CAMP-Shib, Broomfield CO, 30-Jun-041 Exploring some Shibbolized portals models… John Paschoud PERSEUS Project, LSE Library.

Slides:

Advertisements

Similar presentations

Authorisation Models for National Scale Services Alan Robiette Joint Information Systems Committee

Advertisements

Shibboleth at Cardiff University Lindsay Roberts Project Manager – Shibboleth Implementation Phase 2.

PERSEUS : Portal-enabled Resources via Shibbolized End-user Security 16 May 2005JISC Core Middleware Programme Meeting, Loughborough 1 PERSEUS Project.

Joint Information Systems Committee 01/04/2014 | slide 1 Support e-Research at JISC Access Management and Security Joint Information Systems CommitteeSupporting.

Joint Information Systems Committee Supporting Higher and Further Education Portals and the JISC Information Environment Strategy Chris Awre Programme.

Subject Based Information Gateways in The UK Coordinated Activities in The UK Within the UK Higher Education community, the JISC (Joint Information Systems.

Joint Information Systems Committee Supporting UK Further and Higher Education JISC Information Environment and Architecture, part 1 Alicia Wise and Andy.

Next Generation Athens Services Ed Zedlewski UK e-Science Town Meeting, London, 11 April 2005.

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.

Joint Information Systems Committee 25/08/2014 | slide 1 JISC Core Middleware Programme Meeting Middleware in Development Joint Information Systems CommitteeSupporting.

KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.

PERSEU S : Portal-enabled Resources via Shibbolized End-user Security 17 March 2005IAMSECT Dissemination Event, Newcastle 1 Access to library resources:

1 Collaborators at the Gates of Troy: Extending eServices at USC.

JISC Metaleth Project Athens, Shibboleth and the University of Bristol 29 th January 2007.

ICDL 2004, New Delhi1 Access Management for Digital Libraries in a well-connected World John Paschoud SECURe Project London School of Economics Library.

Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (

Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.

June 30, 2004CAMP Shibboleth Implementation Workshop Shibboleth Mockup - ARP GUI Management by Steven Carmody Brown University proxy Walter Hoehn.

Shibboleth Update a.k.a. “shibble-ware”

Educause 2006, Dallas TX What does a University need from Access Management? John Paschoud InfoSystems Engineer, LSE Library London School of Economics.

Project Shibboleth Update, Demonstration and Discussion Michael R Gettes Duke University (on behalf of the entire shib team!!!) June.

Supporting further and higher education Current A&A Developments in the UK Alan Robiette, JISC Development Group.

Supporting further and higher education Authentication & Authorisation for JISC and UK e-Science Alan Robiette, JISC Development Group.

Implications for UK infrastructure No more dependency on the VERY LARGE centralised database of Athens Need for implementation of a national WAYF service.

Gary Brown, Senior Systems Developer, Portal Development Team Identity Management Toolkit a JISC sponsored project.

Australian Access Federation Robert Hazeltine Identity and Access Management Enterprise Systems Office.

PERSEU S : Portal-enabled Resources via Shibbolized End-user Security 3 May 05Spring 2005 Internet2 Member meeting 1 News from the ‘misty’ Albion: Shibboleth.

October 2007 Dr. Uwe Hübner Evolution of University Management Systems.

Supporting further and higher education UK Middleware Update TF-EMC2 Meeting, 4 November 2004 Alan Robiette, JISC Development Group.

2005 © SWITCH Perspectives of Integrating AAI with Grid in EGEE-2 Christoph Witzig Amsterdam, October 17, 2005.

Supporting further and higher education Middleware and AA within the JISC Environment Nicole Harris, JISC Development Group.

Shibboleth Update Michael Gettes Principal Technologist Georgetown University Ken Klingenstein Director Interne2 Middleware Initiative.

UCLA Enterprise Directory Identity Management Infrastructure UC Enrollment Service Technical Conference October 16, 2007 Ying Ma

NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.

Shibboleth On-line Authentication System Jon Browne Senior Consultant Drew Heald BSc (Hons), MPhil, MCP Systems Developer IBIS Business Consultants Ltd.

Shibboleth A word which was made the criterion by which to distinguish the Ephraimites from the Gileadites. The Ephraimites, not being able to pronounce.

Portal-based Access to Advanced Security Infrastructures John Watt UK e-Science All Hands Meeting September 11 th 2008.

Shibboleth at Columbia Update David Millman R&D July ’05

MAT U M A T U Middleware Assisted Take-Up Service For JISC Funded Early Adopters.

US of A and A Activities Ken Klingenstein, Director Internet2 Middleware Initiative.

Shibboleth: Status and Pilots. The Golden Age of Plywood.

Project Shibboleth Update, Demonstration and Discussion Michael Gettes May 20, 2003 TERENA Conference, Zagreb, Croatia Michael Gettes.

Shibboleth: Early Experience at OSU Scott Cantor October 28, 2002 Scott Cantor October 28, 2002.

