What is the Liberty Alliance ? A business alliance, formed in Sept 2001, with the goal of establishing an open standard for federated identity management.

Slides:

Advertisements

Similar presentations

Polycom Unified Collaboration for IBM Lotus Sametime and IBM Lotus Notes January 2010.

Advertisements

1 Liberty Specifications Tutorial Alexandre Stervinou Technical Consultant, RSA Security

Internet Applications

Yammer Technical Solutions Overview

Web Services In M-Commerce

Eunice Mondésir Pierre Weill-Tessier 1 Federated Identity with Ping Federate Project Supervisor: M. Maknavicius-Laurent ASR Coordinator: G. Bernard ASR.

The Global API Federation

10.1 © 2007 by Prentice Hall 10 Chapter E-Commerce: Digital Markets, Digital Goods.

Network Identity Kai Kang 27 th October Outline Introduction –Definition –Five drivers –Basic services –Roadmap Network Identity management approaches.

Active Directory: Final Solution to Enterprise System Integration

T Network Application Frameworks and XML Service Federation Sasu Tarkoma.

© 2006 IBM Corporation IBM Software Group Relevance of Service Orientated Architecture to an Academic Infrastructure Gareth Greenwood, e-learning Evangelist,

Understanding Active Directory

Discovering Computers: Chapter 1

TC2-Computer Literacy Mr. Sencer February 4, 2010.

Chapter 15 The Third Component: Powerful Networks.

Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –

Identity and Access Management

Digital Rights Management 5th Annual Wireless Java Conference January 21-23, 2004 Kevin Mowry, Motorola Chair, OMA Download and DRM group.

E-commerce E-commerce, or electronic commerce, refers to systems that support electronically executed business transactions. In this section: E-commerce.

Understanding Active Directory

#CONVERGE2014 Session 1304 Managing Telecom Directories in a Distributed or Multi-Vendor Environment David Raanan Starfish Associates.

1 Data Strategy Overview Keith Wilson Session 15.

T Next Generation Cellular Networks/ /YR Mobile Web Services T Next Generation Cellular Networks Yrjö Raivio 28916V.

1 Telecommunications, the Internet, Intranets, and Extranets CSC101 SECTIONS 01 & 02.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Catalyst 2002 SAML InterOp July 15, 2002 Prateek Mishra San Francisco Netegrity.

MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.

Identity Management Marco Casassa Mont Trusted E-Services Lab Hewlett-Packard Laboratories Bristol, UK June 2002.

Identity Management Report By Jean Carreon and Marlon Gonzales.

Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.

Internet2 – InCommon and Box Marla Meehl Colorado CIO 11/1/11.

THE INTERNET Chapter 13. Internet- Interconnection and Networks “the Net” Computers have played a significant role in our everyday life Growth in popularity.

Module 3: Business Information Systems Chapter 8: Electronic and Mobile Commerce.

SUNY System Administration Federation Overview Gavin Hogan July 15th, 2009 A work in progress….

 What is intranet What is intranet  FeaturesFeatures  ArchitectureArchitecture  MeritsMerits  applicationsapplications  What is ExtranetWhat is.

Identity on Force.com & Benefits of SSO Nick Simha.

1 NCHELP Update Common Record for FFELP & Alternative Loans Meteor The High Performance Channel.

Helsinki Institute of Physics (HIP) Liberty Alliance Overview of the Liberty Alliance Architecture Helsinki Institute of Physics (HIP), May 9 th.

IHE IT Infrastructure: The Value Proposition HIMSS 2003 Joining the IHE in its New Enterprise Initiatives.

Presented by: Presented by: Tim Cameron CommIT Project Manager, Internet 2 CommIT Project Update.

Catalyst 2002 SAML InterOp July 15, 2002 San Francisco.

Integrating Federated Identity and Web services in the RHIO Environment John Richardson Vice-Chair, Liberty Alliance eHealth SIG Intel Corporation Digital.

Identity Management: A Technical Perspective Richard Cissée DAI-Labor; Technische Universität Berlin

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Authority of Information Technology Application National Center of Digital Signature Authentication Ninh Binh, June 25, 2010.

INTRODUCTION. 1.1 Why the Internet Protocol Multimedia Subsystem 1.2 Where did it come from?

Sandbox enables System Integrators like Schakra to develop and evangelize mobile offerings such as Geoblogger to communication.

All Rights Reserved 2014 © CMG Consulting LLC Federated Identity Management and Access Andres Carvallo Dwight Moore CMG Consulting, LLC October

E-commerce Introduction and case study. E-Commerce 2012, Business Technology Society, Pearson, By Kenneth Laudon and Carol Traver.

| Copyright© 2011 Microsoft Corporation 1 journey to the cloud KOEN VAN TOLHUYZEN TSP OFFICE 365 MICROSOFT CORPORATION.

Jini Architecture Introduction System Overview An Example.

Jini Architectural Overview Li Ping

ATIS’ Service Oriented Networks (SON) Activity Andrew White, Nokia Siemens Networks DOCUMENT #:GSC15-PLEN-81r1 FOR:Presentation SOURCE:ATIS AGENDA ITEM:PLEN.

Connect. Communicate. Collaborate Deploying Authorization Mechanisms for Federated Services in the eduroam architecture (DAMe)* Antonio F. Gómez-Skarmeta.

Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.

GRID ANATOMY Advanced Computing Concepts – Dr. Emmanuel Pilli.

