Presentation is loading. Please wait.

Presentation is loading. Please wait.

Shibboleth Project at GSU

Published byAngelica Potter Modified over 6 years ago

Similar presentations

Presentation on theme: "Shibboleth Project at GSU"— Presentation transcript:

1 Shibboleth Project at GSU
Art Vandenberg Director, Advanced Campus Services Information Systems & Technology Georgia State University A.Vandenberg March 14, 2003

2 Overview “Shibboleth” – the word Shibboleth – the project
Internet2/IBM Middleware collaboration Beginnings in Fall 2000 Component of NSF Middleware Initiative (NMI) Integration Testbed Program Inter-institutional sharing of web resources A.Vandenberg March 14, 2003

3 Key Concepts Federated administration
Access control based on attributes Active management of privacy – Origin site & user control release of data Standards based – OpenSAML (security access markup language) Framework for scaleable Trust & Policy (Clubs) Standard (extensible) AttributeValue Vocabulary – eduPerson LDAP objectClass A.Vandenberg March 14, 2003

4 Problem Space Access to digital library resources from off campus
Using distance education courseware Accessing research web site Accessing co-taught class web site at another university A.Vandenberg March 14, 2003

5 Current solutions – issues
IP-based access – spoofable, limiting Proxy servers – how many do you need…? Shared or group accounts & passwords – no accountability, poor auditability, low level assurance Additional accounts – management hassles, synchronization complexity, too many accounts for user A.Vandenberg March 14, 2003

6 Shibboleth Solution Access without proxy Leverage local authentication
Access based on role attributes Enables access from anywhere on web User can dynamically review/limit release of identifying information (privacy) Reduced logins A.Vandenberg March 14, 2003

7 Architecture Sun Solaris or Red Hat Linux Apache, Tomcat, J2SE
Enterprise single signon (SSO) or WebISO (initial signon) Enterprise directory service (LDAP, mySQL) Target vs. Origin sites A.Vandenberg March 14, 2003

8 From: Shibboleth Architecture v5 Scott Cantor and Marlena Erdos, 13 May 2002

9 Current Status Shibboleth architecture doc v05 - May 2002
Test deployments - v 0.7, v 0.8 WebCT, EBSCO, OCLC, Elsevier… Georgia State implementation A.Vandenberg March 14, 2003

10 Access Web Resource

11 Redirect to WAYF

12 Handle Service: Login

13 Local Authentication

14 Access to Web Resource

15 Access without re-login

16 Shibboleth – GSU goals Implement v 0.8 origin
Authenticate using CampusID Attributes via eduPerson LDAP Pilot with vendors or applications: “affiliation=member” access to EBSCO, Elsevier, OCLC, WebCT, IS&T intranet…? …Implement Attribute Release Policies Be technical resource for Shibboleth A.Vandenberg March 14, 2003

17 Shibboleth – next steps. Q&A Art Vandenberg avandenberg@gsu
Shibboleth – next steps? Q&A Art Vandenberg Victor Bolet A.Vandenberg March 14, 2003

Download ppt "Shibboleth Project at GSU"

Similar presentations

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
ELAG Trondheim 2004 1 Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.

ELAG Trondheim Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.
Access management for repositories: challenges and approaches for MAMS James Dalziel Professor of Learning Technology and Director, Macquarie E-Learning.

Access management for repositories: challenges and approaches for MAMS James Dalziel Professor of Learning Technology and Director, Macquarie E-Learning.
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.

Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
A.Vandenberg August 7, 2001 HE PKI Summit 20021 State of Georgia and PKI Art Vandenberg Director, Advanced Campus Services Information Systems & Technology.

A.Vandenberg August 7, 2001 HE PKI Summit State of Georgia and PKI Art Vandenberg Director, Advanced Campus Services Information Systems & Technology.
Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (http://www.ag-nbi.de)http://www.ag-nbi.de.

Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (
Shibboleth: EBSCOhost implementation Lech Wojtowicz Director of Software Development EBSCO Publishing Access 2003 October 3, 2003.

Shibboleth: EBSCOhost implementation Lech Wojtowicz Director of Software Development EBSCO Publishing Access 2003 October 3, 2003.
Art VandenbergNMI Integration Testbed – “Finale” Results Workshop, Sept 30-Oct 1, 2004 Austin, Texas 1 Georgia State University Sharing Resources – Sharing.

Art VandenbergNMI Integration Testbed – “Finale” Results Workshop, Sept 30-Oct 1, 2004 Austin, Texas 1 Georgia State University Sharing Resources – Sharing.
Shibboleth-intro-dec051 Shibboleth A Technical Overview Tom Scavo NCSA.

Shibboleth-intro-dec051 Shibboleth A Technical Overview Tom Scavo NCSA.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.

3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.
Mairéad Martin The University of Tennessee September 13, 2015 Federated Digital Rights Management.

Mairéad Martin The University of Tennessee September 13, 2015 Federated Digital Rights Management.
7 October 2015 Shibboleth. Agenda  Shibboleth Background and Status  Why is Shibboleth Important (to Higher Ed)?  Current Pilots Course Management.

7 October 2015 Shibboleth. Agenda  Shibboleth Background and Status  Why is Shibboleth Important (to Higher Ed)?  Current Pilots Course Management.
Using AS 10g with EBS What are the Benefits of Integrating AS 10g with Oracle Applications?

Using AS 10g with EBS What are the Benefits of Integrating AS 10g with Oracle Applications?
Shibboleth: Installation and Deployment Scott Cantor July 29, 2002 Scott Cantor July 29, 2002.

Shibboleth: Installation and Deployment Scott Cantor July 29, 2002 Scott Cantor July 29, 2002.
Shibboleth Update Michael Gettes Principal Technologist Georgetown University Ken Klingenstein Director Interne2 Middleware Initiative.

Shibboleth Update Michael Gettes Principal Technologist Georgetown University Ken Klingenstein Director Interne2 Middleware Initiative.
NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.

NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.
Shibboleth A Federated Approach to Authentication and Authorization Fed/Ed PKI Meeting June 16, 2004.

Shibboleth A Federated Approach to Authentication and Authorization Fed/Ed PKI Meeting June 16, 2004.
Shibboleth for Real Dave Kennedy

Shibboleth for Real Dave Kennedy
Internet2 CAMP Shibboleth Scott Cantor (Hey, that’s my EPPN too.) Tom Dopirak Scott Cantor (Hey, that’s my.

Internet2 CAMP Shibboleth Scott Cantor (Hey, that’s my EPPN too.) Tom Dopirak Scott Cantor (Hey, that’s my.

Similar presentations

Ads by Google