF CLASSIC ATHENS WITH THE GATEWAYS) –COSTS: Subscription costs to external supplier (from July 2008) and internal administration role –BENEFITS: Minimum institutional effort to achieve access to external resources only

Joint Information Systems Committee 04/06/2015 | slide 14 Institutional Options BECOME A FULL MEMBER OF THE FEDERATION USING COMMUNITY SUPPORTED TOOLS –COSTS: Institutional effort to implement software, join federation and enhance institutional directories –BENEFITS: Full institutional control, skilled staff and access management solution for internal, external and collaborative resources BECOME A FULL MEMBER OF THE FEDERATION USING TOOLS WITH PAID-FOR SUPPORT –COSTS: Cost of support from supplier and institutional effort in liaison with supplier and Federation –BENEFITS: Full support in implementation and access management solution for internal, external and collaborative resources SUBSCRIBE TO AN ‘OUTSOURCED IDENTITY PROVIDER’ TO WORK THROUGH THE FEDERATION ON YOUR BEHALF (SUCH AS USE OF CLASSIC ATHENS WITH THE GATEWAYS) –COSTS: Subscription costs to external supplier (from July 2008) and internal administration role –BENEFITS: Minimum institutional effort to achieve access to external resources only

Joint Information Systems Committee 04/06/2015 | slide 15 Institutional Options BECOME A FULL MEMBER OF THE FEDERATION USING COMMUNITY SUPPORTED TOOLS –COSTS: Institutional effort to implement software, join federation and enhance institutional directories –BENEFITS: Full institutional control, skilled staff and access management solution for internal, external and collaborative resources BECOME A FULL MEMBER OF THE FEDERATION USING TOOLS WITH PAID-FOR SUPPORT –COSTS: Cost of support from supplier and institutional effort in liaison with supplier and Federation –BENEFITS: Full support in implementation and access management solution for internal, external and collaborative resources SUBSCRIBE TO AN ‘OUTSOURCED IDENTITY PROVIDER’ TO WORK THROUGH THE FEDERATION ON YOUR BEHALF (SUCH AS USE OF CLASSIC ATHENS WITH THE GATEWAYS) –COSTS: Subscription costs to external supplier (from July 2008) and internal administration role –BENEFITS: Minimum institutional effort to achieve access to external resources only

Joint Information Systems Committee 04/06/2015 | slide 16 Institutional Options BECOME A FULL MEMBER OF THE FEDERATION USING COMMUNITY SUPPORTED TOOLS –COSTS: Institutional effort to implement software, join federation and enhance institutional directories –BENEFITS: Full institutional control, skilled staff and access management solution for internal, external and collaborative resources BECOME A FULL MEMBER OF THE FEDERATION USING TOOLS WITH PAID-FOR SUPPORT –COSTS: Cost of support from supplier and institutional effort in liaison with supplier and Federation –BENEFITS: Full support in implementation and access management solution for internal, external and collaborative resources SUBSCRIBE TO AN ‘OUTSOURCED IDENTITY PROVIDER’ TO WORK THROUGH THE FEDERATION ON YOUR BEHALF (SUCH AS USE OF CLASSIC ATHENS WITH THE GATEWAYS) –COSTS: Subscription costs to external supplier (from July 2008) and internal administration role –BENEFITS: Minimum institutional effort to achieve access to external resources only GATEWAY ISSUE

Joint Information Systems Committee 04/06/2015 | slide 17 Institutional Options BECOME A FULL MEMBER OF THE FEDERATION USING COMMUNITY SUPPORTED TOOLS –COSTS: Institutional effort to implement software, join federation and enhance institutional directories –BENEFITS: Full institutional control, skilled staff and access management solution for internal, external and collaborative resources BECOME A FULL MEMBER OF THE FEDERATION USING TOOLS WITH PAID-FOR SUPPORT –COSTS: Cost of support from supplier and institutional effort in liaison with supplier and Federation –BENEFITS: Full support in implementation and access management solution for internal, external and collaborative resources SUBSCRIBE TO AN ‘OUTSOURCED IDENTITY PROVIDER’ TO WORK THROUGH THE FEDERATION ON YOUR BEHALF (SUCH AS USE OF CLASSIC ATHENS WITH THE GATEWAYS) –COSTS: Subscription costs to external supplier (from July 2008) and internal administration role –BENEFITS: Minimum institutional effort to achieve access to external resources only The cessation of funding for the Federation Gateway Services means that JISC can no longer guarantee the compliance of Athens products within the UK Access Management Federation.

Joint Information Systems Committee 04/06/2015 | slide 18 Institutional Options BECOME A FULL MEMBER OF THE FEDERATION USING COMMUNITY SUPPORTED TOOLS –COSTS: Institutional effort to implement software, join federation and enhance institutional directories –BENEFITS: Full institutional control, skilled staff and access management solution for internal, external and collaborative resources BECOME A FULL MEMBER OF THE FEDERATION USING TOOLS WITH PAID-FOR SUPPORT –COSTS: Cost of support from supplier and institutional effort in liaison with supplier and Federation –BENEFITS: Full support in implementation and access management solution for internal, external and collaborative resources SUBSCRIBE TO AN ‘OUTSOURCED IDENTITY PROVIDER’ TO WORK THROUGH THE FEDERATION ON YOUR BEHALF (SUCH AS USE OF CLASSIC ATHENS WITH THE GATEWAYS) –COSTS: Subscription costs to external supplier (from July 2008) and internal administration role –BENEFITS: Minimum institutional effort to achieve access to external resources only JISC is exploring a new solution for off-campus access to IP protected resources in the form of a national proxy that accepts shibboleth credentials for authentication.

