Presentation is loading. Please wait.

Presentation is loading. Please wait.

19 May 2003, TERENA, Zagreb Civilizing eduPerson Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Chair, MACE-Dir Working Group Keith Hazelton,

Published byClifton Park Modified over 8 years ago

Similar presentations

Presentation on theme: "19 May 2003, TERENA, Zagreb Civilizing eduPerson Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Chair, MACE-Dir Working Group Keith Hazelton,"— Presentation transcript:

1 19 May 2003, TERENA, Zagreb Civilizing eduPerson Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Chair, MACE-Dir Working Group Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Chair, MACE-Dir Working Group

2 19-May-03 2 Civilizing eduPerson: TOPICS Collaboration on schema work Reflections on European schema developments Trends in Internet2 schema and directories

3 19-May-03 3 Collaboration on Schema Work Person schema activities flourish norEduPerson funetEduPerson swissEduPerson DEEP survey questions on schema needs &, of course, eduPerson & further afield, WALAP activity in Australia …& interest from East Asia heard at last JGN conference

4 19-May-03 4 Collaboration on Schema Work What to work toward? (In order of increasing difficulty and decreasing probability of success) Agreement on a list of interesting attributes Common syntax and semantics across schema for given attribute type –A kind of inter-federation diplomatic activity Agreement on inclusion in a standard schema –eduPerson? –Next release of X.520? –Other candidates? Processes for ongoing schema coordination Even common syntax & semantics would boost interoperability in attribute mapping

5 19-May-03 5 Collaboration on Schema Work How to do the work? Internet2 may be able to offer to host a concentrated series of conference calls or other virtual working sessions Over six weeks or so Scheduled to accommodate European & US (one set of calls) …and Pacific -- US (a second, parallel set of calls) Charter would be to tackle the identified work items Time permitting, move on to organizational object schema If successful, followons on Dir -- AuthN/Z links possible Let’s discuss all this in the days ahead…

6 19-May-03 6 Reflections on European schema developments De Profundis, or Lessons from the DEEP Survey 6 of 8 eduPerson attributes considered “needed” by majority of respondents –5 eP attributes by 13 or more of the 18 respondents –Affiliation and organizational place attrs. “won” …But extensions needed, too –Mail for org object classes –Sensitive attributes like gender and birthdate and national ID number –Let’s talk!

7 19-May-03 7 Reflections on European schema developments Only half the respondents of the DEEP survey saw need for eduPersonEntitlement In US, this entitlement attribute is finding growing use controlling access to licensed resources under Shibboleth Values are URIs (URL or URN) URN:MACE: prefixed values proliferating after acceptance by IETF and upcoming registration with IANA Gives way to make values unique in the entitlement namespace without elaborate registry mechanism

8 19-May-03 8 Reflections on European schema developments Deep survey revealed need for account and PKI object classes and attributes Largely untouched by edu* efforts of Internet2 MACE But important to ALL of us Also see value in the Gietz and Chadwick approaches to getting parsed X.509 certificate contents into our enterprise directories

9 19-May-03 9 Reflections on European schema developments Deep survey respondents nominated any number of attributes to carry unique identifiers eduPersonPrincipalName is the only one in current class Worth pondering how any of these would be used inter- domain (if they are) Many unsolved problems in federated identity management space bear on these issues

10 19-May-03 10 Reflections on European schema developments Privacy support attributes proposed in survey MACE-Dir discussions, too Starting with collecting “communty practices” Another area for Euro-US collaborative work

11 19-May-03 11 Reflections on European schema developments Schema registry project considered extremely valuable by Internet2 As a discovery tool As a communication tool As a possible Ur-Registration Authority for schema As a protective measure against uncontrolled wheel re-invention

12 19-May-03 12 Trends in Internet2 schema and directory work eduPersonScopedAffiliation Driven by Shibboleth needs Syntax like eduPersonPrincipalName –student@brown.edu –alum@duke.edu –subscriber@nytimes.com (!?!) Raises problems about who is authorized to assert what –An “inter-realm metadirectory function” –A field full of ratholes and land mines…

13 19-May-03 13 Trends in Internet2 schema and directory work Cautious and stringently limited expansion of controlled vocabulary for eduPersonAffiliation prospective parent …and maybe no more than that There’s value in local attribute with more values And value in agreeing across institutions on syntax & semantics; but maybe not a single shared attribute Brings us full circle back to collaborative discussions…

14 19-May-03 14 Civilizing eduPerson Q & A

Download ppt "19 May 2003, TERENA, Zagreb Civilizing eduPerson Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Chair, MACE-Dir Working Group Keith Hazelton,"

Similar presentations

RPKI Standards Activity Geoff Huston APNIC February 2010.

