Presentation is loading. Please wait.

Presentation is loading. Please wait.

Identity management, authentication and registration at the University of Helsinki Tietotekniikkaosasto Ismo Aulaskari 2.9.2008.

Published byDamon Harrell Modified over 8 years ago

Similar presentations

Presentation on theme: "Identity management, authentication and registration at the University of Helsinki Tietotekniikkaosasto Ismo Aulaskari 2.9.2008."— Presentation transcript:

1 Identity management, authentication and registration at the University of Helsinki Tietotekniikkaosasto Ismo Aulaskari 2.9.2008

2 Service perspective – bunch of applications Some authentication PortalWiki Blog Moodle Webmail Homegrown app X

3 Technologies used Central/Internal Authentication (University): radius, ldap, shibboleth (SAML2)‏ Common federation (Haka) with other universities: shibboleth/SAML2. Radius for eduroam State-wide: Vetuma, which uses Tupas

4 Authentication and IDM perspective Radius LDAP ADUnixNetware Shibbleth IDP Web applications, desktop applications, workstations, email, servers Light- account Lotus Notes Strong auth

5 Tupas Tupas is a certification service that’s standardized by Finnish Bankers’ Association Standard for authenticating and paying Costs per authentication/paying event Most citizens currently have internet banking accounts Usage in University of Helsinki requires Finnish SSN More information: http://www.fkl.fi/asp/ida/download.asp?prm1=wwwuser_fkl &docid=11302&sec=&ext=.pdf

6 User account management perspective Oracle (master)‏ LDAP AD Unix Netware Pull Student registry Employee registry The others ? To centralized authenticati on & authroziati on

7 Tools Master/Lohju: Oracle 10 database (and application) that includes all the information of the users and their accounts Synchronization scripts Huge automated script to populate LDAP Openldap 2.3 Two backend db:sdb:s Hot-swap-replicated Real cluster coming

8 Future perspective Even more centralized authentication Homegrown SSO - or better? Authorization by SAML? PortalWiki Blog Moodle Webmail Homegrown app X Hupnet

9 What?

Download ppt "Identity management, authentication and registration at the University of Helsinki Tietotekniikkaosasto Ismo Aulaskari 2.9.2008."

Similar presentations

eduroam Delegate Authentication System with Shibboleth SSO

eduroam Delegate Authentication System with Shibboleth SSO
>> Fronter Helsinki, April 8 th, 2008 Aleksander Pettersen.

>> Fronter Helsinki, April 8 th, 2008 Aleksander Pettersen.
Open-source Single Sign-On with CAS (Central Authentication Service) Pascal Aubry, Vincent Mathieu & Julien Marchal Copyright © 2004 – ESUP-Portail consortium.

Open-source Single Sign-On with CAS (Central Authentication Service) Pascal Aubry, Vincent Mathieu & Julien Marchal Copyright © 2004 – ESUP-Portail consortium.
Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.

Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.
Office 365 Identity June 2013 Microsoft Office365 4/2/2017

Office 365 Identity June 2013 Microsoft Office365 4/2/2017
Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
Agenda AD to Windows Azure AD Sync Options Federation Architecture

Agenda AD to Windows Azure AD Sync Options Federation Architecture
Core identity scenarios Federation and synchronization 2 3 Identity management overview 1 Additional features 4.

Core identity scenarios Federation and synchronization 2 3 Identity management overview 1 Additional features 4.
Eunice Mondésir Pierre Weill-Tessier 1 Federated Identity with Ping Federate Project Supervisor: M. Maknavicius-Laurent ASR Coordinator: G. Bernard ASR.

Eunice Mondésir Pierre Weill-Tessier 1 Federated Identity with Ping Federate Project Supervisor: M. Maknavicius-Laurent ASR Coordinator: G. Bernard ASR.
Copyright Dave Steiner and Jeremy Rosenberg 2010. This work is the intellectual property of the authors. Permission is granted for this material to be.

Copyright Dave Steiner and Jeremy Rosenberg This work is the intellectual property of the authors. Permission is granted for this material to be.
Trusted 3 rd Party Authentication & Friends: SSO and IdM NWACC Security Workshop 2013 Portland.

Trusted 3 rd Party Authentication & Friends: SSO and IdM NWACC Security Workshop 2013 Portland.
FSU Directory Project The Issue of Identity Management Jeff Bauer Florida State University

FSU Directory Project The Issue of Identity Management Jeff Bauer Florida State University
FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.

FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.
Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services and Identity Management.

Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services and Identity Management.
Federated Identity Management for the context of storage Bart Kerver - TERENA Storage-meeting, Amsterdam,

Federated Identity Management for the context of storage Bart Kerver - TERENA Storage-meeting, Amsterdam,
C2G and B2G Authentication and Authorization in Finland Special Discussion Topic Kantara Initiative eGov Working Group Prepared by: Keith Uber Ubisecure.

C2G and B2G Authentication and Authorization in Finland Special Discussion Topic Kantara Initiative eGov Working Group Prepared by: Keith Uber Ubisecure.
Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.

Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.
Peter Deutsch Director, I&IT Systems July 12, 2005

Peter Deutsch Director, I&IT Systems July 12, 2005
Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.

Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.
SIMI: ISO Perspective Al ISO CSU Northridge

SIMI: ISO Perspective Al ISO CSU Northridge

Similar presentations

Ads by Google