Identity Services Technical Briefing Tuesday, November 5, 2013 Nicholas Roy – Technical Manager 11/5/13Identity Services Technical Briefing1.

Slides:



Advertisements
Similar presentations
How Identity and Access Management Can Help Your Institution Touch Its Toes Renee Woodten Frost Internet2 and University of Michigan Kevin Morooney The.
Advertisements

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
Bronze and Silver Identity Assurance Profiles for Technical Implementers Tom Barton Senior Director for Integration University of Chicago Jim Green Manager,
Credentialing, Levels of Assurance and Risk: What’s Good Enough Dr. Michael Conlon Director of Data Infrastructure University of Florida.
NSF Middleware Initiative: Managing Identity on Campus Michael R Gettes, Duke University Tom Barton, University of Chicago.
When Account Management Is Not Enough Identity at RIT Matt Campbell Sr. Infrastructure Engineer
Where the sidewalk used to end, privilege management Chris Hyzer University of Pennsylvania.
Using Levels of Assurance Renee Shuey nmi-edit CAMP: Charting Your Authentication Roadmap February 8, 2007.
1 Penn State’s Identity & Access Management Initiative “It’s all about who you know … and what you know about them”
Emory University Case Study I2 Day Camp November 5, 2010 John Ellis & Elliot Kendall.
Drive-By Dialogues. Presenter’s Name Topics The Long Strange Trip of I2 – NLR Merger A Brief Comment on Optical Networking Middleware Developments Security.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.
UCLA’s Shibboleth Plan Shibboleth is an integral part of UCLA’s Enterprise Directory & Identity Management Infrastructure (EDIMI) Project Integrate with.
CPR Overview 28-April Agenda Introduction Requirements Data Model Services Model Service Providers Implementation Contact Information.
Peter Deutsch Director, I&IT Systems July 12, 2005
Directory Services Project University of Colorado at Boulder.
GatorAid: Identity Management at the University of Florida Mike Conlon Director of Data Infrastructure
CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,
Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.
Penn State Identity and Access Management - Identity & Access Management Update Non Student Lifecycle and Relationships Meeting March.
Purpose Level set of project – CPR Service Integration (CSI) – The transition of CIDR / ISIS / IBIS / CACTUS services to utilize the CPR services Demarcation.
InCommon Michigan State Common Solutions Group, January 2011 Matt Kolb
Introduction to Grouper Part 1: Access Management & Grouper Tom Barton University of Chicago and Internet2 Manager – Grouper Project.
Exploring InCommon Getting Started with InCommon: Creating Your Roadmap.
IAM Overview and Self-assessment Exercise Keith Hazelton, UW-Madison & Internet2 MACE Renee Shuey, Penn State & InCommon TAC Co- chair InCommon CAMP, Columbus,
Central Person Registry ITS ITANA Architecture Review 10 November 2010.
GatorLink Password Management Policy March 31, 2004.
KUALI IDENTITY MANAGEMENT Provides services for Identity and Access Management in Kuali Integrated Reference Implementations User Interfaces An “integration.
Stuff, including interfederation stuff Dr Ken Klingenstein, Director, Middleware and Security, Internet2.
Michael Ghens Information Systems Specialist Santa Barbara City College.
UCLA Enterprise Directory Identity Management Infrastructure UC Enrollment Service Technical Conference October 16, 2007 Ying Ma
The I-Trust Federation: Federating the University of Illinois Keith Wessel Identity Management Service Manager University of Illinois at Urbana-Champaign.
Researcher ID September Presented by Terry Smith - AAF Technical Manager.
Presented by: Presented by: Tim Cameron CommIT Project Manager, Internet 2 CommIT Project Update.
Future Guest System (FGS) not FPS NOTE: the FGS does not represent a real name. I just made it up.
Collaborative Platforms. Collaborations and Virtual Organizations IdM is a critical dimension of collaboration, crossing many applications.
Shibboleth: An Introduction
MAT U M A T U Middleware Assisted Take-Up Service For JISC Funded Early Adopters.
Internet2 Middleware Initiative Shibboleth Ren é e Shuey Systems Engineer I Academic Services & Emerging Technologies The Pennsylvania State University.
Identity and Access Management Roadmap Presentations for Committee on Technology and Architecture March 21, 2012 Amy Day, MBA Director of GME IAM Committee.
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 NMI R3 Enterprise Directory Components.
Identity Management Practical Issues Associated with Sharing Federated Services William A. Weems The University of Texas Health Science Center at Houston.
Practical Tools for Implementing Authentication and Managing Authorization Educause SWR 2007 Barry Ribbeck Director of Systems, Architecture and Infrastructure.
Middleware CAMP Day 2. Current Research Research that develops th e…
ITS – Identity Services ONEForest Security Jake DeSantis Keith Brautigam
University of Washington Identity and Access Management IEEAF – RENU Network Design Workshop Seattle - 29 Nov 2007 Lori Stevens, Director, Distributed.
Authentication and Authorisation for Research and Collaboration Peter Solagna Milano, AARC General meeting Report and plans Attribute.
Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
ISC-ASTT PennGroups Central Authorization System (Grouper) June 2009.
FROM MIT KERBEROS TO MICROSOFT ACTIVE DIRECTORY The Pennsylvania State University’s move from a lower case MIT Kerberos realm to a Standard Microsoft Active.
2003 © SWITCH Authentication and Authorisation Infrastructure - AAI Christoph Graf Project Leader AAI SWITCH.
Current Middleware Picture Tom Barton University of Chicago Tom Barton University of Chicago.
Identity Management, Federating Identities, and Federations November 21, 2006 Kevin Morooney Jeff Kuhns Renee Shuey.
1 Name of Meeting Location Date - Change in Slide Master Authentication & Authorization Technologies for LSST Data Access Jim Basney
THE CAMPUS IDENTITY SYSTEM Lucy Lynch, NSRC. Learning Objectives Discovering the key role campus networks play in trusted identities for R&E Authoritative.
New Developments in Central Directory Service and Account Provisioning Dan Menicucci Enterprise Architect - University of Pittsburgh.
OpenRegistry Initiative
Federated Identity Management at Virginia Tech
LIGO Identity and Access Management
John O’Keefe Director of Academic Technology & Network Services
e-Infrastructure Workshop 28th March 2006, University of Leeds
Identity and Access Management Services
ESA Single Sign On (SSO) and Federated Identity Management
Identity and Access Management Program Update CIO Council Update
Central Authorization System (Grouper) June 2009
Identity Management at the University of Florida
Supporting Institutions Towards a Shibbolized Infrastructure
Shibboleth in Switzerland
Example Use Case for Attribute Authorities and Token Translation Services - the case for eduGAIN Andrea Biancini.
Presentation transcript:

Identity Services Technical Briefing Tuesday, November 5, 2013 Nicholas Roy – Technical Manager 11/5/13Identity Services Technical Briefing1

Central Person Registry Current state – Primed with 1.2 million person records as of September – Daily batch consumption of records from: ISIS IBIS CIDR CACTUS Hershey Medical Center Lawson (Hospital Staff HR) – Affiliations using the current set of eduPerson values and rules, some gaps identified 11/5/13Identity Services Technical Briefing2

Central Person Registry Future State – New data from Hershey Medical Center Faculty List (HY faculty, emeritus) to complete current affiliations – Integration with CIDR and CACTUS to make CPR authoritative for person identity excluding SSN – Allows real-time operations against web services – Implement rules engine and fine grained affiliations  better access control 11/5/13Identity Services Technical Briefing3

Access Management Grouper – Foundation for richer access control Nesting, group math, enterprise groups, permissions, privileges, roles – LDAP Groups – Group Views – Group API 11/5/13Identity Services Technical Briefing4

Federated Identity InCommon – Multilateral Federation – Assurance Shibboleth – Core Technology SAML – Core Protocol – Other Protocols (the future?) Interfederation – Other Federations Social Identity – Other Sources of Authentication (maybe not attributes) 11/5/13Identity Services Technical Briefing5

Two Factor Authentication The problem with passwords The current state of 2FA at Penn State Enterprise solution – Duo Security Pilots  feedback and service refinement Planning for self-enrollment and identity verification Service roll-out/planning a transition paths to Duo 11/5/13Identity Services Technical Briefing6

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.