Presentation is loading. Please wait.

Presentation is loading. Please wait.

To identity federation and beyond! Josh Howlett JANET(UK) HEAnet 2008.

Published byTiffany Howard Modified over 8 years ago

Similar presentations

Presentation on theme: "To identity federation and beyond! Josh Howlett JANET(UK) HEAnet 2008."— Presentation transcript:

1 To identity federation and beyond! Josh Howlett JANET(UK) HEAnet 2008

2 Identity Federations Key characteristics  Composed of self-governing regions  Research & Education Institutions  Research & Education Institutions and organisations that serve them  Coming together to solve common problems  Network connectivity  Access management  Governed by a common constitution  Acceptable Use and other Policies  Federation agreement  Realised and enforced through common instruments  Network infrastructure and norms (routers, naming, numbering, etc)  Identity infrastructure and norms (trust, schema, protocols, etc) FederationsHEAnet

3 Trust Assertion How does federated identity work?

4 You already do ‘federated identity’ Visiting academics ERASMUS students Library visitors These tend to be ad hoc systems, relying on separate processes that may take days or weeks to complete. Wouldn’t it be handy if there was a single way to manage federated identity?

5 SAML Security Assertion Mark-up Language August 2002: SAML 1.0 November 2003: SAML 1.1 –Liberty Alliance ‘Identity Federation Framework’ –Internet2 ‘Shibboleth’ Project, Profile and Software March 2005: SAML 2.0 November 2008: Microsoft ‘Genesis’

6

7 About the UK federation The Athens service Interest in FAM from both JISC and Becta UK federation established in Nov 2006 Over 600 member organisations –Almost all Higher Education Institutions –Half of all Further Education Colleges –About half of the Schools sector ~30,000 schools  regional aggregation –Several million users

8 About the UK federation Why federate access management? –Privacy –Single sign-on –Common technology supporting a broad range of applications, internal and external. –Integrates easily into existing identity infrastructure

9 Participation Eligible to all education and research organisations, and those that serve them. Rules of Membership –Legally binding agreement –User accountability Technical Recommendations –SAML 1.1 –Shibboleth 1.3

10 To identity federation…

11 …and beyond? Beyond national boundaries –Considerable interest in ‘inter-federation’ and ‘confederation’. –eduGAIN Beyond the Web –non-Web infrastructure and services –federated filestore, consoles, network access, etc…

12 Conclusions You already do federated identity, even if you don’t call it that! SAML is a well-established and widely deployed technology. Federated Access Management is acceptable to Institutions.

13 Thank you for your attention Any questions?

Download ppt "To identity federation and beyond! Josh Howlett JANET(UK) HEAnet 2008."

Similar presentations

Athens and Shibboleth ® : the choices Phil Leahy Athens Product Manager.

Athens and Shibboleth ® : the choices Phil Leahy Athens Product Manager.
Lousy Introduction into SWITCHaai

Lousy Introduction into SWITCHaai
Eduserv Athens Federations David Orrell Eduserv Athens Technical Architect.

Eduserv Athens Federations David Orrell Eduserv Athens Technical Architect.
Identity Federation Rules and Process Linda Elliott President, PingID Network Electronic Authentication Partnership Washington, DC February 12, 2004.

Identity Federation Rules and Process Linda Elliott President, PingID Network Electronic Authentication Partnership Washington, DC February 12, 2004.
Interfederation subgroup of InCommon Technical Advisory Committee (TAC) spaces.internet2.edu/display/incinterfed.

Interfederation subgroup of InCommon Technical Advisory Committee (TAC) spaces.internet2.edu/display/incinterfed.
Copyright JNT Association 20051Optional www.ukfederation.org.uk Copyright JNT Association 2007 1 Joining the UK Access Management Federation 4th April.

Copyright JNT Association 20051Optional Copyright JNT Association Joining the UK Access Management Federation 4th April.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST 24-27 May 2005, Edinburgh.

1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.

U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.
Network Identity Kai Kang 27 th October 2004. Outline Introduction –Definition –Five drivers –Basic services –Roadmap Network Identity management approaches.

Network Identity Kai Kang 27 th October Outline Introduction –Definition –Five drivers –Basic services –Roadmap Network Identity management approaches.
T-110.5140 Network Application Frameworks and XML Service Federation 30.04.2007 Sasu Tarkoma.

T Network Application Frameworks and XML Service Federation Sasu Tarkoma.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.

1 eAuthentication in Higher Education Tim Bornholtz Session #47.
Agenda Project beginnings and funding. Purpose of the federation. Federation members. Federation protocols. Special features in our federation. Pilot.

Agenda Project beginnings and funding. Purpose of the federation. Federation members. Federation protocols. Special features in our federation. Pilot.
Electronic Authentication for Flexible Learning Workshop Presentation (5 August 2003) Chris Connolly, CEO, Galexia Consulting.

Electronic Authentication for Flexible Learning Workshop Presentation (5 August 2003) Chris Connolly, CEO, Galexia Consulting.
Carl A. Foster.  What is SAML?  Security Assertion and Markup Language is an XML-based standard for exchanging authentication and authorization between.

Carl A. Foster.  What is SAML?  Security Assertion and Markup Language is an XML-based standard for exchanging authentication and authorization between.
Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.

Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.
Shibboleth & IMPETUS 1.What are they? 2.Demo. Shibboleth - A system to support the sharing of Web resources among organisations IMPETUS - Infrastructure.

Shibboleth & IMPETUS 1.What are they? 2.Demo. Shibboleth - A system to support the sharing of Web resources among organisations IMPETUS - Infrastructure.
FIM-ig Federated Identity Management Interest Group.

FIM-ig Federated Identity Management Interest Group.
Supporting further and higher education Authentication & Authorisation for JISC and UK e-Science Alan Robiette, JISC Development Group.

Supporting further and higher education Authentication & Authorisation for JISC and UK e-Science Alan Robiette, JISC Development Group.
Gary Brown, Senior Systems Developer, Portal Development Team Identity Management Toolkit a JISC sponsored project.

Gary Brown, Senior Systems Developer, Portal Development Team Identity Management Toolkit a JISC sponsored project.
Federated Identity Management in New Zealand Sat Mandri Service Manager TNC15 REFEDs Meeting, 14 th June 2015.

Federated Identity Management in New Zealand Sat Mandri Service Manager TNC15 REFEDs Meeting, 14 th June 2015.

Similar presentations

Ads by Google