Presentation is loading. Please wait.

Presentation is loading. Please wait.

Updates on Shib, a bit of InCommon and International Federations

Published byMillicent Dawson Modified over 5 years ago

Similar presentations

Presentation on theme: "Updates on Shib, a bit of InCommon and International Federations"— Presentation transcript:

1 Updates on Shib, a bit of InCommon and International Federations

2 Topics Shib 2.0 and Autograph Non-federal aspects of InCommon
International peering Others will do InCommon and the US Gov, Usher, etc…

3 State University Federations
State university federations - Texas, California, CSU, etc Leverage existing infrastructure in both policies and shared applications Some, such as the California Digital Marketplace, reach very broad populations

4 InCommon US R&E Federation www.incommon.org Members join a 501(c)3
Addresses legal, LOA, shared attributes, business proposition, etc issues Approximately 55 members and growing A low percentage of national Shib use…

5 InCommon Members 5/1/07 Case Western Reserve University
Clemson University Cornell University Dartmouth Duke University Florida State University Georgetown University Indiana University Miami University New York University Ohio University Penn State Stanford University Stony Brook University SUNY Buffalo Texas A&M The Ohio State University The Johns Hopkins University The University of Chicago University of Alabama at Birmingham University of California, Davis University of California, Irvine University of California, Los Angeles University of California, Merced University of California, Office of the President University of California, Riverside University of California, San Diego University of Maryland University of Maryland Baltimore County University of Maryland, Baltimore University of Rochester University of Southern California University of Virginia University of Washington University of Wisconsin - Madison Cdigix EBSCO Publishing Elsevier ScienceDirect Houston Academy of Medicine - Texas Medical Center Library Internet2 JSTOR Napster, LLC OCLC OhioLink - The Ohio Library & Information Network ProtectNetwork Symplicity Corporation Thomson Learning, Inc. Turnitin WebAssign

6 Key aspects of InCommon
Federating software Shib 1.2+ (other possibilities in the future) Shared attributes and schema eduPerson right now Levels of authentication POP (participant operational practices) for LOA-today InCommon Bronze and Silver will map to LOA 1 & 2 Management Steering committee of members IT executives Operations staffed by Internet2

7 InCommon Management/Governance
Steering Committee of campus/vendor CIO’s and policy people – sets policies for membership, business model, etc. Technical advisory committee - Sets common member standards for attributes (eduPerson 2.0) , identity management good practices, etc.

8 Shibboleth Shib 1.3 widely deployed; 1.2 still common
Along the way, other capabilities added: ADFS compatibility for WS-Fed, (MS $) Eauthentication certification (with waiver form:)) Shib 2.0 completes the SAML+Shib integration More compatible with COTS SAML 2.0 products than they are with each other A Shib/SAML to TCP/IP analogy isn’t bad; Shib adds multi-party federation support through metadata, ARPS, etc. Also eases support for n-tier, non-web and other capabilities Alpha for Unix and Windows now being released

9 The Shibboleth 2.0 Sidebar
Support for the attribute ecosystem attribute handling, including policy, in both SP and IdP designed to be reusable for other protocols (eg CardSpace) sets stage for further work on multiple attribute sources, reputation management, etc. All Java SP (in addition to current Java/Apache), easing integration for some applications Trust management PKI still seems too hard, even at the simpler enterprise level Supports a broad set of trust choices – CA’s, certs, plain keys, managing site metadata (naming, acquisition, validating) A product of years of painful experience 

10 Federated Applications
Mostly access controls to content The first shibbed collaborative apps are appearing… Several wikis Digital repositories such as DSpace and Fedora Learning Management Systems such as WebCT IM, p2p fileshare (Lionshare), CVS Grid-Shib integration in several ways SIP based tools (videoconferencing, audioconferencing) within reach Bootstrapping from duct tape sometimes a problem

11 Membership in InCommon
53 members, perhaps 25 million students covered, growing slowly but steadily Some interesting discussions Apple, Google, Microsoft all as SP’s The assertion of student-ness National Energy Labs, as IdP’s and SP’s And off in testshib… The Navy, Google, …

12 International Federations
Many nations now have federations; OECD and the UN are looking at ways to address the other Status ranges from fully developed (Finland, Switzerland, Norway, Netherlands) to rapidly growing (France, UK) to struggling but moving forward (Denmark, Belgium) to just starting (Germany, Italy) Several uses cases are already emerging for interfederation arrangements Wikis, grids…

13 Key takeaways: state of the R&E world state of the commercial world
9-9:30 Welcome and intros Desired Outcomes: a prototype agreement between federations that all attendees can take back to their federation for discussion. 9:30-10:30. A Few Federation Updates, with some emphasis on interfederation or inter-sector issues FEIDE UK Access Manage InCommon Liberty Instances. Others? Key takeaways: state of the R&E world state of the commercial world 11:00-11:30 Use cases Common Interfederation needs Use of proxies 11:30 -12:00 Agreement on terms Categories of relationships between federations (peering, overlapped, leveraged, confederation, hierarchical, etc.) Multi-homed institutions pros and cons Transitivity situations necessary? desirable? Categories of policy issues Service models - trust broker, bulk services provider, etc. Business models uniform fees, RP pays, subsidized, etc.

14 Afternoon of International Peering
Attributes Validity requirements Eppn policy Privacy requirements Special identifiers User specified? RP specified? Transient? LOA Credentials? Attributes? Both?? POP management and/or requirements Standard levels: Can we agree...?? Audit: requred? who does it? who sees it? Federation practices in support of LOA Standard practises between federations

15 Late afternoon international peering
Legal and Financial Liability issues Financial Considerations (dues, transactions, etc) Dispute Resolution Can the federation commit its members? Working with commercial federations? Non NREN academic federations? Kinda technical issues WAYF Trust anchors (use of commercial CA’s) Help desk and problem resolution Wrap-ups and Next Steps OECD? UN? OASIS? etc. Where to continue and how Who's got the ball? Nice dinner if we’ve earned it…

16 Collaboration tools Expanding enterprise and federated versions of popular tools Adding identity, group and privilege management Providing security and privacy Adding the middleware extensions for virtual organizations Integrating the VO life with the campus life in portals, videoconferencing, etc.

17 VOs plumbed to federations

Download ppt "Updates on Shib, a bit of InCommon and International Federations"

Similar presentations

The Basics of Federated Identity. Overview of Federated Identity and Grids Workshop Session 1 - for all Basics and GridShib Session 2 – more for developers.

The Basics of Federated Identity. Overview of Federated Identity and Grids Workshop Session 1 - for all Basics and GridShib Session 2 – more for developers.
The Art of Federations. Topics Federations of what… Federated identity versus federations Federations in other sectors – business, gov, ad hoc R&E Federations.

The Art of Federations. Topics Federations of what… Federated identity versus federations Federations in other sectors – business, gov, ad hoc R&E Federations.
The rise, slowly, of a middleware infrastructure Ken Klingenstein Director, Internet2 Middleware and Security Ken Klingenstein Director, Internet2 Middleware.

The rise, slowly, of a middleware infrastructure Ken Klingenstein Director, Internet2 Middleware and Security Ken Klingenstein Director, Internet2 Middleware.
1 Leveraging Your Existing Campus Systems to Access Resource Partners: Federated Identity Management and Tales of Campus Participation EDUCAUSE 2006 October.

1 Leveraging Your Existing Campus Systems to Access Resource Partners: Federated Identity Management and Tales of Campus Participation EDUCAUSE 2006 October.
Trends in Identity Management Nate Klingenstein Internet2 EDUCAUSE Security Professional 2007.

Trends in Identity Management Nate Klingenstein Internet2 EDUCAUSE Security Professional 2007.
Federated Access: Identity Management and Access to Protected Resources Renée Woodten Frost Associate Director, Middleware & Security

Federated Access: Identity Management and Access to Protected Resources Renée Woodten Frost Associate Director, Middleware & Security
Drive-By Dialogues. Presenter’s Name Topics The Long Strange Trip of I2 – NLR Merger A Brief Comment on Optical Networking Middleware Developments Security.

Drive-By Dialogues. Presenter’s Name Topics The Long Strange Trip of I2 – NLR Merger A Brief Comment on Optical Networking Middleware Developments Security.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST 24-27 May 2005, Edinburgh.

1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
Internet Scale Identity, Collaboration and Higher Education.

Internet Scale Identity, Collaboration and Higher Education.
Some Frontier Issues from the Wild, Wild West Ken Klingenstein.

Some Frontier Issues from the Wild, Wild West Ken Klingenstein.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.

1 eAuthentication in Higher Education Tim Bornholtz Session #47.
Agenda Project beginnings and funding. Purpose of the federation. Federation members. Federation protocols. Special features in our federation. Pilot.

Agenda Project beginnings and funding. Purpose of the federation. Federation members. Federation protocols. Special features in our federation. Pilot.
Presenter’s Name InCommon Approximately 80 members and growing steadily More than two million “users” Most of the major research institutions (MIT joining.

Presenter’s Name InCommon Approximately 80 members and growing steadily More than two million “users” Most of the major research institutions (MIT joining.
EAuthentication in Higher Education Tim Bornholtz Session 58.

EAuthentication in Higher Education Tim Bornholtz Session 58.
InCommon Policy Conference April 2005. 2 Uses  In order to encourage and facilitate legal music programs, a number of universities have contracted with.

InCommon Policy Conference April Uses  In order to encourage and facilitate legal music programs, a number of universities have contracted with.
New CyberInfrastructure for Collaboration between Higher Ed and NIH.

New CyberInfrastructure for Collaboration between Higher Ed and NIH.
1 Update on the InCommon Federation, Higher Education’s Community of Trust EDUCAUSE 2005 October 19 10:30am-11:20am.

1 Update on the InCommon Federation, Higher Education’s Community of Trust EDUCAUSE 2005 October 19 10:30am-11:20am.
Updates on Shib, a bit of InCommon and International Federations.

Updates on Shib, a bit of InCommon and International Federations.
1 Leveraging Your Existing Campus Systems to Access Resource Partners: Federated Identity Management and Tales of Campus Participation Clair Goldsmith,

1 Leveraging Your Existing Campus Systems to Access Resource Partners: Federated Identity Management and Tales of Campus Participation Clair Goldsmith,
Federations and Security: A Multi-level Marketing Scheme Ken Klingenstein Director, Internet2 Middleware and Security.

Federations and Security: A Multi-level Marketing Scheme Ken Klingenstein Director, Internet2 Middleware and Security.

Similar presentations

Ads by Google