RPKI Standards Activity Geoff Huston APNIC February 2010.
Authorisation Models for National Scale Services Alan Robiette Joint Information Systems Committee

Authorisation Models for National Scale Services Alan Robiette Joint Information Systems Committee
04 June 2002, TERENA, Limerick MACE: Directories at Work Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Chair, MACE-Dir Working Group.

04 June 2002, TERENA, Limerick MACE: Directories at Work Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Chair, MACE-Dir Working Group.
All About Attributes (in federated identity) Nate Klingenstein 30 January 2007 OGF 19 Chapel Hill.

All About Attributes (in federated identity) Nate Klingenstein 30 January 2007 OGF 19 Chapel Hill.
Eduserv Athens Federations David Orrell Eduserv Athens Technical Architect.

Eduserv Athens Federations David Orrell Eduserv Athens Technical Architect.
EduPerson and Federated K-12 Activities InCommon/Quilts Pilot Group February 27, 2014 Keith Hazelton UW-Madison, InCommon/I2.

EduPerson and Federated K-12 Activities InCommon/Quilts Pilot Group February 27, 2014 Keith Hazelton UW-Madison, InCommon/I2.
1 Collaborators at the Gates of Troy: Extending eServices at USC.

1 Collaborators at the Gates of Troy: Extending eServices at USC.
Welcome to CAMP Shibboleth Ken Klingenstein, Director, Internet2 Middleware Initiative.

Welcome to CAMP Shibboleth Ken Klingenstein, Director, Internet2 Middleware Initiative.
Welcome to CAMP! Ken Klingenstein, Director, Internet2 Middleware Initiative.

Welcome to CAMP! Ken Klingenstein, Director, Internet2 Middleware Initiative.
Schema: eduPerson views Michael R Gettes Duke University EuroCAMP, November 2005.

Schema: eduPerson views Michael R Gettes Duke University EuroCAMP, November 2005.
Recent Developments in Directories Tom Barton, University of Chicago Keith Hazelton, University of Wisconsin.

Recent Developments in Directories Tom Barton, University of Chicago Keith Hazelton, University of Wisconsin.
1 Internet2 EduPerson 2nd TF-LSD meeting, Amsterdam, 2. February 2001 Peter Gietz

1 Internet2 EduPerson 2nd TF-LSD meeting, Amsterdam, 2. February 2001 Peter Gietz
Shared Learning Services : Key Learnings Session 102 November 9, 2009.

Shared Learning Services : Key Learnings Session 102 November 9, 2009.
Shibboleth Update a.k.a. “shibble-ware”

Shibboleth Update a.k.a. “shibble-ware”
Welcome to CAMP Identity Management Integration Workshop Ann West NMI-EDIT EDUCAUSE/Internet2.

Welcome to CAMP Identity Management Integration Workshop Ann West NMI-EDIT EDUCAUSE/Internet2.
Directories Update: Status & Next Steps Tom Barton, University of Chicago Keith Hazelton, University of Wisconsin.

Directories Update: Status & Next Steps Tom Barton, University of Chicago Keith Hazelton, University of Wisconsin.
Directories and PKI Keith Hazelton Senior IT Architect, UW-Madison PKI Summit, Snowmass, 9-Aug-01.

Directories and PKI Keith Hazelton Senior IT Architect, UW-Madison PKI Summit, Snowmass, 9-Aug-01.
FIM-ig Federated Identity Management Interest Group.

FIM-ig Federated Identity Management Interest Group.
07 May 2002, I2 Member Meeting MACE: Directories at Work Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Chair, MACE-Dir Working Group.

07 May 2002, I2 Member Meeting MACE: Directories at Work Keith Hazelton, Senior IT Architect, Univ. of Wisconsin-Madison Chair, MACE-Dir Working Group.
SWITCHaai Team Federated Identity Management.

SWITCHaai Team Federated Identity Management.

Similar presentations

Ads by Google