Presentation is loading. Please wait.

Presentation is loading. Please wait.

Federated Identity to Support Collaboration in the CIC

Similar presentations


Presentation on theme: "Federated Identity to Support Collaboration in the CIC"— Presentation transcript:

1 Federated Identity to Support Collaboration in the CIC
Tim Newcomb, CIC Marko Stojkovic, CIC Rahul Doshi, Indiana University Copyright Tim Newcomb, Marko Stojkovic, Rahul Doshi This work is the intellectual property of the authors. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the authors." Member schools of CIC, the Committee on Institutional Cooperation, have joined the InCommon Federation and are federating their first application together! CICme, the CIC's online collaboration tool, based on Microsoft SharePoint, was selected first for its ability to allow all CIC users to use their home usernames and passwords to access a wide range of interactive tools to support their work. We will discuss the goals of the project, the issues we faced, and the technology and processes we developed to implement our federated solution.

2 Agenda About the CIC CICme built on MS SharePoint & Shibboleth
Overview/Demo of CICme Solution Challenges Faced Q & A

3 What We Do Leverage resources for cost efficiency
Share resources such as laboratories and libraries Accelerate the adoption of best practices Provide academic leadership for the region University of Chicago University of Illinois Indiana University University of Iowa University of Michigan Michigan State University University of Minnesota Northwestern University Ohio State University Pennsylvania State University Purdue University University of Wisconsin-Madison

4 Based on Microsoft SharePoint (WSS 3.0)
CIC groups share documents and other resources CICme sites are private – only CIC group accessible Accessible by Federated and Non-Federated users alike

5 Why Federate CIC Institutions ?
Create common authentication framework Reduce user hassle by using familiar campus logins Allow local campus to set login security requirements

6 Peer Collaboration UIUC Purdue UC Mich PSU IU NWU Iowa OSU MSU Minn
UW-Mad Mich PSU IU NWU Iowa OSU MSU Minn

7 CIC Collaboration CICme UIUC Purdue UC Mich PSU IU NWU Iowa OSU MSU
UW-Mad Mich PSU CICme IU NWU Iowa OSU MSU Minn

8 InCommon Federation Unites Authentication
UC UW-Mad UIUC Purdue IU CICme PSU Iowa OSU Mich NWU MSU Minn

9 CICme Federation Timeline
Spring 2008 Selection of CICme as pilot application Summer 2008 All CIC members join InCommon Fall 2008 Design membership provider based on MS SQL provider for CICme Feb 17, 2009 CICMe conversion to Federated access complete Next Steps Potential projects: Attribute Release Standardization Cross-Registration for Courses HathiTrust (SDR)

10 Solution Overview CICme ASP.NET Forms Authentication
ASP.NET Authorization Direct (username/pwd) Shibboleth SQL Role Provider SQL Membership Provider SQL Membership DB (users and roles)

11 Solution Overview – Cont.
Shibboleth Lazy Session Attributes eduPersonPrincipalName (ePPN) as username

12 Authentication Process
Local Campus Login System Username (ePPN) Locate User in Memb. Db Federated User CICme Login Page ASP.NET Forms Authentication Authorization Non-Federated User SQL Role Provider Direct Authentication SQL Membership Provider Username + Password Requested CICme Page

13 Demonstration

14 Challenges Faced Logout – similar to sso logout issues
User profile information

15 Migration Strategy for CICme Users
How do we collect ePPN ? search match Copy roles and profile Request Access Minimize Attribute release

16 Next Steps Facilitate development of CIC wide attribute release standardization Federate more CIC wide applications

17 Contact us: Tim Newcomb, Network Analyst tdnewk@staff.cic.net
Marko Stojkovic, Information Technology Specialist Committee on Institutional Cooperation 1819 South Neil Street, Suite D Champaign, IL Phone:

18 Contact us: Rahul Doshi Lead Analyst Identity Management Systems

19 Resources CIC: http://www.cic.net/
InCommon: CIC Article “One Password Fits All”

20 Thank you! Questions?

21 Appendix


Download ppt "Federated Identity to Support Collaboration in the CIC"

Similar presentations


Ads by Google