Presentation is loading. Please wait.

Presentation is loading. Please wait.

A-Select: Hitchhiking in authentication space Ton Verschuren Innovation Management – SURFnet – NL TERENA TF-AACE workshop, Stockholm,

Published byCecil Merritt Modified over 8 years ago

Similar presentations

Presentation on theme: "A-Select: Hitchhiking in authentication space Ton Verschuren Innovation Management – SURFnet – NL TERENA TF-AACE workshop, Stockholm,"— Presentation transcript:

1 A-Select: Hitchhiking in authentication space Ton Verschuren Innovation Management – SURFnet – NL Ton.Verschuren@SURFnet.nl TERENA TF-AACE workshop, Stockholm, 26 November 2002

2 2 Rationale for A-Select A-Select is a weblogin system like pubcookie Separation between authN and authZ Better security thru stronger (local) authN New authN methods shouldn’t bother apps We’re looking for authN means that users already have: hitchhiking! Differentiate between various levels of assurance

3 3 A-Select overview Local A-Select Server A-Select Agent Application User Remote Authentication Service Providers Local Authentication Service Providers Remote A-Select Server UDB Filter

4 4 Supported AuthN Service Providers (ASPs) V 1.1 (now): –IP address –U/p thru RADIUS –Internet banking (banking card) –SMS (mobile phone) V 1.2 (Nov/Dec): –LDAP V 2.0 (?): –SAML V n.n (?): –PKI

5 5 Implementation A-Select server: Java –Apache + Tomcat Crypto: Cryptix –SHA1 hashes + RSA signatures Filters for Apache and IIS Memory cookies: –Ticket granting ticket (for SSO) –Application ticket Redirection to ASP UDB: –JDBC –LDAP (v1.2) SSL recommended but not required

6 6 License model A-Select server & agent: free ASPs IP address and RADIUS: free ASPs SMS (and banking card): free for academic community Other ASPs: –Do-it-yourself, or –Contract our developers

7 7 The Future of A-Select Benchmarking of “similar” products –Functionality –With APIs for ASPs –Price Your input is welcome!

8 8 What’s next: standardising on APIs? Authentication Systems ? Back Office Authorisation Systems Applications webISO

9 9 More info More on a-select.surfnet.nla-select.surfnet.nl –Functional & technical design + API –Demo Portal And now…a demo!

Download ppt "A-Select: Hitchhiking in authentication space Ton Verschuren Innovation Management – SURFnet – NL TERENA TF-AACE workshop, Stockholm,"

Similar presentations

Secure Single Sign-On Across Security Domains

Secure Single Sign-On Across Security Domains
Solving the Middleware Puzzle Ton Verschuren - SURFnet JISC – SURF – Internet2 workshop Oxford, September 19-20, 2002.

Solving the Middleware Puzzle Ton Verschuren - SURFnet JISC – SURF – Internet2 workshop Oxford, September 19-20, 2002.
3rd Campus Grid SIG Meeting. Agenda Welcome OMII Requirements document Grid Data Group HTC Workshop Research Computing SIG? AOB Next meeting (AG)

3rd Campus Grid SIG Meeting. Agenda Welcome OMII Requirements document Grid Data Group HTC Workshop Research Computing SIG? AOB Next meeting (AG)
Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.

Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.
Terena Mobility Taskforce update Klaas Wierenga SURFnet.

Terena Mobility Taskforce update Klaas Wierenga SURFnet.
Contrail and Federated Identity Management

Contrail and Federated Identity Management
ELAG Trondheim 2004 1 Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.

ELAG Trondheim Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 23: Internet Authentication Applications.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 23: Internet Authentication Applications.
TechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003 Yuri Demchenko.

TechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003 Yuri Demchenko.
Introducing A-Select … towards the next 700 authentication methods Utrecht, 25-4-2003 Maarten Koopmans.

Introducing A-Select … towards the next 700 authentication methods Utrecht, Maarten Koopmans.
1 SURFnet PKI efforts TERENA PKI-COORD meeting 6 December 2000 Ton Verschuren – Innovation Manager - SURFnet.

1 SURFnet PKI efforts TERENA PKI-COORD meeting 6 December 2000 Ton Verschuren – Innovation Manager - SURFnet.
1 PKI update Operational service: pki.surfnet.nlpki.surfnet.nl –8 orgs certified, 2 underway –Non-RFC2527 compliant CPS –Medium security LOA –Demo’s for.

1 PKI update Operational service: pki.surfnet.nlpki.surfnet.nl –8 orgs certified, 2 underway –Non-RFC2527 compliant CPS –Medium security LOA –Demo’s for.
Federated Identity Management for the context of storage Bart Kerver - TERENA Storage-meeting, Amsterdam,

Federated Identity Management for the context of storage Bart Kerver - TERENA Storage-meeting, Amsterdam,
Do you like to puzzle? …build an AA Infrastructure! DELAMAN Access Group Workshop November, 30th, 2004 xxx.

Do you like to puzzle? …build an AA Infrastructure! DELAMAN Access Group Workshop November, 30th, 2004 xxx.
GGF15 Workshop MyProxy Integration with PubCookie Marty Humphrey*, Jim Jokl*, and Jim Basney** *Department of Computer Science, University of Virginia,

GGF15 Workshop MyProxy Integration with PubCookie Marty Humphrey*, Jim Jokl*, and Jim Basney** *Department of Computer Science, University of Virginia,
The EC PERMIS Project David Chadwick

The EC PERMIS Project David Chadwick
Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.

Identity and Access IDGo Secure (ISE) for Android Didier Bonnet April 2015.
AAA-ARCH IRTF-RG Authentication Authorisation and Accounting ARCHitecture Research Group chairs: C. de Laat J. Vollbrecht Content of this talk has contributions.

AAA-ARCH IRTF-RG Authentication Authorisation and Accounting ARCHitecture Research Group chairs: C. de Laat J. Vollbrecht Content of this talk has contributions.
Development and Implementation of Multifactor Authentication Motonori Nakamura at National Institute of Informatics and Takuya Matsuhira at Kanazawa University,

Development and Implementation of Multifactor Authentication Motonori Nakamura at National Institute of Informatics and Takuya Matsuhira at Kanazawa University,
Authentication Systems and Single Sign-On (SSO) David Orrell, Eduserv Athens 1st EuroCAMP, 2-4 March 2005, Turin, Italy.

Authentication Systems and Single Sign-On (SSO) David Orrell, Eduserv Athens 1st EuroCAMP, 2-4 March 2005, Turin, Italy.

Similar presentations

Ads by Google