Exploring InCommon Getting Started with InCommon: Creating Your Roadmap.

Slides:



Advertisements
Similar presentations
Eduserv Athens Federations David Orrell Eduserv Athens Technical Architect.
Advertisements

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
EduPerson and Federated K-12 Activities InCommon/Quilts Pilot Group February 27, 2014 Keith Hazelton UW-Madison, InCommon/I2.
Sponsored by the National Science Foundation Campus Policies for the GENI Clearinghouse and Portal Sarah Edwards, GPO March 20, 2013.
1 Collaborators at the Gates of Troy: Extending eServices at USC.
Federated Identity, Shibboleth, and InCommon Tom Barton University of Chicago © 2009 The University of Chicago.
Emory University Case Study I2 Day Camp November 5, 2010 John Ellis & Elliot Kendall.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
UC Irvine’s Pre-Shib Attribute Setup PH / QI Directory Provides Authoritative Attribute Store –Had both Faculty / Staff and Student Information UCI’s Campus.
UCLA’s Shibboleth Plan Shibboleth is an integral part of UCLA’s Enterprise Directory & Identity Management Infrastructure (EDIMI) Project Integrate with.
Information Resources and Communications University of California, Office of the President Current Identity Management Initiatives at UC & Beyond: UCTrust.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
Directory Architecture Plans and Status UNITS Meeting Feb 2005 Tom Board, Director, ISA.
Alumni Authentication… Explained Robert Scaysbrook – OpenAthens UK Account Manager.
Administrative Information Systems Shibboleth: The Next Generation ISIS Technical Information Session for Developers Datta Mahabalagiri March
Shibboleth Case Studies: Shibboleth as the Campus Web SSO Albert Wu, UCLA Datta Mahabalagiri, UCLA.
Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.
Shibboleth: New Functionality in Version 1 Steve Carmody July 9, 2003 Steve Carmody July 9, 2003.
Shibboleth-intro-dec051 Shibboleth A Technical Overview Tom Scavo NCSA.
The InCommon Federation The U.S. Access and Identity Management Federation
1 The Partnership Challenge Higher education’s missions are realized in increasingly global, collaborative, online relationships –Higher educations’ digital.
Single Sign-On Multiple Benefits via Alaska K20 Identity Federation 20 May 2011 BTOP Partner Meeting Anchorage, Alaska 20 May 2011 BTOP Partner Meeting.
Integrating with UCSF’s Shibboleth system
I2Q & WMnet Pilot Presented by Jason Rousell – i2Q Jay Neale - i2Q.
AAI-enabled VO Platform “VO without Tears” Christoph Witzig EGI TF, Amsterdam, Sept 15, 2010.
Federated or Not: Secure Identity Management Janemarie Duh Identity Management Systems Architect Chair, Security Working Group ITS, Lafayette College.
Belnet Federation Belnet – Loriau Nicolas Brussels – 12 th of June 2014.
USERS Implementers Target Communities NMI Integration Testbed The NMI Integration Testbed NMI Participation Developed and managed by SURA Evaluate NMI.
The I-Trust Federation: Federating the University of Illinois Keith Wessel Identity Management Service Manager University of Illinois at Urbana-Champaign.
Presented by: Presented by: Tim Cameron CommIT Project Manager, Internet 2 CommIT Project Update.
SAML 2.0: Federation Models, Use-Cases and Standards Roadmap
User Provisioning Project Presented to ITLC September 28, 2010 David Walker, ITAG Co-Chair Information and Educational Technology, UC Davis Mary Doyle,
Federations 101 John Krienke Internet2 Fall 2006 Internet2 Member Meeting.
Technical Topics for Deployed Campuses: Web SSO Will Norris University of Southern California.
Shibboleth at the U of M Christopher A. Bongaarts net-people March 10, 2011.
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.
Identity Management Practical Issues Associated with Sharing Federated Services William A. Weems The University of Texas Health Science Center at Houston.
State of e-Authentication in Higher Education August 20, 2004.
Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.
Projecting Infrastructure to the CLOUD CSG discussion Fall Princeton University.
Shibboleth A Technical Overview
E-Authentication October Objectives Provide a flexible, easy to implement authentication system that meets the needs of AES and its clients. Ensure.
Identity Management, Federating Identities, and Federations November 21, 2006 Kevin Morooney Jeff Kuhns Renee Shuey.
Administrative Information Systems Shibboleth Install Session Technical Information Session for Developers Datta Mahabalagiri.
Bringing it All Together: Charting Your Roadmap CAMP: Charting Your Authentication Roadmap February 8, 2007 Paul Caskey Copyright Paul Caskey This.
NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.
The Policy Side of Federations Kenneth J. Klingenstein and David L. Wasley Tuesday, June 29, CAMP Shibboleth Implementation Workshop.
Introduction to Shibboleth Attribute Delivery for Campuses New to Shibboleth Paul Caskey The University of Texas System.
Leveraging Campus Authentication to Access the TeraGrid Scott Lathrop, Argonne National Lab Tom Barton, U Chicago.
1 Name of Meeting Location Date - Change in Slide Master Authentication & Authorization Technologies for LSST Data Access Jim Basney
Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.
University of Southern California Identity and Access Management (IAM)
David Millman—Columbia January 2005
Using Your Own Authentication System with ArcGIS Online
Federation Systems, ADFS, & Shibboleth 2.0
HMA Identity Management Status
John O’Keefe Director of Academic Technology & Network Services
InCommon Steward Program: Community Review
Identity Federations - Installation and operation
ESA Single Sign On (SSO) and Federated Identity Management
The French federation Eurocamp 2007 Helsinki
University of Southern California Identity and Access Management (IAM)
PASSHE InCommon & Federated Identity Workshop
Overview and Development Plans
Health Ingenuity Exchange - HingX
Certificate Service Survey Summary
Shibboleth Deployment Overview
Appropriate Access InCommon Identity Assurance Profiles
User Provisioning Project
Presentation transcript:

Exploring InCommon Getting Started with InCommon: Creating Your Roadmap

University of Oregon Identity Management Roadmap –Deployed phase 1 of our Identity Management system in August 2007 –Deployed Shibboleth for intra-campus authentication/SSO and attribute delivery fall 2008 –Joined InCommon February 2010 –Continuing to expand and refine IdM system and starting to offer federated services

Identity Providers: IdM Prep - Policy *Review Participant Operating Practices (POP) to familiarize yourself with policies and practices your organization will need in joining a federation Ensure basic identity management policies are in place, including data stewardship and acceptable use policies *Define policies related to single sign-on (SSO) and authentication

* Define and publish account creation and termination policies Define policies on log retention for identity management and provisioning Join InCommon –* Submit InCommon Participant Agreement –*Once approved, designate your Executive and Administrator(s) –Post your Participant Operational Practices (POP) –Submit metadata for your Identity Provider and/or Service provider

Identity Provider: IdM Preparation – Business Practice Steps *Provision/de-provision accounts for your users (faculty, staff, and students) based on published policies Create problem resolution process for when users forget or lose passwords Create Help Desk support procedures for authentication problems and password changes *Create a process to address reports of abuse

Identity Provider: IdM Prep, Technical Step *Install/operate/manage the identity provider package of a SAML federating software system such as Shibboleth

IdP IdM Attribute Provisioning - Policy * Identify who governs the decision to release attributes Develop policy governing use of your attributes by service providers such as attribute retention, sharing, etc. Consider setting up tiers or groups of attribute release policies for different categories of service providers

IdP IdM Attribute Provisioning – Business Practice * Identify who is responsible for editing/implementing the attribute release policies Define process a service provider would use to request attributes and the process used to respond to the request Define process to follow when a service provider requests an attribute that is not currently available as defined by the policy above

* Define problem escalation procedure if identity information is released in conflict with organization policies

IdP IdM Attribute Provisioning – Technical Steps * Extend directory and/or person registry schemas if needed to support eduPerson Configure the identity provider attribute resolver for the appropriate sources

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.