Joint Information Systems Committee 04/06/2015 | slide 19 Implementation Third parties –Guide

Joint Information Systems Committee 04/06/2015 | slide 20 Third party guide

Joint Information Systems Committee 04/06/2015 | slide 21 Implementation Training –Netskills –JANET

Joint Information Systems Committee 04/06/2015 | slide 22 Implementation Support materials –Nottingham Trent –JANET MS installer –JIAMPS studies

Joint Information Systems Committee 04/06/2015 | slide 23 Implementation

Joint Information Systems Committee 04/06/2015 | slide 24 Federation official documentation Support: UK Federation Website

Joint Information Systems Committee 04/06/2015 | slide 25 Strategic Plan –College Vision statements 24/7 Collaboration Remote learning Lifelong learning Work based learning Regional partnership Content sharing Thirdstream

Joint Information Systems Committee 04/06/2015 | slide 26 The Strategic Case: Questions to Ask Are there institutional drivers for: The implementation of an enterprise directory / identity management solution? –Need to manage ‘non-standard’ users more efficiently, need to manage all users more efficiently! Single (simplified) sign-on / devolved authentication? –System for both internal and external resources. Collaborative access to resources within other institutions? –HE / FE collaboration; franchises in other countries. Research collaboration? Private sector collaboration? –‘Virtual Organisation’ support; third-stream funding opportunities.

Joint Information Systems Committee 04/06/2015 | slide 27 Institutional Audit Strategic fit: Aims of the College –Mission statement, Capability, Staff up-skilling, Collaboration, Costs Options appraisal: which choice meets business need –How many resources do you access? –What do you want to do? Affordability Capability What will your choice solve?

Joint Information Systems Committee 04/06/2015 | slide 28 Elements of the toolkit Strategic fit: identifying strategic issues and drivers for access management Options appraisal: considering the range of access management options available and conducting an options appraisal to identify which option best meets the business need Affordability: assessing the affordability of the option identified by considering available funding, existing commitments and estimating whole-life project and operating costs. Where the identified option requires an external procurement, the commercial arrangement should be assessed to ensure value for money can be obtained. Achievability: assessing the achievability of the option identified, within current capability and capacity and the intended business change.

Joint Information Systems Committee 04/06/2015 | slide 29 Affordability: commercial Can value for money be obtained from the proposed partner or supplier? Is the through-life cost understood? Are likely support costs clear? Are there “hidden costs” like supplier lock-in or restrictive terms and conditions? Is current and future pricing agreed? If not, can the project be made attractive to a wider market? Is there sufficient competition to get a good deal? What controls on release and use of identity information are there? Are they consistent with institutional strategy? Are the skills in place to deal with the commercial aspects? Is it an existing, trusted supplier?

Joint Information Systems Committee 04/06/2015 | slide 30 Skills Skill areaMinimum requirements Operating SystemSecurity policy management for controlling port use Where to install applications, configuration files. Syslogd operation, writing startup services, obtaining and inspecting packet dumps, writing scripts to monitor and control multiple log files in many windows and using filtering, sorting and pattern matching to reformat output. Webserver (Apache, IIS) Knowledge of the configuration files for the webserver and being able to correctly specify values for all directives. Virtual host configuration with SSL. Adding modules, building modules Configuring a content management system to host documentation about procedures and configuration file changes. SSLPKI Use of the openssl command and every option Trust stores and certificate stores Obtaining certificates, installing them, converting to/from different encoded methods. Building certificate chains. HTTP and HTMLWriting simple web pages Meaning of every HTTP code CSS authoring TomcatConfiguration files: server.xml, workers2.properties, tomcat-users.xml Application WAR deployment Use of conf, webapps, WEB-INF and classes directories. Mod_jk use and Tomcat modification to use it “ant command” and editing build.properties and build.xml files. Build WAR and dist files. JavaLog4j and log4cpp configuration options Analyzing stack traces and locating configuration errors. XMLFormat and content of XML files Namespace (xmlns) definition and use XML Schema definitions SAMLProfiles, bindings and extensions CVSSetting up a CVS Repository. Populating (importing) new data Check out/in.

Joint Information Systems Committee 04/06/2015 | slide 31 Federation official documentation Support: UK Federation Website

Joint Information Systems Committee 04/06/2015 | slide 32 JISC Website –Case studies –Business case (May) –Awareness events –Netskills training –Institutional audit support –Mailing list Support: JISC Website

Joint Information Systems Committee 04/06/2015 | slide 33 Casestudies

Joint Information Systems Committee 04/06/2015 | slide 34 Casestudies

Joint Information Systems Committee 04/06/2015 | slide 35 Casestudies

Joint Information Systems Committee 04/06/2015 | slide 36 First port of call Jisc-shibboleth- Jisc-shibboleth- International mailing lists JISC blog RSC’s JISC infornet

Joint Information Systems Committee 04/06/2015 | slide 37 FEDERATION – does need to be addressed sooner or later Don’t let this happen to your institution

Joint Information Systems Committee 04/06/2015 | | Slide 38 Mark Williams Services Outreach, JISC Images courtesy of EIG and CC federated access management JISC RSC SE

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.