The Art of Federations. Topics Federations of what… Federated identity versus federations Federations in other sectors – business, gov, ad hoc R&E Federations.

Slides:



Advertisements
Similar presentations
Lousy Introduction into SWITCHaai
Advertisements

The Basics of Federated Identity. Overview of Federated Identity and Grids Workshop Session 1 - for all Basics and GridShib Session 2 – more for developers.
1 Leveraging Your Existing Campus Systems to Access Resource Partners: Federated Identity Management and Tales of Campus Participation EDUCAUSE 2006 October.
Ken Klingenstein Director, Internet2 Middleware and Security Current stuff.
TF-EMC2 – Internet2 update Dr. Ken Klingenstein, Senior Director, Middleware and Security, Internet2 Technologist, University of Colorado at Boulder.
Trends in Identity Management Nate Klingenstein Internet2 EDUCAUSE Security Professional 2007.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
Kalmar Union Mikael Linden CSC, the Finnish IT Center for Science.
Internet Scale Identity, Collaboration and Higher Education.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.
Innovation through participation eduGAIN federation operator training eduGAIN policy eduGAIN training in Vienna Oct 2011
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
Presenter’s Name InCommon Approximately 80 members and growing steadily More than two million “users” Most of the major research institutions (MIT joining.
EAuthentication in Higher Education Tim Bornholtz Session 58.
New CyberInfrastructure for Collaboration between Higher Ed and NIH.
Updates on Shib, a bit of InCommon and International Federations.
1 Leveraging Your Existing Campus Systems to Access Resource Partners: Federated Identity Management and Tales of Campus Participation Clair Goldsmith,
Federations and Security: A Multi-level Marketing Scheme Ken Klingenstein Director, Internet2 Middleware and Security.
SWITCHaai Team Federated Identity Management.
Stitching It All Together. Discussion Topics Peering and confederation Privacy principles Working with other sectors Virtual Organizations (VO's) Moving.
Use case: Federated Identity for Education (Feide) Identity collaboration and federation in Norwegian education Internet2 International Workshop, Chicago,
To identity federation and beyond! Josh Howlett JANET(UK) HEAnet 2008.
The InCommon Federation The U.S. Access and Identity Management Federation
Interfederation RL “Bob” Morgan University of Washington and Internet2 Digital ID World 2005 San Francisco.
EuroPKI 2008 Manuel Sánchez Óscar Cánovas Gabriel López Antonio F. Gómez Skarmeta University of Murcia Levels of Assurance and Reauthentication in Federated.
1 The Partnership Challenge Higher education’s missions are realized in increasingly global, collaborative, online relationships –Higher educations’ digital.
The Rise of Federations…Almost Everywhere. Topics Federation Basics Drivers Components International and pulic sector developments InCommon and its uses.
Federations: success brings new challenges Ken Klingenstein Director, Internet2 Middleware and Security.
Exploring InCommon Getting Started with InCommon: Creating Your Roadmap.
InCommon, other federations, the attribute ecosystem, and some killer apps needing guns…
1 EAP and EAI Alignment: FiXs Pilot Project December 14, 2005 David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
Federated Identity: What It Brings to Open Government Dr Ken Klingenstein Director, Internet2 Middleware and Security.
VO and Internet2 Middleware. Presenter’s Name Topics Motivations for Internet2 Middleware work Federated identity and InCommon Other IdM Groups, privileges,
Belnet Federation Belnet – Loriau Nicolas Brussels – 12 th of June 2014.
Identity Federations: Here and Now Renée Shuey Penn State and InCommon.
Stuff, including interfederation stuff Dr Ken Klingenstein, Director, Middleware and Security, Internet2.
GridShib: Grid/Shibboleth Interoperability September 14, 2006 Washington, DC Tom Barton, Tim Freeman, Kate Keahey, Raj Kettimuthu, Tom Scavo, Frank Siebenlist,
NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.
Kalmar Union, a Conferedation of Nordic Identity Federations TNC2009 Mikael Linden, CSC Andreas Solberg, UNINETT.
Towards Interconnecting the Nordic Identity Federations TNC2007 Walter M Tveter, UiO Mikael Linden, CSC/HAKA Ingrid Melve, Uninett/Feide.
Identity Assurance: When it Matters David L. Wasley Internet2 / InCommon.
Federations 101 John Krienke Internet2 Fall 2006 Internet2 Member Meeting.
Kalmar Union lessons: Findings in federation harmonisation REFEDS Mikael Linden, CSC.
Shibboleth: Status and Pilots. The Golden Age of Plywood.
The InCommon Federation The U.S. Access and Identity Management Federation
Shibboleth Update Eleventh Federal & Higher Education PKI Coordination Meeting (Fed/Ed Thursday, June 16, 2005.
EResearchers Requirements the IGTF model of interoperable global trust and with a view towards FIM4R AAI Workshop Presenter: David Groep, Nikhef.
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.
The UK Access Management Federation John Chapman Project Adviser – Becta.
Level of Assurance. LOA LOA classic - The strength of the authentication assertion Depends on identity proofing, delivery of credential, repeated act.
Diego R. Lopez, RedIRIS JRES2005, Marseille On eduGAIN and the Coming GÉANT Middleware Infrastructure.
AAI in Europe ++ Ken Klingenstein Director, Internet2 Middleware and Security.
Identity Federations: Here and Now David L. Wasley Thomas Lenggenhager Peter Alterman John Krienke.
Federated Identity in the Global Landscape. Presenter’s Name Topics Federated identity basics International deployments and issues National, local and.
Growth. Interfederation PKI is globally scalable Unfortunately, its not locally deployable… Federation is locally deployable Can it.
InCommon Federation: Federating Relationships. Topics Administration Library Research Student Services Personal and Collaborative Applications Federal.
The Policy Side of Federations Kenneth J. Klingenstein and David L. Wasley Tuesday, June 29, CAMP Shibboleth Implementation Workshop.
Federated Identity Fundamentals Ann Harding, SWITCH Cambridge July 2014.
Leveraging Campus Authentication to Access the TeraGrid Scott Lathrop, Argonne National Lab Tom Barton, U Chicago.
Designing Identity Federation Policy, the right way Marina Vermezović, Academic Network of Serbia TNC2013 conference 4 May 2013.
David Millman—Columbia January 2005
Shibboleth Roadmap
Federation Systems, ADFS, & Shibboleth 2.0
The State of Federations
InCommon and Federated Identity Update
New CyberInfrastructure for Collaboration between Higher Ed and NIH
Context, Gaps and Challenges
Updates on Shib, a bit of InCommon and International Federations
Discovery and Federated Identity
Shibboleth: Status and Pilots
Presentation transcript:

The Art of Federations

Topics Federations of what… Federated identity versus federations Federations in other sectors – business, gov, ad hoc R&E Federations Peering and confederation International Grid Trust Federation

Lots of things can federate Data sets Search engines and catalogues Grid resources Primary identity providers Secondary identity providers

Federated identity and federations Federated identity –passing of information from an identity provider (IdP) to a relying party or service provider (SP) for an access control decision Bi-lateral, likely appended to an existing business relation Usually uses SAML Federation – bi-lateral or compound passing of information from several IdP and others to a SP Multi-institutional, broad communities with multiple IdP and SP Needs metadata management, more sophisticated attributes (including scoped), multi-lateral trust management, agreements on standards, more sophisticated AAP and ARP mechanisms, etc. Usually uses Shibboleth or a compatible

Federations in other sectors Corporate Internal federations within large, diverse companies Limited use for vertical sector operations Government

R&E Federations Rapidly growing sector, with many countries deploying and federation size increasing General scope is higher education, with coverage ranging from complete (e.g. Switzerland, Finland, Norway) to well underway (e.g. Denmark, France, UK, Germany, Australia) to planning Largest and most ambitious is the UK Access Management Federation, scoped to all higher education, K-12 and further education

In the US Growing number of state based federations University of Texas, University of California, University of Maryland, Ohiolink, etc. Easy to build on top of existing relationships Ad hoc federations – eg FEMA and Hurricane Katrina InCommon

US R&E Federation Members join a 501(c)3 Addresses legal, LOA, shared attributes, business proposition, etc issues Approximately 45 members and growing A low percentage of national Shib use…

InCommon Uses Dartmouth, and others, to get to ScienceDirect at Elsevier Penn State, and others, to get to WebAssign, an outsourced testing service University of Washington, and others, to get to CDigex Univ of Chicago, and others, to get to TurnItIn, a plagiarism testing service All members of InCommon, to get to spaces.internet2.edu (Soon, all members to get to the TeraGrid.) (Soon, all members to get to Fastlane and NIH and…

Policy components Participant operational practices To help SP decide on amount of trust to have IdM and local administration May or may not be audited Standard Attributes Metadata agreements Contract between institution and federated operator Easy except for limited liability and dispute resolution

Peering and Confederation For federations to be fully-scalable Peering - relationship between two autonomous federations Work underway in peering between InCommon and US Federal EAuthentication Federation MOU addresses metadata exchange, liability and dispute resolution, economics, technical mappings as addendum Confederation – a union of federations Addresses discovery, conversion of protocols and a more unified set of services Seemingly a natural structure for Europe eduGain, a Geant project, is working on this

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.