Presentation is loading. Please wait.

Presentation is loading. Please wait.

Australian Access Federation Robert Hazeltine Identity and Access Management Enterprise Systems Office.

Published byAmi French Modified over 8 years ago

Similar presentations

Presentation on theme: "Australian Access Federation Robert Hazeltine Identity and Access Management Enterprise Systems Office."— Presentation transcript:

1 Australian Access Federation Robert Hazeltine Identity and Access Management Enterprise Systems Office

2 Extending our reach UWS staff and students now belong to two networks - since 6 October 2009 UWS network –Web sites and applications, and enterprise applications AAF network –participating universities and research institutions and other national federations

3 Services data collections and data grids scientific instruments, modelling and visualisation tools and computing resources collaboration environments and workspaces for virtual teams scholarly resources and publications e-learning resources and learning object collections national higher education and research administration schemes

4 How does it work... Single sign on –local credentials Role based access control –Uses attributes and record keeping curtailed Pubic Key Infrastructure –Electronic passport

5 Identity Provider –the software run by an organisation with users wishing to access a restricted service Service Provider –the software run by the provider managing the restricted service Federation –Where are you from = “WAYF” –Public key infrastructure –Privacy a key consideration

6 Shibboleth Federated Single Sign On software –The Shibboleth system is a standards based, open source software package for web single sign-on across or within organisational boundaries. It allows sites to make informed authorisation decisions for individual access of protected online resources in a privacy-preserving manner Shibboleth leverages the organisation’s identity and access management system, so that the individual’s relationship with the institution determines access rights to services that are hosted both on and off campus

7 AAF site about the AAF –http://www.aaf.edu.au/http://www.aaf.edu.au UWS site about the AAF –http://www.uws.edu.au/campuses_structure/cas/servic es_facilities/it/single_sign-onhttp://www.uws.edu.au/campuses_structure/cas/servic es_facilities/it/single_sign-on US Shibboleth site –http://shibboleth.internet2.edu/about.htmlhttp://shibboleth.internet2.edu/about.html Swiss equivalent of the AAF –http://www.switch.ch/aai/demo/easy.htmlhttp://www.switch.ch/aai/demo/easy.html

8 Your role in this Maybe no direct involvement yourself Finding uses for it Identifying your users as a group Telling your ITS contact your needs Giving us a little time to organise it Becoming an advocate

9

10

11

12

13

14

15

16

17

18

19

20

21 How does UWS turn the technology to its advantage?

22 Thank you

23 AAF core attributes authenticationMethod o (organisation) eduPersonAffiliation eduPersonScopedAffiliatio n eduPersonEntitlement eduPersonAssurance eduPersonTargettedID auEduPersonSharedToken displayName cn (common name) mail

24 Identity Provider (Origin) Log on to a web site or application Shibboleth –Use the AAF “WAYF” for federation sites –Use the AAF “WAYF” for local only sites –Use the technology for local sites only No password is exchanged with SP –Attributes are encrypted –Anonymous, pseudo-anonymous, identifier –Uses your UWS password

25 Service Providers (Target) Australian Access Federation itself AAF member as service provider Confluence Library services On line learning No portal required

26 Enterprise Directory Repository of attributes for various uses: –Australian Access Federation –White and green pages –Online voting –Authentication and authorization –Course Approval and Publication System –VoIP (new phone system) –Faster on boarding

Download ppt "Australian Access Federation Robert Hazeltine Identity and Access Management Enterprise Systems Office."

Similar presentations

Lousy Introduction into SWITCHaai

Lousy Introduction into SWITCHaai
FAME-PERMIS Project University of Manchester University of Kent London, July 2006.

FAME-PERMIS Project University of Manchester University of Kent London, July 2006.
Defining the Security Domain Marilu Goodyear John H. Louis University of Kansas.

Defining the Security Domain Marilu Goodyear John H. Louis University of Kansas.
KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.

KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.

Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
Implementing Shibboleth-based Virtual Organisations and VO Federations using IAMSuite (including AAF update) James Dalziel & Alan Lin Professor of Learning.

Implementing Shibboleth-based Virtual Organisations and VO Federations using IAMSuite (including AAF update) James Dalziel & Alan Lin Professor of Learning.
Grid Security. Typical Grid Scenario Users Resources.

Grid Security. Typical Grid Scenario Users Resources.
2006 © SWITCH Authentication and Authorization Infrastructures in e-Science (and the role of NRENs) Christoph Witzig SWITCH e-IRG, Helsinki, Oct 4, 2006.

2006 © SWITCH Authentication and Authorization Infrastructures in e-Science (and the role of NRENs) Christoph Witzig SWITCH e-IRG, Helsinki, Oct 4, 2006.
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (http://www.ag-nbi.de)http://www.ag-nbi.de.

Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (
Understanding Active Directory

Understanding Active Directory
UCLA’s Shibboleth Plan Shibboleth is an integral part of UCLA’s Enterprise Directory & Identity Management Infrastructure (EDIMI) Project Integrate with.

UCLA’s Shibboleth Plan Shibboleth is an integral part of UCLA’s Enterprise Directory & Identity Management Infrastructure (EDIMI) Project Integrate with.
Information Resources and Communications University of California, Office of the President Current Identity Management Initiatives at UC & Beyond: UCTrust.

Information Resources and Communications University of California, Office of the President Current Identity Management Initiatives at UC & Beyond: UCTrust.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.

Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
Peter Deutsch Director, I&IT Systems July 12, 2005

Peter Deutsch Director, I&IT Systems July 12, 2005
InCommon Policy Conference April 2005. 2 Uses  In order to encourage and facilitate legal music programs, a number of universities have contracted with.

InCommon Policy Conference April Uses  In order to encourage and facilitate legal music programs, a number of universities have contracted with.
Administrative Information Systems Shibboleth: The Next Generation ISIS Technical Information Session for Developers Datta Mahabalagiri March 3. 2008.

Administrative Information Systems Shibboleth: The Next Generation ISIS Technical Information Session for Developers Datta Mahabalagiri March
Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.

Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.
Digital Identity Management Strategy, Policies and Architecture Kent Percival 2005 06 23 A presentation to the Information Services Committee.

Digital Identity Management Strategy, Policies and Architecture Kent Percival A presentation to the Information Services Committee.
Get Started With Marketing!. Marketing on Your Mind?  This presentation will include: Info for New and Experienced Users Ideas for marketing to Students.

Get Started With Marketing!. Marketing on Your Mind?  This presentation will include: Info for New and Experienced Users Ideas for marketing to Students.

Similar presentations

Ads by Google