Presentation is loading. Please wait.

Presentation is loading. Please wait.

Kalmar Union 15.1.2008 Mikael Linden CSC, the Finnish IT Center for Science.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Kalmar Union 15.1.2008 Mikael Linden CSC, the Finnish IT Center for Science."— Presentation transcript:

1 Kalmar Union 15.1.2008 Mikael Linden mikael.linden@csc.fi CSC, the Finnish IT Center for Science

2 Four national identity federations Haka (Finland): Operational (Shibboleth) FEIDE (Norway): Operational (Moria, SAML2.0) DK-AAI (Denmark): Piloting (A-Select) SWAMID (Sweden):Piloting (Shibboleth)

3 Kalmar Union in digital identity?  Do we need 4 national federations? Could we have just one Nordic (con)federation? A federation of federations  Is 1+1+1+1>4?  Are there services that would benefit from easy authentication and authorisation between the Nordic countries?

4 Kalmar union demonstrated in Nordunet Conference September 2006  ”Scientist’s Interface” (Service Provider) CSC’s supercomputers available for federated access in Finland since 3/2006 Shibboleth 1.DEMO1: Federated log-in to Scientist’s Interface from the Norwegian FEIDE federation FEIDE login server (Sun Access Manager) adjusted to talk Shibboleth 2.DEMO2: Federated log-in to Scientist’s Interface from the Danish DK-AAI pilot federation Shibboleth

5 Kalmar union technical sketch 1/2  No protocol gateways, make IdP&SP talk directly to each other  Just aggregate the metadata from the four federations technically speaking, IdPs and SPs would see just one federation FEIDE Identity&Service Providers … Haka Identity&Service Providers … Kalmar union metadata … …

6 Kalmar union technical sketch 2/2  Schema for attribute syntax and semantics All the Nordic federations based on eduPerson schema Schac covers some of the rest (e.g. SSN)  PKI for server certificates Haka: certs provided by TeliaSonera UNI·C: certs provided by GlobalSign SWAMID: certs by SwUPKI FEIDE: certs by VeriSign and Globalsign  perhaps we could accept each other’s CAs  the WAYF/IdP discovery each federation would have a national WAYF, with the flags of other countries linked to the corresponding WAYF

7 Tough part: the federation policy  There should not be extensive gaps in our federations’ policies requirements for joining IdP’s & SPs obligations of the federation operator Mechanisms and practices for data protection liability and indemnification…  First studies done by Walter Tweter of U Oslo Kalmar union would be established by signing a multilateral agreement Published by Emerald http://www.emeraldinsight.com/10.1108/10650740710834635

8 How to go on  Nordforsk has decided to provide funding for 2008  prepare and sign a confederation agreement for the four federations  make necessary technical modifications  identify applications making use of Kalmar

Download ppt "Kalmar Union 15.1.2008 Mikael Linden CSC, the Finnish IT Center for Science."

Similar presentations

Federation management A mess? 9.4.2008 Nordunet Conference Mikael Linden CSC, the Finnish IT Center for Science.

Federation management A mess? Nordunet Conference Mikael Linden CSC, the Finnish IT Center for Science.
The Art of Federations. Topics Federations of what… Federated identity versus federations Federations in other sectors – business, gov, ad hoc R&E Federations.

The Art of Federations. Topics Federations of what… Federated identity versus federations Federations in other sectors – business, gov, ad hoc R&E Federations.
Eduserv Athens Federations David Orrell Eduserv Athens Technical Architect.

Eduserv Athens Federations David Orrell Eduserv Athens Technical Architect.
Access management for repositories: challenges and approaches for MAMS James Dalziel Professor of Learning Technology and Director, Macquarie E-Learning.

Access management for repositories: challenges and approaches for MAMS James Dalziel Professor of Learning Technology and Director, Macquarie E-Learning.
Resource Entitlement Management System Manne Miettinen Mikael Linden Janne Lauros CSC – IT Center for Science.

Resource Entitlement Management System Manne Miettinen Mikael Linden Janne Lauros CSC – IT Center for Science.
EduGAIN – Are we there yet? Lukas Hämmerle (ghost writer, Brook Schofield) FIM4R, Helsinki – 2 October 2013.

EduGAIN – Are we there yet? Lukas Hämmerle (ghost writer, Brook Schofield) FIM4R, Helsinki – 2 October 2013.
5/25/2015 AEB/Yleisesittely Roaming network access using Shibboleth in University of Helsinki Fall 2004 Internet2 Member Meeting 29th of September, 2004.

5/25/2015 AEB/Yleisesittely Roaming network access using Shibboleth in University of Helsinki Fall 2004 Internet2 Member Meeting 29th of September, 2004.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST 24-27 May 2005, Edinburgh.

1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (http://www.ag-nbi.de)http://www.ag-nbi.de.

Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (
Innovation through participation eduGAIN federation operator training eduGAIN policy eduGAIN training in Vienna 17-18 Oct 2011

Innovation through participation eduGAIN federation operator training eduGAIN policy eduGAIN training in Vienna Oct 2011
Agenda Project beginnings and funding. Purpose of the federation. Federation members. Federation protocols. Special features in our federation. Pilot.

Agenda Project beginnings and funding. Purpose of the federation. Federation members. Federation protocols. Special features in our federation. Pilot.
Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.

Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.
© 2010, University of KentPrimeLife Vienna, 10 Sept 20101 CardSpace in the Cloud David Chadwick, George Inman University of Kent.

© 2010, University of KentPrimeLife Vienna, 10 Sept CardSpace in the Cloud David Chadwick, George Inman University of Kent.
Refeds federation survey update Theme of the day: Campus Identity Management TF-EMC2 Umeå 9th Jul 2008 CSC, the Finnish IT Center.

Refeds federation survey update Theme of the day: Campus Identity Management TF-EMC2 Umeå 9th Jul 2008 CSC, the Finnish IT Center.
Use case: Federated Identity for Education (Feide) Identity collaboration and federation in Norwegian education Internet2 International Workshop, Chicago,

Use case: Federated Identity for Education (Feide) Identity collaboration and federation in Norwegian education Internet2 International Workshop, Chicago,
Middleware challenges to service providers, the Nordic view TERENA, 24.10.2002 Ingrid Melve, UNINETT.

Middleware challenges to service providers, the Nordic view TERENA, Ingrid Melve, UNINETT.
CASE: Haka federation EuroCAMP, 3-5 April, 2006 CSC, the Finnish IT Center for Science

CASE: Haka federation EuroCAMP, 3-5 April, 2006 CSC, the Finnish IT Center for Science
1 Addressing security challenges on a global scaleGeneva, 6-7 December 2010.

1 Addressing security challenges on a global scaleGeneva, 6-7 December 2010.
Innovation through participation Interfederation through eduGAIN - steps and challenges eduGAIN interfederation service 2012-02-27 Federated Identity Systems.

Innovation through participation Interfederation through eduGAIN - steps and challenges eduGAIN interfederation service Federated Identity Systems.
Exploring InCommon Getting Started with InCommon: Creating Your Roadmap.

Exploring InCommon Getting Started with InCommon: Creating Your Roadmap.

Similar presentations

Ads by Google