Presentation is loading. Please wait.

Presentation is loading. Please wait.

Shibboleth Update Fall 2012. Ch-ch-changes Chad moving on to new job opportunity, requires realigning product responsibilities and reviewing roadmap Tom.

Published byRonald Briggs Modified over 8 years ago

Similar presentations

Presentation on theme: "Shibboleth Update Fall 2012. Ch-ch-changes Chad moving on to new job opportunity, requires realigning product responsibilities and reviewing roadmap Tom."— Presentation transcript:

1 Shibboleth Update Fall 2012

2 Ch-ch-changes Chad moving on to new job opportunity, requires realigning product responsibilities and reviewing roadmap Tom Zeller coming on board as IdP lead Ian Young assuming responsibility for Metadata Aggregator Other roles largely the same 2

3 IdPv3 Scope and schedule inevitably impacted Priority for project team is delivering a dev plan to the new Consortium Board this month Identify resource gaps, then adjust plan or find resources 3

4 Service Provider 2.5.0 release smooth apart from traditional packaging foibles Pending outcome of an issue under investigation, End of Life for V2.4.3 will be Nov 30 th 2.5.1 patch update under development to address Apache 2.4 support, other bugs as time permits 4

5 SAML ECP + GSS-API/SASL + ISOC + NCSA = SSH IMAP LDAP XMPP NFS AFS … 5

6 SAML ECP in GSS-API https://wiki.oasis-open.org/security/SAML2ChannelBindingExt Authentication of TLS client/server session via SAML IdP https://wiki.oasis-open.org/security/SAML2EnhancedClientProfile Backward-compatible profile adding channel binding, holder of key security, session key establishment http://tools.ietf.org/html/draft-ietf-kitten-sasl-saml-ec GSS-API mechanism allowing use of IdP with ECP Expose SAML identity via GSS-API Naming Extensions SASL support via GS2 bridge mechanism

7 Takeaways Proof of concept stage, specs still evolving No browser for authentication, no implicit web- based flows alongside the real ones Strong complementary overlap with Project Moonshot: client UI and IdP provisioning GSS client and server changes use of SAML-based identities, GSS naming extensions likely to share code 7

Download ppt "Shibboleth Update Fall 2012. Ch-ch-changes Chad moving on to new job opportunity, requires realigning product responsibilities and reviewing roadmap Tom."

Similar presentations

Federated Identity for Grid Architects Tom Scavo NCSA

Federated Identity for Grid Architects Tom Scavo NCSA
1 ALICE Grid Status David Evans The University of Birmingham GridPP 14 th Collaboration Meeting Birmingham 6-7 Sept 2005.

1 ALICE Grid Status David Evans The University of Birmingham GridPP 14 th Collaboration Meeting Birmingham 6-7 Sept 2005.
Shibboleth 2.0 and Beyond Chad La Joie Georgetown University Internet2.

Shibboleth 2.0 and Beyond Chad La Joie Georgetown University Internet2.
Recall The Team Skills 1. Analyzing the Problem (with 5 steps) 2. Understanding User and Stakeholder Needs 3. Defining the System 4. Managing Scope 1.

Recall The Team Skills 1. Analyzing the Problem (with 5 steps) 2. Understanding User and Stakeholder Needs 3. Defining the System 4. Managing Scope 1.
ABFAB for Internet-of-Things Rhys Smith, Janet Sam Hartman & Margaret Wasserman, Painless Security.

ABFAB for Internet-of-Things Rhys Smith, Janet Sam Hartman & Margaret Wasserman, Painless Security.
Office 365 Identity June 2013 Microsoft Office365 4/2/2017

Office 365 Identity June 2013 Microsoft Office365 4/2/2017
Federated Access to Grids Daniel Kouřil, Sam Hartman, Josh Hewlet, Jens Jensen, Michal Procházka EGI User Forum 2011.

Federated Access to Grids Daniel Kouřil, Sam Hartman, Josh Hewlet, Jens Jensen, Michal Procházka EGI User Forum 2011.
MyProxy: A Multi-Purpose Grid Authentication Service

MyProxy: A Multi-Purpose Grid Authentication Service
Moonshot for Federated Identity Jens Jensen, STFC Daniel Kouřil, CESNET EGI CF, April 2013.

Moonshot for Federated Identity Jens Jensen, STFC Daniel Kouřil, CESNET EGI CF, April 2013.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Slides by Kent Seamons and Tim van der Horst Last Updated: Nov 8, 2013.

Slides by Kent Seamons and Tim van der Horst Last Updated: Nov 8, 2013.
Integration Considerations Greg Thompson April 20 th, 2006 Copyright © 2006, Credentica Inc. All Rights Reserved.

Integration Considerations Greg Thompson April 20 th, 2006 Copyright © 2006, Credentica Inc. All Rights Reserved.
Saml-v2_0-intro-dec051 Security Assertion Markup Language An Introduction to SAML 2.0 Tom Scavo NCSA.

Saml-v2_0-intro-dec051 Security Assertion Markup Language An Introduction to SAML 2.0 Tom Scavo NCSA.
Project Moonshot update TF-EMC2 & TF-MNM 14 & 16 February 2011.

Project Moonshot update TF-EMC2 & TF-MNM 14 & 16 February 2011.
® Practical Approaches to Web Services Authentication 72nd OGC Technical Committee Frascati, Italy Fiona Culloch March 9, 2010 Sponsored and hosted by.

® Practical Approaches to Web Services Authentication 72nd OGC Technical Committee Frascati, Italy Fiona Culloch March 9, 2010 Sponsored and hosted by.
Dspace – Digital Repository www.dspace.org Dawn Petherick, University Web Services Team Manager Information Services, University of Birmingham MIDESS Dissemination.

Dspace – Digital Repository Dawn Petherick, University Web Services Team Manager Information Services, University of Birmingham MIDESS Dissemination.
Effort in hours Duration Over Weeks Or Months Inception Launch Web Lifecycle Methodology Maintenance Phases 1234576891011 Copyright Wonderlane Studios.

Effort in hours Duration Over Weeks Or Months Inception Launch Web Lifecycle Methodology Maintenance Phases Copyright Wonderlane Studios.
Enabling Cloud Services & Federated Authentication UPN & Email Infrastructure Changes Chris Pruess ITS AIS Directory & Authentication Services.

Enabling Cloud Services & Federated Authentication UPN & Infrastructure Changes Chris Pruess ITS AIS Directory & Authentication Services.
Prabath Siriwardena Senior Software Architect. An open source Identity & Entitlement management server.

Prabath Siriwardena Senior Software Architect. An open source Identity & Entitlement management server.
Shibboleth 2.0 : An Overview for Developers Scott Cantor The Ohio State University / Internet2 Scott Cantor The Ohio.

Shibboleth 2.0 : An Overview for Developers Scott Cantor The Ohio State University / Internet2 Scott Cantor The Ohio.

Similar presentations

Ads by Google