1 Protection and Security: Shibboleth. 2 Outline What is the problem Shibboleth is trying to solve? What are the key concepts? How does the Shibboleth.

Shibboleth A word which was made the criterion by which to distinguish the Ephraimites from the Gileadites. The Ephraimites, not being able to pronounce.

Intra- to Inter-institutional Use of Shibboleth Bruce Vincent, Stanford University June 28, 2006.

Shibboleth at USMAI David Kennedy Spring 2006 Internet2 Member Meeting, April 24-26, 2006 – Arlington, VA.

The UK Access Management Federation John Chapman Project Adviser – Becta.

Shibboleth & Federated Identity A Change of Mindset University of Texas Health Science Center at Houston Barry Ribbeck

JISC Shibboleth Briefing, 12-Mar Everything I always wanted to know about Shibboleth John Paschoud SECURe Project, LSE Library …but was afraid to.

Current Middleware Picture Tom Barton University of Chicago Tom Barton University of Chicago.

Shibboleth Update January, 2001 Ken Klingenstein, Project Director, Internet2 Middleware Initiative Chief Technologist, University of Colorado at Boulder.

InCommon® for Collaboration Institute for Computer Policy and Law May 2005 Renee Shuey Penn State Andrea Beesing Cornell David Wasley Internet 2.

Supporting education and research The JISC Core Middleware Call Brian Gilmore The University of Edinburgh and JISC Committee for Support of Research.

Shibboleth at USMAI David Kennedy Spring 2006 Internet2 Member Meeting, April 24-26, 2006 – Arlington, VA.

Shibboleth for Middle Schools James Burger -

Slide 1, July 20th 2004 Climbing the slope PEPC 2004, Nottingham Climbing the Slope of Increasing Realism LSE for You – the story continues… Chris Cobb.

Shibboleth Use at the National e-Science Centre Hub Glasgow at collaborating institutions in the Shibboleth federation depending.

ALPSP Effective Customer Authentication 15-Jul The (now… then…) next of Authentication: Shibboleth John Paschoud SECURe Project, LSE Library.

Joint Information Systems Committee Repositories Support Project Summer School 2008 Amber Thomas, JISC.

David Millman—Columbia January 2005

e-Infrastructure Workshop 28th March 2006, University of Leeds

ESA Single Sign On (SSO) and Federated Identity Management

Michael R Gettes, Duke University On behalf of the shib project team

UK Federation 101 Ian A. Young EDINA, University of Edinburgh (and the UK Federation) Internet2 Fall Member Meeting, 7 Dec Shibboleth Development.

Supporting Institutions Towards a Shibbolized Infrastructure

Shibboleth Deployment Overview

Shibboleth: Status and Pilots

The JISC Core Middleware Call

Presentation transcript:

CAMP-Shib, Broomfield CO, 30-Jun-041 Exploring some Shibbolized portals models… John Paschoud PERSEUS Project, LSE Library

CAMP-Shib, Broomfield CO, 30-Jun-042 [What it says on the box] This session will cover two frequently asked Shibboleth software-related questions: How can I use Shibboleth with my portal? What tools can I use to more easily manage my campus attribute release policies (ARP)? Attendees will leave with strategies for integrating portals and see the new graphical user interface under development for ARP management and provide feedback on it. ???????

CAMP-Shib, Broomfield CO, 30-Jun-043 PERSEUS Project Portal-Enabled Resources via Shibbolized End-User Security Extending Shibboleth to provide a test vehicle for policy-driven target authorisation decisions Shibboleth-based access-management to information resources via an institutional portal, using uPortal –SigNet? –PERMIS? Authority management for “short-term virtual organisations” –LSE Alumni Special Interest Groups

CAMP-Shib, Broomfield CO, 30-Jun-044 PERSEUS Project Follows-on from JISC SECURe Project at LSE JISC funding: £250K ($450K) over 2 years –Starting, errr, tomorrow Part of JISC Core Middleware:Technology Development Programme –…fitting within JISC Common Information Environment Using LSE as a testbed –Users (‘only’ about 10K directory identities) –Infrastructure –Resource licenses Producing: –Documented, scaleable campus models –Contribution to OSS developments of uPortal and SigNet

CAMP-Shib, Broomfield CO, 30-Jun-045 Powell, A, July 2003 (from UKOLN website) JISC Common Information Environment

CAMP-Shib, Broomfield CO, 30-Jun-046 [LSE for You portal] LSE administrative portal for staff & students…

CAMP-Shib, Broomfield CO, 30-Jun-047 Portal CMS content CLR Organisational Domain Unicorn library data CLR CLR = Collection-Level Registry SITS student data CMS content CMS = Content Management System Organisational Domain CLR Organisational Domain EDMS committee docs Jstor E-journals Supported std protocols; Custom proprietary interfaces Shibboleth YaleCAS LSE MIKE architecture