WLCG Authentication & Authorisation LHCOPN/LHCONE Rome, 29 April 2014 David Kelsey STFC/RAL.

SAML Interoperability Lab RSA Conference Agenda SAML and the OASIS SSTC SAML Timeline Brief SAML History SAML Interop Lab Q & A Demo.

Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.

By : Abhishek Verma Main Topics : 1. Introduction 2. Platform 3. Software Development 4. Overall Evaluation.

INTRODUCTION TO IDENTITY FEDERATIONS Heather Flanagan, NSRC.

HP Network and Service Provider Business Unit Sebastiano Tevarotto February 2003.

Authentication and Authorisation for Research and Collaboration Taipei - Taiwan Mechanisms of Interfederation 13th March 2016 Alessandra.

The FederID project The First Identity Management and Federation Free Software.

1.4 wired and wireless networks lesson 1

Access Policy - Federation March 23, 2016

Data and Applications Security Developments and Directions

Introduction How to combine and use services in different security domains? How to take into account privacy aspects? How to enable single sign on (SSO)

ATIS’ Service Oriented Networks (SON) Activity

Presentation transcript:

What is the Liberty Alliance ? A business alliance, formed in Sept 2001, with the goal of establishing an open standard for federated identity management Global membership consists of consumer- facing companies and technology vendors as well as policy and government organizations tutorial_draft.pdf

Goals : – Provide open standard and business guidelines for federated identity management spanning all network devices – Provide open and secure standard for SSO with decentralized authentication and open authorization – Allow consumers/ businesses to maintain personal information more securely, and on their terms tutorial_draft.pdf

Open Interaction and Participation tutorial_draft.pdf

ID-FF Concepts  Simplified Sign-On (aka Single Sign-On) Allows a user to sign-on once at a Liberty enabled site and to be seamlessly signed-on when navigating to another Liberty-enabled site without the need to authenticate again.  Single Logout provides synchronized session logout functionality across all sessions that were authenticated by a particular identity provider. tutorial_draft.pdf

Key Concepts  Network Identity is the fusion of network security and authentication, user provisioning and customer management, single sign-on technologies and Web-services delivery.  Federated identity architecture delivers the benefit of simplified sign-on to users by granting rapid access to resources to which they have permission but does not require the user’s personal information to be stored centrally. tutorial_draft.pdf

Federated Identity Lifecycle tutorial_draft.pdf

Single Sign-on and Federation tutorial_draft.pdf

IdP-initiated Single Logout tutorial_draft.pdf

ID-WSF Concepts  Discovery Service enables various entities (e. g. Service Providers) to dynamically discover a Principle’s registered identity services.  Interaction Service protocols provide an identity service the means to obtain permission from a users.  Attribute Provider hosts a data service – such as ID- Personal Profile. tutorial_draft.pdf

The Complete Liberty Architecture

Interaction tutorial_draft.pdf

Business Guidelines  Federated Identity cannot be successful based on technology alone. Also required are: IT staff to manage and implement a set of specifications that cross several domains of expertise A clean directory Pre-existing agreements with others in a circle of trust  Detail major issues for federated identity interchange and trust relationships Examine risk and liability in identity interchange Identify success criteria for global and cross- company federation tutorial_draft.pdf

Business Guidelines

IBM/France Telecom Deployment  Create a single-sign-on network for France Telecom's 50 million cellular phone users  Subscribers can sign-on via mobile telephone or personal computer  Makes single-sign-on systems even more important, since logging into a network with a phone is much slower than using a PC's keyboard.  Applications that France Telecom hopes that it or its partners will supply include instant messaging, location-based services, games, online banking and e- mail

AOL/D-Link Deployment  AOL Broadband subscribers use D-Link's wireless media player to play music from the service on home stereos.  The media player uses the Liberty protocols to access on behalf of a user No need to login to AOL to use media player  AOL demonstrated the same service running over a Nokia handset at the 3GSM Conference this February

Japan’s EduMart Deployment  Part of the e- Japan Policy Priority Program  Spearheaded by the Strategic Headquarters for the Promotion of an Advanced Information and Telecommunications Network Society  Brings rich educational content to students at more than 40,000 schools Established an open interface Built an educational content distribution network that will lead to a system in which both public institutions and private businesses can connect to interfaces and freely participate.

County Land Document Recording Exchange  Deployment across Government and Industry Streamlines the land recordation process (thousands of counties and innumerable lenders/title companies each with separate systems and identities)  Establishes a strong foundation for an industry “Circle of Trust”

Product Support  NTT Software (available)  (2004)  PeopleSoft (available)  Phaos Technology (available)  Ping Identity (available)  PostX (available)  RSA (Q4)  Salesforce. com (TBD)  Sigaba (available)  Sun Microsystems (available)  Trustgenix (available)  Ubisecure (available)  Verisign (Q4*)  Vodafone (2004)  WaveSet (available)  *Delivery dates being confirmed  AOL (announced)  Communicator (available)  Computer Associates (Q4*)  DataKey (available)  DigiGan (Q3*)  Ericsson (Q4)  Entrust (Q1 2004)  France Telecom (Q4 2003)  Fujitsu Invia (available)  Gemplus (TBD)  HP (available)  July Systems (available)  Netegrity (2004)  NeuStar (available)  Nokia (2004)  Novell (available)

For More Information W W W. PROJECTLIBERTY. ORG www-106.ibm.com/developerworks/library/ws-fed/ Contact me: Rebekah Metz