Copyright JNT Association 2005Copyright JNT Association 2008 www.ukfederation.org.uk An Introduction to Access Management and the UK Federation Simon Cooper.

Slides:



Advertisements
Similar presentations
Shibboleth and UKAMF-FEAR not as scary as it sounds! Rhys Smith Cardiff University.
Advertisements

Lousy Introduction into SWITCHaai
Joint Information Systems Committee 01/04/2014 | | Slide 1 Connecting People to Resources The JISC Access Management Strategy Nicole Harris Programme Manager.
PERSEUS : Portal-enabled Resources via Shibbolized End-user Security 16 May 2005JISC Core Middleware Programme Meeting, Loughborough 1 PERSEUS Project.
Eduserv Athens Federations David Orrell Eduserv Athens Technical Architect.
FAME-PERMIS Project University of Manchester University of Kent London, July 2006.
KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.
Joint Information Systems Committee Connecting People to Resources Federated Access Management within the UK Nicole Harris Senior Services Transition Manager,
Shibboleth at Newcastle Caleb Racey Webteam ISS Shibboleth experiences Program  Background  What shib has enabled  Benefits of shib  How to do shib.
JISC Metaleth Project Athens, Shibboleth and the University of Bristol 29 th January 2007.
Copyright JNT Association 20051Optional Copyright JNT Association Joining the UK Access Management Federation 4th April.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (
Joint Information Systems Committee 04/06/2015 | | Slide 1 Mark Williams Services Outreach, JISC federated access management London.
Agenda Project beginnings and funding. Purpose of the federation. Federation members. Federation protocols. Special features in our federation. Pilot.
Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.
Shibboleth & IMPETUS 1.What are they? 2.Demo. Shibboleth - A system to support the sharing of Web resources among organisations IMPETUS - Infrastructure.
Shibboleth access management: a replacement for Athens and more? Mark Norman and Christian Fernau OUCS 21 June 2007.
Offsite Backups. The purpose of this Startup Guide is to familiarize you with Own Web Now's Offsite Backup offering and show you how to purchase, deploy.
SWITCHaai Team Federated Identity Management.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
1 everything about. 2 “A FREE online service for UK HE and FE institutions to share, reuse and repurpose electronic learning and teaching resources”.
To identity federation and beyond! Josh Howlett JANET(UK) HEAnet 2008.
Becta’s story… Federated identity. About Becta Becta is the government agency leading the national drive to ensure the effective and innovative use of.
Digimap Training Workshops Introduction for new site reps What is Digimap? What can I do with Digimap? Screen share: Digimap OS Collection Your role as.
Gary Brown, Senior Systems Developer, Portal Development Team Identity Management Toolkit a JISC sponsored project.
Australian Access Federation Robert Hazeltine Identity and Access Management Enterprise Systems Office.
what is contacts? In-contacts is an online contacts database designed from the ground up to be compatible with modern business needs.
Internet2 – InCommon and Box Marla Meehl Colorado CIO 11/1/11.
TNC 2008 JANET(UK) Shibboleth on Windows Trial TNC May 2008 Louis Searchwell Please note that the Shibboleth installer for Windows described in this presentation.
I2Q & WMnet Pilot Presented by Jason Rousell – i2Q Jay Neale - i2Q.
Michal Procházka, Jan Oppolzer CESNET.
Elements of Trust Framework for Cyber Identity & Access Services CYBER TRUST FRAMEWORK Service Agreement Trust Framework Provider Identity Providers Credential.
2005 © SWITCH Perspectives of Integrating AAI with Grid in EGEE-2 Christoph Witzig Amsterdam, October 17, 2005.
10 years of HEAL-Link Trieste, Italy. Increase of electronic journals accessible to the members of HEAL-Link
Shibboleth in Finnish Higher Education Organisations E-ICOLC 2005 Poznan, Poland.
The UK Access Management Federation for education and research John Chapman, Project Adviser, Technical Policy & Standards.
Current list of common attributes of the EDIT federation Single Sign-On for the EDIT platform Lutz Suhrbier¹, Andreas Kohlbecker², Andreas Müller² 1 Freie.
MAT U M A T U Middleware Assisted Take-Up Service For JISC Funded Early Adopters.
Shibboleth Access Management System Walter Hoehn & David Millman, Columbia University.
Federated Access Management The Motherwell Experience Carole Gray.
Federations round table Haka federation of Finland EuroCAMP Mikael Linden CSC, the Finnish IT Center for Science.
Copyright JNT Association 20051Optional Copyright JNT Association The UK federation Mark Tysom, JANET(UK) 9 October 2007.
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.
Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.
Towards a Unified Authentication, Authorisation and Accounting Infrastructure Patrick Kirk Chief Technical Officer (YHGfL) Lifelong Learning Infrastructure.
The UK Access Management Federation John Chapman Project Adviser – Becta.
Copyright JNT Association 20051Optional Copyright JNT Association The UK federation TNC - 22 nd May 2007 Mark Tysom, UKERNA.
Knowledge Services Group Introduction The shared space is to aid communication and sharing of knowledge for staff working in remote and rural care Encourage.
KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.
1 Identities and Federation: The Next IT Wave (The Canadian Access Federation) Rick Bunt President The Canadian University Council of CIOs (CUCCIO)
Federated Identity Fundamentals Ann Harding, SWITCH Cambridge July 2014.
Shibboleth Use at the National e-Science Centre Hub Glasgow at collaborating institutions in the Shibboleth federation depending.
INTRODUCTION TO IDENTITY FEDERATIONS Heather Flanagan, NSRC.
The Evolving IG Lead Role Phil Walker IGA. The IG Lead Role I am constantly surprised by the breadth and variety of work undertaken by IG Leads, but there.
Project Moonshot Daniel Kouřil EGI Technical Forum
Authentication and Authorisation for Research and Collaboration TeSS Service Provider Training, Manchester Authentication and Authorisation.
Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.
Authentication and Authorisation for Research and Collaboration Taipei - Taiwan Mechanisms of Interfederation 13th March 2016 Alessandra.
Office 365 Upsell Paths.
Federation made simple
The session will commence at Please mute your microphone
TNC - 22nd May 2007 Mark Tysom, UKERNA
UK Access Management Federation
UK Federation 101 Ian A. Young EDINA, University of Edinburgh (and the UK Federation) Internet2 Fall Member Meeting, 7 Dec Shibboleth Development.
Community AAI with Check-In
Supporting Institutions Towards a Shibbolized Infrastructure
Shibboleth 2.0 IdP Training: Introduction
Protecting Privacy with Federated AA
Presentation transcript:

Copyright JNT Association 2005Copyright JNT Association An Introduction to Access Management and the UK Federation Simon Cooper JANET(UK)

Copyright JNT Association 2005Copyright JNT Association Overview What is access management? What is Shibboleth? UK Access Management Federation The Benefits How to Apply Participation options Support Membership

Copyright JNT Association 2005Copyright JNT Association In this context = Controlling access to online resources Authentication Is a user who they say they are? - Identity Authorisation What is the user allowed to access? - Rights What is Access Management?

Copyright JNT Association 2005Copyright JNT Association Legacy access management User’s identity and personal data are known to all Publisher knows more than it wants and less than it needs I’m “AJones/T,t<*?I1” SiteLicence Are you a licensed user? ? Service Provider (SP)Identity Provider (IdP)

Copyright JNT Association 2005Copyright JNT Association SiteLicence I’m “AJones/T,t<*?I1”, am I? Federated Access Management User’s identity and personal data are protected Publisher knows exactly what it needs Are you a licensed user? They say I’m licensed Yes, you’re licensed OK! Identity Provider (IdP)Service Provider (SP)

Copyright JNT Association 2005Copyright JNT Association How is this achieved? Through the use of attributes Permits fine grained Authorisation “Law Student” or “Staff Member” not individual username and password Service Providers can only ask for what they need

Copyright JNT Association 2005Copyright JNT Association What is Shibboleth? An open source, standards-based solution to meet the needs for organisations to exchange information about their users in a secure, privacy-preserving manner Recommended software for UK federation participation

Copyright JNT Association 2005Copyright JNT Association What is the UK federation? A set of Rules that binds members For UK schools, FE, HE and research Organisations and institutions providing services to these sectors Joint funded by JISC and Becta Operational management by JANET(UK)

Copyright JNT Association 2005Copyright JNT Association What is the UK federation? A secure framework that allows: students to access protected online web resources based on information asserted by their home organisation. providers of online resources to control access to their services.

Copyright JNT Association 2005Copyright JNT Association Benefits: for Users Much less need to disclose your identity Personal data kept between you and your home organisation Service providers can tailor services better (At least) one less password to remember Access to online resources from anywhere

Copyright JNT Association 2005Copyright JNT Association Benefits: for Organisations Uses existing authentication infrastructure Can be used to protect internal resources No annual subscription fee Software free to download and use Easier to comply with regulatory requirements –Data Protection Act 1998

Copyright JNT Association 2005Copyright JNT Association Benefits: for Service Providers No need to maintain your own user database –Authentication is done for you by home organisation –Can authorise per institution, role, and/or entitlement Reduction in user support No annual subscription fee Software free to download and use Reduced data protection compliance burden –Less storage/processing of personal data Users take better care of credentials

Copyright JNT Association 2005Copyright JNT Association How to apply? Senior member of organisation signs up to federation Rules of Membership JANET(UK) verify contact details Membership confirmed. Organisation (usually IT staff) registers participating servers with the federation

Copyright JNT Association 2005Copyright JNT Association How to participate 1.a) In-house: run and support your own Identity Provider (IdP) b) Hybrid: run your own IdP, provided and supported by a third party 2.Outsource : Third party run IdP under contract

Copyright JNT Association 2005Copyright JNT Association In-house Approach Shibboleth IdP is a Java application –Runs on Linux, Unix, Windows, Mac. Installation is straightforward. Some configuration is required. Community support

Copyright JNT Association 2005Copyright JNT Association Shibboleth on Windows Project Commenced March 08. Case Studies + documentation. Free to community. Release end of May.

Copyright JNT Association 2005Copyright JNT Association Who does what? Internal Collaboration is essential IT department must be involved from the outset Senior management may require a business case (see JISC Business Case Toolkit) Senior management sign the membership agreement

Copyright JNT Association 2005Copyright JNT Association What help is available? –JANET(UK) helpdesk –Website: –Mailing lists –Training courses: s/workshops/range/accman.html –Regional events (Brighton, 29 th April)

Copyright JNT Association 2005Copyright JNT Association Who has joined? 247 members (10 th March) Sector breakdown –75 FE –106 HE –7 LA/RBC

Copyright JNT Association 2005Copyright JNT Association What services are available? 47 Commercial Service Providers or Publishers Ovid, Elsevier, Microsoft, BBC, Digimap, JISCmail, JVCS Booking Services, Full list of Services: Dialogue with Service Providers

Copyright JNT Association 2005Copyright JNT Association When should you join? Now! (get the admin out of the way) Audit your existing infrastructure and assess organisation’s readiness Implement your IdP Roll out within organisation Consider federating internal services

Copyright JNT Association 2005Copyright JNT Association Questions? More info: lists:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.