CAMP-Shib, Broomfield CO, 30-Jun-048 [LSE MIKE: Study view] LSE MIE: end-user ‘Study’ view

CAMP-Shib, Broomfield CO, 30-Jun-049 [LSE MIKE: Life view] LSE MIE: end-user ‘Life’ view

CAMP-Shib, Broomfield CO, 30-Jun-0410 portal CMS content CLR (eg) Organisational Domain Voyager library data CLR = Collection-Level Registry CMS = Content Management System (generalised, typical) Organisational Domain (eg)Jstor e-journals Shib AA (+ authority manager) YaleCAS (web ISO) Extensible n-tiered Shibbolized portal architecture CMS (external resources) LDAP enterprise directory SOSO STST = Shib Origin = Shib Target STST SITS student data STST SOSO SOSO STST SOSO HR staff data content STST STST STST STST CLR (eg) CMS STST content CMS STST content

CAMP-Shib, Broomfield CO, 30-Jun-0411 Portal interop models Bi-lateral short-term courses –LSE-Columbia Anthropology teaching project Regional resource-access deals –InforM25 London libraries National content licenses –EDINA, MIMAS data services Trans-national consortia –NEREUS portal for European Economics Research

CAMP-Shib, Broomfield CO, 30-Jun-0412 Portal interop models Regional inter-library portal: InforM25 Subject-specialized research portal: NEREUS Shib-enabled resource non-Shib resource Campus ‘access-to- everything’ portal: LSE MIKE Shib-enabled proxy UK DSP resources Columbia Anthropology resources

CAMP-Shib, Broomfield CO, 30-Jun-0413 Alumni groups as Virtual Organizations 2,500/year registered with LSE Library 4,000 alumni accounts Special interest groups –(e.g.) LSE Lawyers Group –(e.g.) American Friends of LSE –Self-administering –Semi-autonomous –Loose contractual relationships –…but politically highly significant / powerful

CAMP-Shib, Broomfield CO, 30-Jun-0414 Implications for Federation models How do we manage many (conflicting?) Federation policies? –Bi-lateral –National –Trans-national How do we present users with a (single?) manageable ARP UI? How (do?) we map across different namespaces / vocabularies? …for: –Roles? –Entitlements?

CAMP-Shib, Broomfield CO, 30-Jun-0415 InforM25 ‘Visit a library’ (Access Eligibility Tool) Who can reference/borrow/order What? - at a library other than their own university? 150+ academic library sites 52 institutions hosting users 5 different consortial access schemes –SCONUL(x2), M25, UoL, UKLibs+ …plus numerous ad-hoc agreements between 2 or more libraries …and that’s just in London! An example of AuthoriZation, uncluttered by AutheNtication, for print resources in ‘traditional’ libraries Illustrates some of the problems we need to solve, to model the complexity of existing real-world ‘federations’

CAMP-Shib, Broomfield CO, 30-Jun-0416 InforM25 Val datamodel LSE u/g f/t students LSE M25 Scheme Joanna Brown belongs-to SOAS Library LSE u/g f/t students borrow grants-right-to to Kings Library M25 Scheme reference grants-right-to to

CAMP-Shib, Broomfield CO, 30-Jun-0417 InforM25 ‘Visit a library’ Demo example: Postgraduate, Researcher, full-time …affiliated to LSE …visiting Royal Holloway College

CAMP-Shib, Broomfield CO, 30-Jun-0418 What is shibboleth? (Biblical) A word which was made the criterion by which to distinguish the Ephraimites from the Gileadites. The Ephraimites, not being able to pronounce “sh”, called the word sibboleth. See --Judges xii. Hence, the criterion, test, or watchword of a party; a party cry or pet phrase. Webster's Revised Unabridged Dictionary (1913) [Judges, ch12, v5-6 (New American Standard)] The Gileadites captured the fords of the Jordan opposite Ephraim. And it happened when {any of} the fugitives of Ephraim said, "Let me cross over," the men of Gilead would say to him, "Are you an Ephraimite?" If he said, "No," then they would say to him, "Say now, 'Shibboleth.' " But he said, "Sibboleth," for he could not pronounce it correctly. Then they seized him and slew him at the fords of the Jordan. Thus there fell at that time 42,000 of Ephraim.

CAMP-Shib, Broomfield CO, 30-Jun-0419 What are shibboleths? (Political) The greatest needs of the Collectivist movement in England appear to me: The diffusion of economic and political knowledge of a real kind - as opposed to Collectivist shibboleths, and the cant and claptrap of political campaigning. [Sidney Webb: memorandum to LSE Trustees meeting on 8th Feb 1894]

CAMP-Shib, Broomfield CO, 30-Jun-0420 [Further information] SECURe: UKeduPerson scoping study: JISC Middleware and Shared Services Studies: InforM25 ‘Visit a library’: LSE: JISC Common Information Environment: JISC Core Middleware Programmes: