SURFfederatie - edugain. Opt-in Metadata Management for a Hub & Spoke Federation
|
|
- Lora Powers
- 8 years ago
- Views:
Transcription
1 SURFfederatie - edugain Opt-in Metadata Management for a Hub & Spoke Federation
2 Content - History of SURFfederatie - Federation models - Functional view - Consequences of hub & spoke - edugain - Future changes 1
3 Once upon a time
4 Federation models (communication/ login, not metadata) Business VS: SAML 1.x IDP SP - de-facto - NxN - Shared trust, pt2pt IDP IDP SP SP - Education VS/Europa IDP SP - 2xN - Central gateway (CFC) IDP SP - protocol translation - SURFfederatie IDP IDP CFC SP SP = CFC, IDP, SP 3
5 Functional view (Since August 2008) Identity Providers SURFfederatie CORE Service Providers A-Select Cross Credentials A-Select Cross Central Federation Components Shibboleth Applications SAML 2.0 SAML 2.0 WS-Fed / ADFS WS-Fed / ADFS 4
6 Metadata & proxying IDP1 SP1 A-1 B-1 IDP2 A-2 A-3 B-2 B-3 SP2 IDP3 SP3 SP1=A-1 {IDP1, IDP2} SP2=A-2 SP3=A-3 {all} IDP1=B-1 IDP2=B-2 IDP3=B-3 5
7 /-less operation IDP1 SP1 IDP2 IDP3 SP2 SP3 6
8 hub & spoke pros/cons Pros Cons - 1 connection for IDP/SP - Minimal overhead for IDPs - Centralized (technical) management - Specialist SN - Less needed for IDP/SP - Scales well at national level - Extra features easier to do - Web services - Group support - Procedures - release consent per SP - Key/cert/metadata changes - Lack of IDP - Double-edged sword - Scalability European level - Can only support common denominator 7
9 Importing edugain SPs SPz edugain IDP1 SP1 SPx=ddd IDP2 A-1 A-2 A-3 A-z B-1 B-2 B-3 SP2 SPy=eee SPz=fff IDP3 SP3 SP1=A-1 {IDP1, IDP2} IDP1=B-1 SP2=A-2 IDP2=B-2 SP3=A-3 {all} IDP3=B-3 SPz=A-z 8
10 Exporting IDPs edugain IDP1 SP1 SPx=ddd IDP2 A-1 A-2 A-3 A-z B-1 B-2 B-3 SP2 SPy=eee SPz=fff IDP3=B-3 IDP3 SP3 SP1=A-1 {IDP1, IDP2} IDP1=B-1 SP2=A-2 IDP2=B-2 SP3=A-3 {all} IDP3=B-3 SPz=A-z 9
11 Exporting SPs to edugain edugain IDP1 SP1 SPx=ddd IDP2 A-1 A-2 A-3 A-z B-1 B-2 B-3 SP2 SPy=eee SPz=fff SP3=SP3 IDP3 SP3 SP1=A-1 {IDP1, IDP2} IDP1=B-1 SP2=A-2 IDP2=B-2 SP3=A-3 {all} IDP3=B-3 IDPz SPz=A-z 10
12 SP auth list (optional) edugain IDP1 SP1 IDP2 IDP3 A-1 A-2 A-3 A-z B-1 B-2 B-3 SP2 SP3 SPx=ddd SPy=eee SPz=fff SP3=SP3 IDPx IDPy IDPz SP1=A-1 {IDP1, IDP2} SP2=A-2 SP3=A-3 {all} IDP1=B-1 IDP2=B-2 IDP3=B-3 Per SP auth list SP3: - IDP1 - IDP2 - IDPz IDPz SPz=A-z 11
13 SP auth list (optional) edugain IDP1 SP1 IDP2 IDP3 A-1 A-2 A-3 A-z B-1 B-2 B-3 SP2 SP3 SPx=ddd SPy=eee SPz=fff SP3=SP3 IDPx IDPy IDPz SP1=A-1 {IDP1, IDP2} SP2=A-2 SP3=A-3 {all} IDP1=B-1 IDP2=B-2 IDP3=B-3 Per SP auth list SP3: - IDP1 - IDP2 - IDPz IDPz SPz=A-z 12
14 Future plans - Integrate with SURFconext - Procedural/organisational - Technical (level of integration TBD) - Change of consent model - Opt-in à Opt-out - Addition of User Consent - Web Service support - Needed for (scientific) workflows - Rich client/beyond web SSO/mobile support - Rethink procedures/management 13
15 Remco Poortinga van Wijnen Presentation released under Creative Commons 14
16 15
17 Backup slides 16
18 URLs SP die wil meedoen moet SAML doen (want daarvoor zijn we geen proxy zoals normaal) 2 IDPS: SN & TERENA 1 SP: TERENA (MDS laat ook zien: TERENA IDP via gateway met URL encoded ipv SAML scoped (zoals ) -> niet iedereen implementeert dat, dus vanwege interop. Doen we het zo. Ook mogelijk om SP specifiek metadata te genereren (per SP uit onze fed) die niet zelf auth lijst willen bijhouden. Bevat SF IDPs + approved edugain IDPs 17 (C) 2011 SURFnet B.V.
19 Metadata Wij nu niet saml2int compliant. (behandelen attribs als format unspecified, moet uri zijn volgens spec) 18 (C) 2011 SURFnet B.V.
Разработка программного обеспечения промежуточного слоя. TERENA BASNET Workshop, 16-17 November 2009 Joost van Dijk - SURFnet
Разработка программного обеспечения промежуточного слоя TERENA BASNET Workshop, 16-17 November 2009 Joost van Dijk - SURFnet Contents - SURFnet Middleware Services department: - eduroam, SURFfederatie,
More informationRedIRIS Identity Service
RedIRIS Identity Service latest news and developments Jaime Pérez Middleware Engineer FAM11 London, November 09 th 2011 Intro & numbers The research & education federation in Spain Hub & Spoke Supports
More informationNew InCommon Working Groups
New InCommon Working Groups IAM Online August 13, 2014 Steve Carmody, Brown University Paul Caskey, University of Texas System Janemarie Duh, Lafayette College Keith Hazelton, University of Wisconsin Madison
More informationStep-up-authetication as a service
Step-up-authetication as a service Pieter van der Meulen Technical Product Manager For more details see the report at: http://www.surfnet.nl/ Documents/rapport_Step-up_Authentication-as-a- Service_Architecture_and_Procedures_final.pdf
More informationLicia Florio Project Development Officer licia@terena.org www.terena.org Identity Federations in Europe
APAN Conference Honolulu, Hawaii 24 January 2008 Licia Florio Project Development Officer licia@terena.org www.terena.org Identity Federations in Europe Outline Networking Organisations in Europe Requirements
More informationTRUST AND IDENTITY EXCHANGE TALK
TRUST AND IDENTITY EXCHANGE TALK Ken Klingenstein, Internet2 2015 Internet2 Trust and Identity Why It Matters An Identity Layer for the Internet Benefits for the Rest of the Stack What It Is Technologies
More informationCollaboration in the Cloud. Niels van Dijk, SURFnet, niels.vandijk@surfnet.nl CAMP, Nov 15 2013, San Francisco
Collaboration in the Cloud Niels van Dijk, SURFnet, niels.vandijk@surfnet.nl CAMP, Nov 15 2013, San Francisco R&E SURF in and The SURFnet Netherlands: SURF and SURFnet National Research & Education Network
More informationwhat can we do with botnet data?
what can we do with botnet data? prof.dr. Ronald Leenes r.e.leenes@uvt.nl TILT - Tilburg Institute for Law, Technology, and Society background SURFnet (Dutch NREN) was offered 700 GB of data obtained from
More informationAbout Me. #ccceu. @shapeblue. Software Architect with ShapeBlue Specialise in. 3 rd party integrations and features in CloudStack
Software Architect with ShapeBlue Specialise in. 3 rd party integrations and features in CloudStack About Me KVM, API, DB, Upgrades, SystemVM, Build system, various subsystems Contributor and Committer
More informationLoad Balancing Lync 2013. Jaap Wesselius
Load Balancing Lync 2013 Jaap Wesselius Agenda Introductie Interne Load Balancing Externe Load Balancing Reverse Proxy Samenvatting & Best Practices Introductie Load Balancing Lync 2013 Waarom Load Balancing?
More informationSD Departmental Meeting November 28 th, 2006. Ale de Vries Product Manager ScienceDirect Elsevier
ש בולת SD Departmental Meeting November 28 th, 2006 Ale de Vries Product Manager ScienceDirect Elsevier Shi... whát? : Shibboleth ש בולת [...] "stream, torrent". It derives from a story in the Hebrew Bible,
More informationIP-NBM. Copyright Capgemini 2012. All Rights Reserved
IP-NBM 1 De bescheidenheid van een schaker 2 Maar wat betekent dat nu 3 De drie elementen richting onsterfelijkheid Genomics Artifical Intelligence (nano)robotics 4 De impact van automatisering en robotisering
More informationEUDAT Federated AAI TF (Authentication Authorization Infrastructure Task Force)
EUDAT Federated AAI TF (Authentication Authorization Infrastructure Task Force) EUDAT WP5 Slides by Jens Jensen+AAITF Presented by Claudio Cacciari (c.cacciari@cineca.it) Date:2012/03/08 Outline Background
More informationHOL9449 Access Management: Secure web, mobile and cloud access
HOL9449 Access Management: Secure web, mobile and cloud access Kanishk Mahajan Principal Product Manager, Oracle September, 2014 Copyright 2014, Oracle and/or its affiliates. All rights reserved. Oracle
More informationFederation At Fermilab. Al Lilianstrom National Laboratories Information Technology Summit May 2015
Federation At Fermilab Al Lilianstrom National Laboratories Information Technology Summit May 2015 About Fermilab Since 1967, Fermilab has worked to answer fundamental questions and enhance our understanding
More informationIGI Portal architecture and interaction with a CA- online
IGI Portal architecture and interaction with a CA- online Abstract In the framework of the Italian Grid Infrastructure, we are designing a web portal for the grid and cloud services provisioning. In following
More informationVOPaaS Virtual Organisation Platform as a Service
VOPaaS Virtual Organisation Platform as a Service Marina Adomeit Task Leader, AMRES, Serbia Niels Van Dijk Technical Lead, SURFnet, The Netherlands FIM4R meeting Nov 30, 2015, Austria About VOPaaS in GÉANT
More informationIC Rating NPSP Composieten BV. 9 juni 2010 Variopool
IC Rating NPSP Composieten BV 9 juni 2010 Variopool AGENDA: The future of NPSP Future IC Rating TM NPSP Composieten BV 2 Bottom line 3 Bottom line 4 Definition of Intangibles The factors not shown in the
More informationWindows Azure Push Notifications
Windows Azure Push Notifications Edwin van Wijk Marco Kuiper #WAZUGPUSH Push Notifications Uitdagingen Oplossingen Windows Azure Demo Windows Azure Push Notifications 2 Introductie Edwin van Wijk edwinw@infosupport.com
More informationCloud federation. Prelude to Hybrid Clouds. CHEP 2015 Okinawa, Japan. Marek Denis CERN Geneva, Switzerland
Cloud federation CHEP 2015 Okinawa, Japan Prelude to Hybrid Clouds Marek Denis CERN Geneva, Switzerland Basic definitions OpenStack: An Open Source Cloud Managing System which allows implementors to: --
More informationStep-by-Step guide for SSO from MS Sharepoint 2010 to SAP EP 7.0x
Step-by-Step guide for SSO from MS Sharepoint 2010 to SAP EP 7.0x Sverview Trust between SharePoint 2010 and ADFS 2.0 Use article Federated Collaboration with Shibboleth 2.0 and SharePoint 2010 Technologies
More informationFederated Wikis Andreas Åkre Solberg andreas@uninett.no
Federated Wikis Andreas Åkre Solberg andreas@uninett.no Wikis in the beginning...in the beginning wikis were wide open. Great! - But then the spammers arrived. Password protected wikis Create yet another
More informationShibboleth N-Tier Support. Chad La Joie chad.lajoie@switch.ch
Shibboleth N-Tier Support Chad La Joie chad.lajoie@switch.ch Agenda Use Case Terminology Shibboleth Solution Future Effort Resources 2 Use Case Current use case comes from University of Chicago University
More informationOvercoming Barriers to Federation and Making IdPs Easier
Overcoming Barriers to Federation and Making IdPs Easier Paul Caskey, Internet2 Janemarie Duh, Lafayette College Chris Phillips, CANARIE David Walker, Internet2 Overview Barriers to Deploying an IdP and
More informationThe information in this report is confidential. So keep this report in a safe place!
Bram Voorbeeld About this Bridge 360 report 2 CONTENT About this Bridge 360 report... 2 Introduction to the Bridge 360... 3 About the Bridge 360 Profile...4 Bridge Behaviour Profile-Directing...6 Bridge
More informationSURFconext. Frans Ward - SURFnet. 7 th TF-Media - Paris, April 3 2013. Connecting Media Related Services to SURFconext. Wednesday, April 3, 13
SURFconext Connecting Media Related Services to SURFconext Frans Ward - SURFnet 7 th TF-Media - Paris, April 3 2013 What SURF can do National Research and Education Network. Ensures that researchers, instructors,
More informationFederated Identity Management. Willem Elbers (MPI-TLA) EUDAT training
Federated Identity Management Willem Elbers (MPI-TLA) EUDAT training Date: 26 June 2012 Outline FIM and introduction to components Federation and metadata National Identity federations and inter federations
More informationFederated Identity Management
Federated Identity Management AKA, Identity Federation or just Federation Siju Mammen SANReN 28th March 2013 Table of contents What is Federation? Main Actors in the Federation game Research and Education
More informationThe Importance of Collaboration
Welkom in de wereld van EDI en de zakelijke kansen op langer termijn Sectorsessie mode 23 maart 2016 ISRID VAN GEUNS IS WORKS IS BOUTIQUES Let s get connected! Triumph Without EDI Triumph Let s get connected
More informationGetting Started with Single Sign-On
Getting Started with Single Sign-On I. Introduction Your institution is considering or has already purchased Collaboratory from Treetop Commons, LLC. One benefit provided to member institutions is Single
More informationFederated Authentication and Credential Translation in the EUDAT Collaborative Data Infrastructure
Federated Authentication and Credential Translation in the EUDAT Collaborative Data Infrastructure Ahmed Shiraz Memon (JSC - DE) Jens Jensen (STFC escience - UK) Ales Cernivec (XLAB - SL) Krzysztof Benedyczak
More informationPolicy on ARCS eresearch Services Firewall Configuration Requests
Policy on ARCS eresearch Services Firewall Configuration Requests (Endorsed by CAUDIT Executive 29 July 2009) Introduction ARCS and CAUDIT have together sought to arrive at an agreed set of firewall configurations
More informationThis chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections:
CHAPTER 1 SAML Single Sign-On This chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections: Junos Pulse Secure Access
More informationSingle Sign-on. Overview. Using SSO with the Cisco WebEx and Cisco WebEx Meeting. Overview, page 1
Overview, page 1 Using SSO with the Cisco WebEx and Cisco WebEx Meeting Applications, page 1 Requirements, page 2 Configuration of in Cisco WebEx Messenger Administration Tool, page 3 Sample Installation
More informationAuthentication Integration
Authentication Integration VoiceThread provides multiple authentication frameworks allowing your organization to choose the optimal method to implement. This document details the various available authentication
More informationRisk-Based Monitoring
Risk-Based Monitoring Evolutions in monitoring approaches Voorkomen is beter dan genezen! Roelf Zondag 1 wat is Risk-Based Monitoring? en waarom doen we het? en doen we het al? en wat is lastig hieraan?
More informationEnd User Computing. Applications. Application Fabric / Data Fabric / PaaS. Software Defined Data Center
Storage Enterprise Data Center End User Computing Content-Aware Applications Security Analytics Application Fabric / Data Fabric / PaaS Software Defined Data Center Partners Service Provider vchs + Hans
More informationLogout Support on SP and Application
Logout Support on SP and application Logout Support on SP and Application Possibilities and and Limitations SWITCHaai Team aai@switch.ch Single Logout: Is it possible? Single Logout will work only in some
More informationTHE EMOTIONAL VALUE OF PAID FOR MAGAZINES. Intomart GfK 2013 Emotionele Waarde Betaald vs. Gratis Tijdschrift April 2013 1
THE EMOTIONAL VALUE OF PAID FOR MAGAZINES Intomart GfK 2013 Emotionele Waarde Betaald vs. Gratis Tijdschrift April 2013 1 CONTENT 1. CONCLUSIONS 2. RESULTS Reading behaviour Appreciation Engagement Advertising
More informationFederated Identity for Cloud Computing and Cross-organization Collaboration
Federated Identity for Cloud Computing and Cross-organization Collaboration Steve Moitozo Strategy and Architecture SIL International 20110616.2 (ICCM) Follow me @SteveMoitozo2 2 Huge Claims You want federated
More informationGFIPM & NIEF Single Sign-on Supporting all Levels of Government
GFIPM & NIEF Single Sign-on Supporting all Levels of Government Presenter: John Ruegg, Director LA County Information Systems Advisory Body (ISAB) & Chair, Global Federated ID & Privilege Management (GFIPM)
More informationSingle Sign On. SSO & ID Management for Web and Mobile Applications
Single Sign On and ID Management Single Sign On SSO & ID Management for Web and Mobile Applications Presenter: Manish Harsh Program Manager for Developer Marketing Platforms of NVIDIA (Visual Computing
More informationHow Single-Sign-On Improves The Usability Of Protected Services For Geospatial Data
2014 Fifth International Conference on Computing for Geospatial Research and Application How Single-Sign-On Improves The Usability Of Protected Services For Geospatial Data Andreas Matheus University of
More informationConfiguring EPM System 11.1.2.1 for SAML2-based Federation Services SSO
Configuring EPM System 11.1.2.1 for SAML2-based Federation Services SSO Scope... 2 Prerequisites Tasks... 2 Procedure... 2 Step 1: Configure EPM s WebLogic domain for SP Federation Services... 2 Step 2:
More informationIdentity and Access Management for Federated Resource Sharing: Shibboleth Stories
Identity and Access Management for Federated Resource Sharing: Shibboleth Stories http://arch.doit.wisc.edu/keith/apan/ apanshib-060122-01.ppt Keith Hazelton (hazelton@doit.wisc.edu) Sr. IT Architect,
More informationExperiences in Supporting Service Providers and User Communities. Lukas Hämmerle, GÉANT/SWITCH AAI@eduHR Conference 26 November 2014
Experiences in Supporting Service Providers and User Communities Lukas Hämmerle, GÉANT/SWITCH AAI@eduHR Conference 26 November 2014 Who am I! Work almost 10 years for SWITCH (Swiss NREN)! Mostly involved
More informationOVERVIEW. DIGIPASS Authentication for Office 365
OVERVIEW DIGIPASS for Office 365 Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is'; VASCO Data Security assumes no responsibility
More informationConfiguring ADFS 3.0 to Communicate with WhosOnLocation SAML
Configuring ADFS 3.0 to Communicate with WhosOnLocation SAML --------------------------------------------------------------------------------------------------------------------------- Contents Overview...
More informationDaan & Rembrandt Research Wendelien Daan By Willemijn Jongbloed Group D October 2009
Daan & Rembrandt Research Wendelien Daan By Willemijn Jongbloed Group D October 2009 Doing Dutch Often, the work of many Dutch artist; photographers, designers, and painters is easy to recognize among
More informationJOSSO 2.4. Ws-Federation Integration Tutorial
JOSSO 2.4 Ws-Federation Integration Tutorial JOSSO 2.4 : Ws-Federation Integration Tutorial 1. Introduction... 1 2. Prerequisites... 2 3. Defining Identity Appliance Elements... 3 3.1. SAML 2 Service Provider
More informationProject Géant-TrustBroker dynamic identity management across federation borders
Page 1/14 Project Géant-TrustBroker dynamic identity management across federation borders Daniela Pöhn, Stefan Metzger, Wolfgang Hommel Leibniz Supercomputing Centre, Bavarian Academy of Sciences and Humanities
More informationAutomated Testing of SAML 2.0 Service Providers. Andreas Åkre Solberg UNINETT andreas@uninett.no http://rnd.feide.no
Automated Testing of SAML 2.0 Service Providers Andreas Åkre Solberg UNINETT andreas@uninett.no http://rnd.feide.no Background 0% of SAML 2.0 implementations do SAML 100% correct. SAML includes alot of
More informationFederated Identity Management at NIH NIH Login and Beyond. Debbie Bucci October 2009
Federated Identity Management at NIH NIH Login and Beyond Debbie Bucci October 2009 About NIH National Institutes of Health (NIH) Part of the U.S. Dept. of Health & Human Services Primary Federal agency
More informationRelationele Databases 2002/2003
1 Relationele Databases 2002/2003 Hoorcollege 5 22 mei 2003 Jaap Kamps & Maarten de Rijke April Juli 2003 Plan voor Vandaag Praktische dingen 3.8, 3.9, 3.10, 4.1, 4.4 en 4.5 SQL Aantekeningen 3 Meer Queries.
More informationConnecting Web and Kerberos Single Sign On
Connecting Web and Kerberos Single Sign On Rok Papež ARNES aaa-podpora@arnes.si Terena networking conference Malaga, Spain, 10.6.2009 Kerberos Authentication protocol (No) authorization Single Sign On
More informationFederated Identity Management
Federated Identity Management SWITCHaai Team aai@switch.ch Agenda 2 What is Federated Identity Management? What is a Federation? The SWITCHaai Federation Interfederation Evolution of Identity Management
More informationIMPLEMENTING SINGLE SIGN- ON USING SAML 2.0 ON JUNIPER NETWORKS MAG SERIES JUNOS PULSE GATEWAYS
APPLICATION NOTE IMPLEMENTING SINGLE SIGN- ON USING SAML 2.0 ON JUNIPER NETWORKS MAG SERIES JUNOS PULSE GATEWAYS SAML 2.0 combines encryption and digital signature verification across resources for a more
More informationADFS Integration Guidelines
ADFS Integration Guidelines Version 1.6 updated March 13 th 2014 Table of contents About This Guide 3 Requirements 3 Part 1 Configure Marcombox in the ADFS Environment 4 Part 2 Add Relying Party in ADFS
More informationHoe kies je de juiste Microsoft Hosted Exchange Service Provider?
White Paper Cloud diensten zijn populairder dan ooit. Veel bedrijven zien nu dan ook de voordelen van het uitbesteden van bepaalde ICT onderdelen. Voordelen als: Beschikbaarheid van data, Snelle Implementatietijd
More informationIT@Intel. Improving Security and Productivity through Federation and Single Sign-on
White Paper Intel Information Technology Computer Manufacturing Security Improving Security and Productivity through Federation and Single Sign-on Intel IT has developed a strategy and process for providing
More informationEEN HUIS BESTUREN ALS EEN FABRIEK,
EEN HUIS BESTUREN ALS EEN FABRIEK, HOE DOE JE DAT? Henk Akkermans World Class Maintenance & Tilburg University Lezing HomeLab 2050, KIVI, 6 oktober, 2015 The opportunity: an industrial revolution is happening
More informationSAML Profile for Privacy-enhanced Federated Identity Management
SAML Profile for Privacy-enhanced Federated Identity Management Rainer Hörbe, Identinetics GmbH Abstract This profile for the SAML WebSSO use case specifies an enhancement that allows users to limit their
More information~ We are all goddesses, the only problem is that we forget that when we grow up ~
~ We are all goddesses, the only problem is that we forget that when we grow up ~ This brochure is Deze brochure is in in English and Dutch het Engels en Nederlands Come and re-discover your divine self
More informationMoodle and Office 365 Step-by-Step Guide: Federation using Active Directory Federation Services
Moodle and Office 365 Step-by-Step Guide: Federation using Active Directory Federation Services This document is provided as-is. Information and views expressed in this document, including URL and other
More informationEgnyte Single Sign-On (SSO) Configuration for Active Directory Federation Services (ADFS)
w w w. e g n y t e. c o m Egnyte Single Sign-On (SSO) Configuration for Active Directory Federation Services (ADFS) To set up ADFS so that your employees can access Egnyte using their ADFS credentials,
More informationThe end-to-end principle in the Internet. 15 maart 2005
The end-to-end principle in the Internet Jelmer Barhorst Carlos Groen Wouter Borremans Jan van Lith 15 maart 2005 Contents Introduction to e2e not to e2e NAT Discussion 1 Introduction 2 End to End principle
More informationHMA AWG Meeting Proposal for a Security Token Service - 29. September 2009 Marko Reiprecht con terra GmbH, Germany
HMA AWG Meeting Proposal for a Security Token Service - 29. September 2009 Marko Reiprecht con terra GmbH, Germany Goal Show the differences of two alternative federated user management specifications
More informationExtending DigiD to the Private Sector (DigiD-2)
TECHNISCHE UNIVERSITEIT EINDHOVEN Department of Mathematics and Computer Science MASTER S THESIS Extending DigiD to the Private Sector (DigiD-2) By Giorgi Moniava Supervisors: Eric Verheul (RU, PwC) L.A.M.
More informationCloud services Kees Neggers
Cloud services Kees Neggers Opportunities Dutch hhigher h education & research organizations interested in using cloud services: feature rich short development cycles familiar to their users cost reduction
More informationSAML SSO Configuration
SAML SSO Configuration Overview of Single Sign-, page 1 Benefits of Single Sign-, page 2 Overview of Setting Up SAML 2.0 Single Sign-, page 3 SAML 2.0 Single Sign- Differences Between Cloud-Based Meeting
More informationGMP-Z Annex 15: Kwalificatie en validatie
-Z Annex 15: Kwalificatie en validatie item Gewijzigd richtsnoer -Z Toelichting Principle 1. This Annex describes the principles of qualification and validation which are applicable to the manufacture
More informationTIB 2.0 Administration Functions Overview
TIB 2.0 Administration Functions Overview Table of Contents 1. INTRODUCTION 4 1.1. Purpose/Background 4 1.2. Definitions, Acronyms and Abbreviations 4 2. OVERVIEW 5 2.1. Overall Process Map 5 3. ADMINISTRATOR
More informationFederated Identity Management
Federated Identity Management SWITCHaai Introduction Course Bern, 1. March 2013 Thomas Lenggenhager aai@switch.ch Overview What is Federated Identity Management? What is a Federation? The SWITCHaai Federation
More informationemployager 1.0 design challenge
employager 1.0 design challenge a voyage to employ(ment) EMPLOYAGER 1.0 On the initiative of the City of Eindhoven, the Red Bluejay Foundation organizes a new design challenge around people with a distance
More informationAgenda. How to configure
dlaw@esri.com Agenda Strongly Recommend: Knowledge of ArcGIS Server and Portal for ArcGIS Security in the context of ArcGIS Server/Portal for ArcGIS Access Authentication Authorization: securing web services
More informationThe EUMETSAT EO Portal User Management Concept
The EUMETSAT EO Portal User Management Concept Second Workshop on the use of GIS/OGC standards in meteorology Météo-France International Conference Center 42 avenue Gaspard Coriolis, Toulouse, France 23.-25.
More informationTitle: A Client Middleware for Token-Based Unified Single Sign On to edugain
Title: A Client Middleware for Token-Based Unified Single Sign On to edugain Sascha Neinert Computing Centre University of Stuttgart, Allmandring 30a, 70550 Stuttgart, Germany e-mail: sascha.neinert@rus.uni-stuttgart.de
More informationVirtualisatie. voor desktop en beginners. Gert Schepens Slides & Notities op gertschepens.be
Virtualisatie voor desktop en beginners Gert Schepens Slides & Notities op gertschepens.be Op deze teksten is de Creative Commons Naamsvermelding- Niet-commercieel-Gelijk delen 2.0 van toepassing. Wat
More informationHow to create a SP and a IDP which are visible across tenant space via Config files in IS
How to create a SP and a IDP which are visible across tenant space via Config files in IS This Documentation is explaining the way to create a SP and IDP which works are visible to all the tenant domains.
More informationFederated Identity Management Solutions
Federated Identity Management Solutions Jyri Kallela Helsinki University of Technology jkallela@cc.hut.fi Abstract Federated identity management allows users to access multiple services based on a single
More informationOGH: : 11g in de praktijk
OGH: : 11g in de praktijk Real Application Testing SPREKER : E-MAIL : PATRICK MUNNE PMUNNE@TRANSFER-SOLUTIONS.COM DATUM : 14-09-2010 WWW.TRANSFER-SOLUTIONS.COM Real Application Testing Uitleg Real Application
More informationSURFnet Dashboard. Concept, Impressions and ideas. rene.scheffer@stroomt.com. High quality internet for higher Education and Research
1 SURFnet Concept, Impressions and ideas rene.scheffer@stroomt.com High quality internet for higher Education and Research 2 SURFnet Value Added Services Definition VAS is a collection of tools, knowledge
More informationWeb Services Security and Federated Identity Management
Web Services Security and Federated Identity Management Birgit Pfitzmann, bpf@zurich.ibm.com with Thomas Gross March 8, 2005 www.zurich.ibm.com Federated Identity Management (FIM) Roles Exchange Possible?
More informationGetting Started with AD/LDAP SSO
Getting Started with AD/LDAP SSO Active Directory and LDAP single sign- on (SSO) with Syncplicity Business Edition accounts allows companies of any size to leverage their existing corporate directories
More informationManaged Security Services Als je het doet moet je het goed doen.
Managed Security Services Als je het doet moet je het goed doen. Peter Mesker CTO IT SECURITY IS TOPSPORT! SecurePROTECT Managed Security Services security is een proces, geen product De uitdaging Don
More informationHP Software as a Service
HP Software as a Service Software Version: 6.1 Federated SSO Document Release Date: August 2013 Legal Notices Warranty The only warranties for HP products and services are set forth in the express warranty
More informationAAI for Mobile Apps How mobile Apps can use SAML Authentication and Attributes. Lukas Hämmerle lukas.haemmerle@switch.ch
AAI for Mobile Apps How mobile Apps can use SAML Authentication and Attributes Lukas Hämmerle lukas.haemmerle@switch.ch Berne, 13. August 2014 Introduction App by University of St. Gallen Universities
More informationAuthentication Methods
Authentication Methods Overview In addition to the OU Campus-managed authentication system, OU Campus supports LDAP, CAS, and Shibboleth authentication methods. LDAP users can be configured through the
More informationpassword, just as if you were accessing the SharePoint environment with a browser. This prompting is also handled via Windows.
FAQ s I. Product Overview 1. What is Microsoft SharePoint? Microsoft SharePoint is a business collaboration platform that enables teams to connect through formal and informal business communities and to
More informationTest Plan for Liberty Alliance SAML Test Event Test Criteria SAML 2.0
1 2 3 4 5 6 7 8 9 10 11 Test Plan for Liberty Alliance SAML Test Event Test Criteria SAML 2.0 Version 3.2.2 Editor: Kyle Meadors, Drummond Group Inc. Abstract: This document describes the test steps to
More informationThe saga of WebFTS and Federated Identity
The saga of WebFTS and Federated Identity Andrey Kiryanov IT/SDC 15/12/2014 The Reason: 2 What is a Federated Identity? It is the means of linking a person's electronic identity and attributes, stored
More informationOn A-Select and Federated Identity Management Systems
On A-Select and Federated Identity Management Systems Joost Reede August 4, 2007 Master s Thesis Information Systems Chair Computer Science Department University of Twente ii This thesis is supervised
More informationBroadening Iden-ty & Access Management: InCommon Federa-on
Broadening Iden-ty & Access Management: InCommon Federa-on John Krienke jcwk@internet2.edu 700 InCommon Participants Year-to-Year https://www.incommon.org/participants/ Number of Participants 600 500 400
More informationtotal dutch speak Dutch instantly no books no writing absolute confi dence
total dutch speak Dutch instantly no books no writing absolute confi dence d To find out more, please get in touch with us. For general enquiries and for information on Michel Thomas: Call: 020 7873 6400
More informationMicrosoft Office 365 Using SAML Integration Guide
Microsoft Office 365 Using SAML Integration Guide Revision A Copyright 2013 SafeNet, Inc. All rights reserved. All attempts have been made to make the information in this document complete and accurate.
More informationInfocard and Eduroam. Enrique de la Hoz, Diego R. López, Antonio García, Samuel Muñoz
Infocard and Eduroam Enrique de la Hoz, Diego R. López, Antonio García, Samuel Muñoz Index Introduction to Infocard Infocard usage usso using Infocard in eduroam Questions Infocard Artifact with a unique
More informationSAML 2.0 Configurations at SAP NetWeaver AS ABAP and Microsoft ADFS
SAML 2.0 Configurations at SAP NetWeaver AS ABAP and Microsoft ADFS Applies to: SAP Gateway 2.0 Summary This guide describes how you install and configure SAML 2.0 on Microsoft ADFS server and SAP NetWeaver
More informationNon-web federated authentication
Authors: Reviewers: Roland van Rijswijk, Joost van Dijk, François Kooman (SURFnet) Martijn Oostdijk, Jaap Reitsma (Novay) Remco Poortinga, Niels van Dijk, Pieter van der Meulen, Maarten Kremers (SURFnet)
More informationBringing Federated Identity to Grid Computing. Dave Dykstra dwd@fnal.gov CISRC16 April 6, 2016
Bringing Federated Identity to Grid Computing Dave Dykstra dwd@fnal.gov CISRC16 April 6, 2016 Outline Introduction & motivation Background Grid security & job management InCommon, CILogon, and SAML ECP
More information