Project Shibboleth Update, Demonstration and Discussion Michael Gettes May 20, 2003 TERENA Conference, Zagreb, Croatia Michael Gettes.

Slides:



Advertisements
Similar presentations
Next Generation Athens Services Ed Zedlewski UK e-Science Town Meeting, London, 11 April 2005.
Advertisements

What Lies Ahead: Grids, Shibboleth, PKI Ken Klingenstein, Director, Internet2 Middleware Initiative Copyright Ken Klingenstein This work is the intellectual.
ICDL 2004, New Delhi1 Access Management for Digital Libraries in a well-connected World John Paschoud SECURe Project London School of Economics Library.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
June 30, 2004CAMP Shibboleth Implementation Workshop Shibboleth Mockup - ARP GUI Management by Steven Carmody Brown University proxy Walter Hoehn.
Shibboleth Update a.k.a. “shibble-ware”
InCommon Policy Conference April Uses  In order to encourage and facilitate legal music programs, a number of universities have contracted with.
Collaboration & InCommon EDUCAUSE Midwest Regional Conference March 21, 2005 Carrie E. Regenstein UW-Madison.
Project Shibboleth Update, Demonstration and Discussion Michael R Gettes Duke University (on behalf of the entire shib team!!!) June.
3 September 2015 Federated R US. Agenda  Background on Internet2 Middleware and NSF Middleware Initiative  The body of work  Directories  Shibboleth.
Shib in the present and the future Ken Klingenstein Director, Internet2 Middleware and Security.
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.
1 The Partnership Challenge Higher education’s missions are realized in increasingly global, collaborative, online relationships –Higher educations’ digital.
Shibboleth Architecture and Requirements Shibboleth A New Approach to Web Based Access Control CNI April 4, 2005.
Shibboleth Possible Features – Version 2 Steve Carmody July 9, 2003 Steve Carmody July 9, 2003.
SUSHI: Standardized Usage Statistics Harvesting Initiative Tim Jewell Oliver Pesch NISO SUSHI Working Group ALA Midwinter January 2006 San Antonio.
7 October 2015 Shibboleth. Agenda  Shibboleth Background and Status  Why is Shibboleth Important (to Higher Ed)?  Current Pilots Course Management.
Shibboleth: Installation and Deployment Scott Cantor July 29, 2002 Scott Cantor July 29, 2002.
Shibboleth Update Michael Gettes Principal Technologist Georgetown University Ken Klingenstein Director Interne2 Middleware Initiative.
Shibboleth federations: A Publisher’s Perspective Ale de Vries Product Manager ScienceDirect Elsevier Terena EuroCAMP Malaga, October 18-19, 2006.
David L. Wasley Office of the President University of California Shibboleth Safe delivery of reliable authorization data David L. Wasley University of.
NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.
Shibboleth A Federated Approach to Authentication and Authorization Fed/Ed PKI Meeting June 16, 2004.
Shibboleth for Real Dave Kennedy
David Kennedy, UMD Shibboleth and Library Resources Internet2 Library/Shibboleth Project.
Shibboleth Update RL “Bob” Morgan, Washington Steven Carmody, Brown Scott Cantor, Ohio State Marlena Erdos, IBM/Tivoli Michael Gettes, Georgetown Keith.
Internet2 CAMP Shibboleth Scott Cantor (Hey, that’s my EPPN too.) Tom Dopirak Scott Cantor (Hey, that’s my.
Dartmouth PKI Update Robert Brentrup Internet2 Member Meeting April 21, 2004.
Federations 101 John Krienke Internet2 Fall 2006 Internet2 Member Meeting.
Shibboleth Update Advanced CAMP 7/31/02 RL “Bob” Morgan, Washington Steven Carmody, Brown Scott Cantor, Ohio State Marlena Erdos, IBM/Tivoli Michael Gettes,
Shibboleth A word which was made the criterion by which to distinguish the Ephraimites from the Gileadites. The Ephraimites, not being able to pronounce.
Shibboleth Authenticate Locally, Act Globally A Penn State Case Study Renee’ Shuey May 4, 2004 ITS – Emerging Technologies.
Shibboleth at Columbia Update David Millman R&D July ’05
Shibboleth: An Introduction
MAT U M A T U Middleware Assisted Take-Up Service For JISC Funded Early Adopters.
Internet2 Middleware Initiative Shibboleth Ren é e Shuey Systems Engineer I Academic Services & Emerging Technologies The Pennsylvania State University.
Shibboleth Access Management System Walter Hoehn & David Millman, Columbia University.
NMI End-to-End Diagnostic Advisory Group BoF Fall 2003 Internet2 Member Meeting.
US of A and A Activities Ken Klingenstein, Director Internet2 Middleware Initiative.
Shibboleth: Status and Pilots. The Golden Age of Plywood.
The Golden Age of Plywood Ken Klingenstein Project Director, Internet2 Middleware Initiative Chief Technologist, University of Colorado at Boulder.
Shibboleth: Early Experience at OSU Scott Cantor October 28, 2002 Scott Cantor October 28, 2002.
1 Protection and Security: Shibboleth. 2 Outline What is the problem Shibboleth is trying to solve? What are the key concepts? How does the Shibboleth.
Shibboleth Penn State Case Study Renée Shuey Senior Systems Engineer ITS – Emerging Technologies October 13, 2003.
Shibboleth A word which was made the criterion by which to distinguish the Ephraimites from the Gileadites. The Ephraimites, not being able to pronounce.
Shibboleth: OSU Early Adoption Scenarios Scott Cantor April 10, 2003 Scott Cantor April 10, 2003.
Shibboleth at USMAI David Kennedy Spring 2006 Internet2 Member Meeting, April 24-26, 2006 – Arlington, VA.
Mairéad Martin The University of Tennessee December 16, 2015 Federated Digital Rights Management.
Shibboleth: Molecules, Music, and Middleware. Outline ● Terms ● Problem statement ● Solution space – Shibboleth and Federations ● Description of Shibboleth.
Holly Eggleston, UCSD Beyond the IP Address: Shibboleth and Electronic Resources InCommon Library/Shibboleth Project.
Shibboleth & Federated Identity A Change of Mindset University of Texas Health Science Center at Houston Barry Ribbeck
Shibboleth: Overview and Status The Shibboleth Architecture Team.
JISC Shibboleth Briefing, 12-Mar Everything I always wanted to know about Shibboleth John Paschoud SECURe Project, LSE Library …but was afraid to.
Shibboleth Update January, 2001 Ken Klingenstein, Project Director, Internet2 Middleware Initiative Chief Technologist, University of Colorado at Boulder.
CAMP-Shib, Broomfield CO, 30-Jun-041 Exploring some Shibbolized portals models… John Paschoud PERSEUS Project, LSE Library.
InCommon® for Collaboration Institute for Computer Policy and Law May 2005 Renee Shuey Penn State Andrea Beesing Cornell David Wasley Internet 2.
PAPI 2 Distributed trust model and AA interoperability.
Shibboleth Authenticate Locally, Act Globally A Penn State Case Study.
Shibboleth at USMAI David Kennedy Spring 2006 Internet2 Member Meeting, April 24-26, 2006 – Arlington, VA.
Shibboleth for Middle Schools James Burger -
Networks ∙ Services ∙ People Licia Florio TNC, Lisbon Consuming identities across e- Infrastructures 16 June 2015 PDO GÈANT.
Blackboard Learning System r6 and Shibboleth Barry Ribbeck U.Texas Health Science Center at Houston Christopher Etesse Blackboard Inc.
Shibboleth Project at GSU
CNI Spring 2006 Task Force Meeting
Shibboleth Update a.k.a. “shibble-ware”
Michael R Gettes, Duke University On behalf of the shib project team
Overview and Development Plans
Open Source Web Initial Sign-On Packages
Shibboleth Deployment Overview
Shibboleth: Status and Pilots
Presentation transcript:

Project Shibboleth Update, Demonstration and Discussion Michael Gettes May 20, 2003 TERENA Conference, Zagreb, Croatia Michael Gettes May 20, 2003 TERENA Conference, Zagreb, Croatia

2 Shibboleth A word which was made the criterion by which to distinguish the Ephraimites from the Gileadites. The Ephraimites, not being able to pronounce sh, called the word sibboleth. See -- Judges xii. Hence, the criterion, test, or watchword of a party; a party cry or pet phrase. - Webster's Revised Unabridged Dictionary (1913):Webster's Revised Unabridged Dictionary (1913)

3 Stage 1 - Addressing Three Scenario’s Member of campus community accessing licensed resource Anonymity required Member of a course accessing remotely controlled resource Anonymity required Member of a workgroup accessing controlled resources Controlled by unique identifiers (e.g. name) Taken individually, each of these situations can be solved in a variety of straightforward ways. Taken together, they present the challenge of meeting the user's reasonable expectations for protection of their personal privacy.

4 Establishing a User Context

5 Getting Attributes and Determining Access

6 Shibboleth Architecture

7 Target Web Server Origin Site Target Site Browser Shibboleth Architecture -- Managing Trust TRUST Attribute Server Shib engine

8 Milestones Project formation - Feb 2000 Stone Soup Process - began late summer 2000 with bi-weekly calls to develop scenario, requirements and architecture. Linkages to SAML established Dec 2000 Architecture and protocol completion - Aug 2001 Design - Oct 2001 Coding began - Nov 2001 Alpha-1 release – April 24, 2002 OpenSAML release – July 15, 2002 v0.7 Shibboleth released Nov 25, 2002 v0.8 March 1, 2003 v1.0 May 2003 (end of month) v1.1 conversations ruminating; v1.2 may be the plateau

9 Code status v0.8 released March 2003 (coding teams – MIT, Columbia, Ohio State, CMU); v1.0 due out April 10 v0.7 much easier to install than alpha’s. C/C++ only on origin. Java still on target. Relatively safe to deploy and experiment Release issues – platform dependencies, fragile Apache components, binaries vs source, etc… v0.7 to v0.8 new features – ARP’s redone, added robustness timeframes – march 1, 2003 general release V0.8 to 1.0 – SAML 1.1 support, bug fixes and re-packaging

10 Course Management Early Adopters WebCT Webassign Blackboard (Demonstrated April, 2003) OKI

11 The Library Pilots Explore and Evaluate the utility of the Shibboleth model (attributes) for controlling access to licensed resources Identify problems and issues with this approach How well do existing licenses map to attributes? Library “walk-in” customers Identify and address Shib deploy issues for campuses AND for vendors Explore new possibilities, including role-based access controls

12 Campus Participants Carnegie Mellon Columbia Dartmouth Georgetown London School of Economics New York Unv. Ohio State Others coming on Penn State U. Colorado U. Michigan U. Washington U. Wisconsin - Madison UCOP (U. California System) U.Texas Health Science Center at Houston

13 Vendor Participants EBSCO ~ Elsevier OCLC Sfx (Ex libris) JSTOR McGraw Hill eBooks Innovative (III) Consortial efforts: WRLC, Athens, …

14 Shibboleth Deployment Issues Access Issues Kiosks and walk-ins logins for on-campus use Licensing issues reconciling license structures with directory structures system and consortial issues mitigating disintermediation Functional issues handling Shibbed and non-Shibbed resources roll-out strategies entitlements vs attributes what attributes to pass how to structure the attribute name space

15 A Quick Demonstration Shib Demo Site

16 Next steps Convergence with other efforts (PAPI, Permis, A-Select, etc) Shibboleth used as a WebISO solution, the N-Tier problem What is a Federation? How do we define it? Sub-Fed, Fed Clusters, Super Federations Shibboleth the architecture vs Shibboleth the web service Shibboleth the technology vs Club Shib the trust model Federated Digital Rights Management Federated P2P Privacy Management Systems – see Personal Information Managers – see bin/httool.eplhttp:// bin/httool.epl

17 Personal Resource Manager

18 Privacy Management Systems

19 Overall Trust Fabric

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.