~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant.

Slides:



Advertisements
Similar presentations
Central Desktop – why we love it and you will love it too. Alison Paul Deputy Director, Montana Legal Services Association Equal Justice Conference Minneapolis,
Advertisements

Welcome to Middleware Joseph Amrithraj
From Authentication to Privilege Management to the Attribute Economy: Marketing runs amok…
Federated Access to Grids Daniel Kouřil, Sam Hartman, Josh Hewlet, Jens Jensen, Michal Procházka EGI User Forum 2011.
Internet2 Middleware BASE CAMP slides Michael R. Gettes Principal Technologist Georgetown University
Drive-By Dialogues. Presenter’s Name Topics The Long Strange Trip of I2 – NLR Merger A Brief Comment on Optical Networking Middleware Developments Security.
A Middleware Unified Field Theory Identity Management / Directories Privileges / Groups Single Sign-On / Federation Enterprise Integration from network.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
Copyright B. Wilkinson, This material is the property of Professor Barry Wilkinson (UNC-Charlotte) and is for the sole and exclusive use of the students.
Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –
1 Directory related work in the Global Grid Forum 3rd TF-LSD Meeting in Antalya Peter Gietz
Rodney Neal Office 365 for Education Montgomery County Schools
TUESDAY 24 APR 2012 COLLABORATION IS HAPPENING: UPDATES FROM THE FIELD AND BEYOND HEATHER FLANAGAN INTERNET2 HAROLD TEUNISSEN SURFNET.
Widely Distributed Access Management Tom Barton University of Chicago.
Presenter’s Name InCommon Approximately 80 members and growing steadily More than two million “users” Most of the major research institutions (MIT joining.
CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,
Understanding Active Directory
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
#CONVERGE2014 Session 1304 Managing Telecom Directories in a Distributed or Multi-Vendor Environment David Raanan Starfish Associates.
Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.
Intro to Identity for Developers Tom Barton, U Chicago Scott Cantor, Ohio State Patrick Michaud, U Washington.
Authorization Scenarios with Signet RL “Bob” Morgan University of Washington Internet2 Member Meeting, September 2004.
Introduction to Grouper Part 1: Access Management & Grouper Tom Barton University of Chicago and Internet2 Manager – Grouper Project.
Networked Application Architecture Design. Application Building Blocks Application Software Data Infrastructure Software Local Area Network Server Desktop.
I2/NMI Update: Signet, Grouper, & GridShib Tom Barton University of Chicago.
Maturation & Convergence in Authentication & Authorization Services in US Higher Education: Keith Hazelton, Sr. IT Architect, University.
CIS 375—Web App Dev II Microsoft’s.NET. 2 Introduction to.NET Steve Ballmer (January 2000): Steve Ballmer "Delivering an Internet-based platform of Next.
External Identity and Authorization in GENI. Topics Federated identity and virtual organizations ABAC Creating and transporting attributes.
Gee, I could have had a VO: Cloud- based COmanage Chris Hubing and Jim Leous.
TNC2004 Rhodes 1 Authentication and access control in Sympa mailing list manager Serge Aumont & Olivier Salaün May 2004.
Federated Identity and the International Research Community Dr Ken Klingenstein Director, Internet2 Middleware and Security.
VO and Internet2 Middleware. Presenter’s Name Topics Motivations for Internet2 Middleware work Federated identity and InCommon Other IdM Groups, privileges,
Shibboleth Update Michael Gettes Principal Technologist Georgetown University Ken Klingenstein Director Interne2 Middleware Initiative.
Installation and Development Tools National Center for Supercomputing Applications University of Illinois at Urbana-Champaign The SEASR project and its.
Grouper Training Developers and Architects Advanced Topics Chris Hyzer Internet2 University of Pennsylvania This work licensed under a Creative Commons.
Running List of Comanage Framework Stuff. Parked issues Discussion of how to share the work of domesticating apps - real important to do soon, but the.
Using Grouper and Signet for Access Management Kathryn Huxtable GPN Annual Meeting 30 May 2008
Collaborative Platforms. Collaborations and Virtual Organizations IdM is a critical dimension of collaboration, crossing many applications.
@ 2008 Copyright NIC I Do not distribute without permission E-Services for Transforming to the Next Generation Government “A Case Study of India” Suchitra.
Kuali Rice A basic overview…. Kuali Rice Mission First and foremost to provide a consistent development framework and common middleware layer for Kuali.
Identity and Access Management Siddharth Karnik. Identity Management -> Oracle Identity Management is a product set that allows enterprises to manage.
NMI End-to-End Diagnostic Advisory Group BoF Fall 2003 Internet2 Member Meeting.
Taking Care of Our Core Business: Managing Collaborations Dr. Ken Klingenstein, Senior Director, Internet2 Middleware and Security.
FSU Metadirectory Project The Issue of Identity Management Executive Overview.
Grouper Tom Barton University of Chicago. I2MM Spring Outline  Grouper’s place in the world  Some Grouper guts  Deployment scenarios.
Grouper Training Developers and Architects Integration Chris Hyzer Internet2 University of Pennsylvania This work licensed under a Creative Commons Attribution-NonCommercial.
Shibboleth & Federated Identity A Change of Mindset University of Texas Health Science Center at Houston Barry Ribbeck
Running List: Comanage Stuff Framework – Services - Appliance.
Internet2 and Cyberinfrastructure Russ Hobby Program Manager,
ISC-ASTT PennGroups Central Authorization System (Grouper) June 2009.
FROM MIT KERBEROS TO MICROSOFT ACTIVE DIRECTORY The Pennsylvania State University’s move from a lower case MIT Kerberos realm to a Standard Microsoft Active.
University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.
Apereo Grouper Seminar Part 3 – Hands on Grouper Chris Hyzer University of Pennsylvania and Internet2.
Current Middleware Picture Tom Barton University of Chicago Tom Barton University of Chicago.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter One Introduction to Exchange Server 2003.
© Copyright AARNet Pty Ltd PRAGMA Update & some personal observations James Sankar Network Engineer - Middleware.
2-Oct-0101 October 2001 Directories as Middleware Keith Hazelton, Senior IT Architect University of Wisconsin-Madison Keith Hazelton, Senior IT Architect.
1 Copyright © 2012 Tata Consultancy Services Limited Windchill Architecture.
Building web applications with the Windows Azure Platform Ido Flatow | Senior Architect | Sela | This session.
Fall 2009 Internet2 Member Meeting - 8, October Using Sympa as a VO manager Serge Aumont, David Verdin - CRU Fall 2009 Internet2 Member Meeting -
Collaboration and Federated Identity Two powerful forces being leveraged – the rise of federated identity – the bloom in collaboration tools, most particularly.
COmanage: Vision & Strategy July 2010, COmanage Dev Call.
LIGO Identity and Access Management
Introducing Access Management
I2/NMI Update: Signet, Grouper, & GridShib
Topics The simple life The Simple Life GUI The full IdM life
Central Authorization System (Grouper) June 2009
Guests and Collaborators
Shibboleth Deployment Overview
Presentation transcript:

~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant messaging, voice conferencing services 4.Doesn’t want to be in the identity issuance business for external collaborators 5.Need to allow external + internal collaborators to use same service instances A Short description of Internet2

A Middleware Unified Field Theory Identity Management / Directories Privileges / Groups Single Sign-On / Federation Diagnostics Enterprise Integration from network to application Michael R Gettes Internet2 October 2007 An interpretation of the original MACE mission

What do we want? Inter-Enterprise Workgroup Collaborations not sexy

or C ollaborative O rganizations CO

Identity Groups Privileges Federated Access

and … Applications “It’s the App stupid!”

Give COntrol To COmmunity Members

Integrate with Existing COmmon IT Infrastructures in Higher Education

Flexible Scalable Modular

COmponents S H I B B O L E T H LDAP-PC Signet Grouper LDAP Directory Identity Mgr Applications & Network COCO

stop talking start walking demo COmanage.internet2.edu

COmponents S H I B B O L E T H LDAP-PC Signet Grouper LDAP Directory Identity Mgr Applications & Network COCO

Comanage … is only a demonstration of the CO model a CO fits within a service delivery strategy

Application Management App Access to data is managed by LDAP (initially) Identity data can be distributed by any desired mechanism in the future. SQL databases, feeds, message bus technologies.

Truth be told… LDAP-PC Large-Scale Performance and namespaces SIGNET Minor UI and Deployment GROUPER Some UI and Large-scale Performance SIGNET only immediate concern

Many COs on a single server (if you wanna do that) Grouper/Signet/LDAP-PC Identity Mgr Grouper/Signet/LDAP-PC LDAP Application set

No local identity issued for external users to access CO services big win! O=University,c=US ou=People(this is where 50K fac/staff/stu might reside) ou=CO(external identities for CO go here) ou=Groups(a place to store groups for all) Example directory tree for CO environment Applications pointed here for identities yields the union of internal and external

Future… Begin addressing issues of “attribute eCOnomy” Protect CO by Identity Provider… can solve “IEEE problem”? Web site wants to know: Are you a member of IEEE? My University IEEE-CO This org has membership data but does not manage identity - a CO with only external users. User Home Identity Provider

Diagnostics Lifting up shib log files and making EDDY deposits Creating a unified and federated view of diag data Network data: flows, snort, snmp System stats: cpu, i/o, mem, etc… Infrastructure: shib, ldap, authN, etc… Application: http, confluence, sympa, calendar etc, etc, etc…

Network Layer? Why not? Integrate with Grids? Why not? Addresses VO scenarios? Why not?

V O VO? CO

Make your opinion known… Should Internet2 use COmanage for service delivery? Rick Summerhill Cheryl Fremon and and

it’s all about /me done Talk amongst yourselves

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.