Licia Florio Project Development Officer Identity Federations in Europe
|
|
- Roxanne Briggs
- 8 years ago
- Views:
Transcription
1 APAN Conference Honolulu, Hawaii 24 January 2008 Licia Florio Project Development Officer Identity Federations in Europe
2 Outline Networking Organisations in Europe Requirements for Identity Federations eduroam: the first working example Overview of federations in Europe edugain and DAMe Future work
3 Networking Organisations in Europe Two major networking organisations in Europe DANTE - Delivery of Advanced Networking To Europe Ltd. Operational organisation running the pan-european network backbone and managing the project that fund the GEANT2 network TERENA Trans European Research and Education Networking Organisation Collaborative organisation promoting research and innovation in technology testing and services TERENA does not run any network!
4 European R&E Networking Commercial Networks GÉANT2 Research Network Other Continents NREN 1 NREN 2 Campus1 Regional Network Campus2 Services TERENA Task Forces EU Projects Campus1 SCS TACAR
5 Identity Federations
6 How all started in Europe Problem to solve Provide wireless access only to authenticated users On-line anywhere, anytime Requirements Identify users uniquely at the edge of the network Multiple devices to get on-line from Guest access Scalable solution Following the model authenticate local, act global Easy to install and to use Open standards
7 The granny of federations: eduroam eduroam = education roaming To provide federated network access For the institutions participating in eduroam Started in a very simple way: NRENs active in the TERENA task-force on mobility share their wireless connections eduroam technology 802.1X + RADIUS
8 Eduroam Participating Countries Eduroam in EU and APAN 500+ institutions connected
9 eduroam Today Since 2005 part of GÉANT2 Federation of national eduroam federations eduroam European policy under approval within GÉANT2 Only regulates the EU peering National policies applies at national level GÉANT2 eduroam European Service launched in September 2007 Monitoring and trouble ticketing system
10 TERENA Role in eduroam TERENA is involved in the GÉANT2 eduroam service activity Part of the operational team (OT) Website Monitoring tool RADIUS admins database eduroam trademark still belongs to TERENA
11 Beyond network access Research community requirements go beyond network access Increasing dynamics in the education system Students can access courses in other faculties Students take some course units abroad On-line courses are more common Users want to access the same services no matter where they are Grid: example of access to distributed resources More institutions dealing with the same users means: Multiple registration of users Overhead to manage guest users Increased possibility of error in managing the users records
12 Identity Federations Why Identity Federation: To enable sharing of educational resources Network (Wireless and/or not) Applications Online learning systems What is needed to set-up an Identity Federation: Require agreement on: Legal Framework and Policies Trust Technology Security Common Language Interoperability Identity Federations key element: authentication performed by user home institution authz performed by the service provider
13 Identity Federations building blocks Identity Provider (IdP) Organisation that performs the identity verification for the users For resources belonging to the federation Service Provider (SP) Service offered to the user based on the authentication provided by the Identity Provider
14 Identity Federations Model Trust Identity Provider Service Provider SAML request SAML response redirect
15 European Landscape Identity Federations (or simply federations) are being developed at national level by the NRENs: Italy, Germany, Ireland, Czech Republic starting now Different (open source) technologies are used Shibboleth: UK, Finland, Switzerland,Germany Most used technology But not the only one :-) PAPI: Spain A-Select: the Netherlands Sun Federation Manager based upon Liberty Alliance specification: Norway
16 Identity Federations Interoperability All these solutions are now inter-operable They all recognize Security Assertion Markup Language (SAML) as the standard to transfer information (assertions) among each other Today converging towards SAML2.0 edugain is the way federations communicate in Europe Inter-operability between eduroam and SAMLbased federations being worked on via DAMe project
17 edugain Problem to solve: Allow different identity federations (with different semantics too) to interoperate Solution: Translate technologies via bridging elements Translate semantics via attribute mapping definitions Create repository of all known IdPs: the edugain MetaDataService (MDS) Works like a repository to publish metadata Very lightway model
18 edugain Status edugain is currently: Pilot status Some applications are starting using it Starting to apply edugain beyond Web access like perfsonar or DAMe
19 Introducing SAML in eduroam: DAMe DAMe = Deploying Authentication Mechanisms for federated service in eduroam architecture Project funded via GÉANT2 Project started in 2006 and carried over by: University of Murcia (Spain), University of Stuttgart (Germany), DFN (German NREN), RedIRIS (Spanish NREN) DAMe first objective: Original eduroam: AuthN <=> AuthZ DAMe eduroam: AuthZ is made from AuthN (RADIUS) plus attributes (SAML)
20 DAMe New Generation DAMe now: eduroam infrastructure extended to generate (at user home institution) a signed SAML (1.1) token Token contains authn info Token stored on the user s device Token is used when user access some protected resources in other federations Via edugain
21 Plugging other technologies New technologies are coming along: OpenId (based on the user centric approach) gaining momentum In OpenId your URL is your ID URLs globally unique Users have control on the content accessed via the URL Mainly used for wikis, blogs etc The idea is to extend the national federation to support OpenId or other emerging technologies FEIDE and PAPI already support gateway to OpenId
22 TERENA support TF-EMC2 Task force on Middleware technologies in higher education TF-Mobility Task force on Mobility ECAM Steering committee for middleware activities REFEDS: Research and Education Federations Only looking at higher education federations Aim of the group: discuss technical specifications as well as policies to define procedures and guidelines to allow for interoperability of federations. First international REFEDS meeting:prague September 2007 Next REFEDS meeting: May 18, 2008 during the TERENA Conference
23 Conclusions There will not be one unique multipurpose federation Different federations to fit different communities No matter what technology as long as it is standardbased (SAML) solution Confederations are the way to bridge the various federations edugain models proves to work It is easy to plug new technologies edugain policy is under preparation In this context eduroam will become one of edugain services TERENA is much engaged to support these developments
24 Links TF-EMC2: TF-Mobility REFEDS: Survey of current federations: ECAM: DAME: eduroam: GÉANT2:
A Federated Authorization and Authentication Infrastructure for Unified Single Sign On
A Federated Authorization and Authentication Infrastructure for Unified Single Sign On Sascha Neinert Computing Centre University of Stuttgart Allmandring 30a 70550 Stuttgart sascha.neinert@rus.uni-stuttgart.de
More informationTitle: A Client Middleware for Token-Based Unified Single Sign On to edugain
Title: A Client Middleware for Token-Based Unified Single Sign On to edugain Sascha Neinert Computing Centre University of Stuttgart, Allmandring 30a, 70550 Stuttgart, Germany e-mail: sascha.neinert@rus.uni-stuttgart.de
More informationDAMe Deploying Authorization Mechanisms for Federated Services in the eduroam Architecture
DAMe Deploying Authorization Mechanisms for Federated Services in the eduroam Architecture Sascha Neinert Marseille, 06.02.2008, Sascha Neinert, 06.02.2008 Seite 1 Overview Project Goals Partners Network
More informationFederated Wikis Andreas Åkre Solberg andreas@uninett.no
Federated Wikis Andreas Åkre Solberg andreas@uninett.no Wikis in the beginning...in the beginning wikis were wide open. Great! - But then the spammers arrived. Password protected wikis Create yet another
More informationRedIRIS Identity Service
RedIRIS Identity Service latest news and developments Jaime Pérez Middleware Engineer FAM11 London, November 09 th 2011 Intro & numbers The research & education federation in Spain Hub & Spoke Supports
More informationРазработка программного обеспечения промежуточного слоя. TERENA BASNET Workshop, 16-17 November 2009 Joost van Dijk - SURFnet
Разработка программного обеспечения промежуточного слоя TERENA BASNET Workshop, 16-17 November 2009 Joost van Dijk - SURFnet Contents - SURFnet Middleware Services department: - eduroam, SURFfederatie,
More informationperfsonar AAI for network-oriented services Cándido Rodríguez candido.rodriguez@rediris.es
perfsonar AAI for network-oriented services Cándido Rodríguez candido.rodriguez@rediris.es 10 th TF-EMC2 Meeting - Marseille, 4 th -5 th February 08 1.16 Agenda 1.Scenario of perfsonar 2. Using edugain
More informationA Shibboleth View of Federated Identity. Steven Carmody Brown Univ./Internet2 March 6, 2007 Giornata AA - GARR
A Shibboleth View of Federated Identity Steven Carmody Brown Univ./Internet2 March 6, 2007 Giornata AA - GARR Short Section Title Agenda Assumptions and Trends Identity Management and Shibboleth Shibboleth
More informationExperiences in Supporting Service Providers and User Communities. Lukas Hämmerle, GÉANT/SWITCH AAI@eduHR Conference 26 November 2014
Experiences in Supporting Service Providers and User Communities Lukas Hämmerle, GÉANT/SWITCH AAI@eduHR Conference 26 November 2014 Who am I! Work almost 10 years for SWITCH (Swiss NREN)! Mostly involved
More informationIdentity and Access Management for Federated Resource Sharing: Shibboleth Stories
Identity and Access Management for Federated Resource Sharing: Shibboleth Stories http://arch.doit.wisc.edu/keith/apan/ apanshib-060122-01.ppt Keith Hazelton (hazelton@doit.wisc.edu) Sr. IT Architect,
More informationTF-AACE. Deliverable B.2. Deliverable B2 - The Authentication Component =============================================
TF-AACE Deliverable B.2 Define the components and protocols to guarantee a harmonized operation of A&A systems Deliverable B2 - The Authentication Component =============================================
More informationFederated Identity Management. Willem Elbers (MPI-TLA) EUDAT training
Federated Identity Management Willem Elbers (MPI-TLA) EUDAT training Date: 26 June 2012 Outline FIM and introduction to components Federation and metadata National Identity federations and inter federations
More informationFederated Identity Management for Research Communities (FIM4R)
Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL, UK) david.kelsey@stfc.ac.uk Federations Virtual Day 19 Jun 2013 Who am I? Head of Particle Physics Computing at RAL
More informationAn Infocard-based proposal for unified SSO to eduroam
An Infocard-based proposal for unified SSO to eduroam Enrique de la Hoz, Antonio García, Diego López, Samuel Muñoz University of Alcala (Spain), RedIRIS (Spain) TNC2009, Málaga (Spain), June 9 th 2009
More informationMasdar Institute Single Sign-On: Standards-based Identity Federation. John Mikhael ICT Department jmikhael@masdar.ac.ae
Masdar Institute Single Sign-On: Standards-based Identity Federation John Mikhael ICT Department jmikhael@masdar.ac.ae Agenda The case for Single Sign-On (SSO) Types of SSO Standards-based Identity Federation
More informationIdentity Management and E-learning Standards for Promoting the Sharing of Contents and Services in Higher Education
Identity Management and E-learning Standards for Promoting the Sharing of Contents and Services in Higher Education Paulo Alves ¹, James Uhomoibhi ² EUNIS E-learning Task Force ¹ ² ¹Instituto Politécnico
More informationEnabling a federated environment to support biomedical research. Gianmauro Cuccuru CRS4
Enabling a federated environment to support biomedical research Gianmauro Cuccuru CRS4 ELIXIR connects national bioinformatics centres and EMBL- EBI into a sustainable European infrastructure for biological
More informationIdentity Management and E-learning Standards for Promoting the Sharing of Contents and Services in Higher Education
Identity Management and E-learning Standards for Promoting the Sharing of Contents and Services in Higher Education Paulo Alves ¹, James Uhomoibhi ² EUNIS E-learning Task Force ¹ ² ¹Instituto Politécnico
More informationIntegrating Multi-Factor Authentication into Your Campus Identity Management System
Integrating Multi-Factor Authentication into Your Campus Identity Management System Mike Grady, Unicon David Walker, Internet2 (both associated with the Internet2 Scalable Privacy Project) Agenda Multi-Context
More informationFederations 101. An Introduction to Federated Identity Management. Peter Gietz, Martin Haase
Authentication and Authorisation for Research and Collaboration Federations 101 An Introduction to Federated Identity Management Peter Gietz, Martin Haase AARC NA2 Task 2 - Outreach and Dissemination DAASI
More informationForth TF- Mobility meeting. Minutes
Forth TF- Mobility meeting Date: 30th January 2004 Venue: TERENA, Amsterdam Minutes Attendees Hansruedi Born (HB) Tim Chown (TC) (streaming) Licia Florio (LC) Carles Fragoso (CF) Jan Furman (JF) Luis Guido
More informationThe case for federation
The case for federation Josh Howlett JANET(UK) SIRIKT 2009 Overview 1. What is federated identity? 2. Case study: the UK federation. 3. The future of federated identity. What is federated identity? At
More informationProject Moonshot. TF-EMC2 & TF-Mobility. Vienna, 17 th February. Josh Howlett, JANET(UK) Image Viatour Luc (http://www.lucnix.be)
Project Moonshot TF-EMC2 & TF-Mobility Vienna, 17 th February Josh Howlett, JANET(UK) Image Viatour Luc (http://www.lucnix.be) Introduction "[I]f you go for a complete client stack revamp [...] then I
More informationSD Departmental Meeting November 28 th, 2006. Ale de Vries Product Manager ScienceDirect Elsevier
ש בולת SD Departmental Meeting November 28 th, 2006 Ale de Vries Product Manager ScienceDirect Elsevier Shi... whát? : Shibboleth ש בולת [...] "stream, torrent". It derives from a story in the Hebrew Bible,
More informationA new Service Activity: SA6 In support of European collaboration
A new Service Activity: SA6 In support of European collaboration András Kovács (NIIF/HUNGARNET) 5 th GÉANT2 Technical Workshop Rome, 23/01/2008 Addressed Problems No coordination between NREN VoIP/VC support
More informationFederated Identity Management and Shibboleth. Noreen Hogan Asst. Director Enterprise Admin. Applications
Federated Identity Management and Shibboleth Noreen Hogan Asst. Director Enterprise Admin. Applications Federated Identity Management Management of digital identity/credentials (username/password) Access
More informationTRUST AND IDENTITY EXCHANGE TALK
TRUST AND IDENTITY EXCHANGE TALK Ken Klingenstein, Internet2 2015 Internet2 Trust and Identity Why It Matters An Identity Layer for the Internet Benefits for the Rest of the Stack What It Is Technologies
More informationDeliverable D9.2 Market Analysis for Virtual Organisation Platform as a Service (VOPaaS)
19-11-2015 Contractual Date: 30-09-2015 Actual Date: 19-11-2015 Grant Agreement No.: 691567 Activity: SA5 Task Item: 4 Nature of Deliverable: R (Report) Dissemination Level: PU (Public) Lead Partner: AMRES
More informationEnabling SAML for Dynamic Identity Federation Management
Enabling SAML for Dynamic Identity Federation Management Patricia Arias, Florina Almenárez, Andrés Marín and Daniel Díaz-Sánchez University Carlos III of Madrid http://pervasive.gast.it.uc3m.es/ WMNC 2009
More informationNew InCommon Working Groups
New InCommon Working Groups IAM Online August 13, 2014 Steve Carmody, Brown University Paul Caskey, University of Texas System Janemarie Duh, Lafayette College Keith Hazelton, University of Wisconsin Madison
More informationFunded by the European Union s H2020 Programme. D4.1 Virtual Collaboration Platform
Funded by the European Union s H2020 Programme D4.1 Virtual Collaboration Platform 1 PROJECT DOCUMENTATION SHEET Project Acronym Project Full Title : TANDEM : TransAfrican Network Development Grant Agreement
More informationVOPaaS Virtual Organisation Platform as a Service
VOPaaS Virtual Organisation Platform as a Service Marina Adomeit Task Leader, AMRES, Serbia Niels Van Dijk Technical Lead, SURFnet, The Netherlands FIM4R meeting Nov 30, 2015, Austria About VOPaaS in GÉANT
More informationGN3plus JRA3 T1 Attribute and Group management in the AAI environment
GN3plus JRA3 T1 Attribute and Group management in the AAI environment Maarten Kremers, SURFnet Internet2 Technology Exchange 2014, Indianapolis, IN October 29 th 2014 GÉANT (GN3plus) - vital to the EU
More informationTERENA Trusted Cloud Drive
SUCRE Workshop Open Source Clouds in the public sector 16-17 April, 2013 Poznan, Poland Peter Szegedi Project Development Officer szegedi@terena.org www.terena.org TERENA Trusted Cloud Drive Unleashing
More informationHow Single-Sign-On Improves The Usability Of Protected Services For Geospatial Data
2014 Fifth International Conference on Computing for Geospatial Research and Application How Single-Sign-On Improves The Usability Of Protected Services For Geospatial Data Andreas Matheus University of
More informationShibboleth Development and Support Services. OpenID and SAML. Fiona Culloch, EDINA. EuroCAMP, Stockholm, 7 May 2008
OpenID and SAML Fiona Culloch, EDINA EuroCAMP, Stockholm, 7 May 2008 What is OpenID for? In principle, an OpenID is a universal username, valid across multiple, unrelated services E.g., I have fculloch.protectnetwork.org
More informationAdding Federated Identity Management to OpenStack
Adding Federated Identity Management to OpenStack David Chadwick University of Kent 3 December 2012 University of Kent 1 Some Definitions What is Identity? A whole set of attributes that in combination
More informationThe GISELA Science Gateway
The GISELA Science Gateway Roberto Barbera (roberto.barbera@ct.infn.it) University of Catania and INFN - Italy TICAL 2012 Lima, 3 July 2012 Introduction and driving considerations The Catania Science Gateway
More informationeduroam in Asian countries - - benefits, and 4ps for opera4on - -
36th APAN Mee4ng Aug. 22, 2013, Daejeon, Korea eduroam in Asian countries - - benefits, and 4ps for opera4on - - Hideaki Goto, Tohoku University, Japan Motonori Nakamura, NII, Japan Hideaki Sone, Tohoku
More informationLets get a federated identity. Intro to Federated Identity. Feide OpenIdP. Enter your email address. Do you have access to your email?
Lets get a feated identity Intro to Feated Identity EuroCAMP Training for APAN32 This work is licensed un a Creative Commons Attribution ShareAlike 3.0 Unported License. Do you have access to your email?
More informationIdentity Management. Critical Systems Laboratory
Identity Management Critical Systems What is Identity Management? Identity: a set of attributes and values, which might or might not be unique Storing and manipulating identities Binding virtual identities
More informationKeeping access control while moving to the cloud. Presented by Zdenek Nejedly Computing & Communications Services University of Guelph
Keeping access control while moving to the cloud Presented by Zdenek Nejedly Computing & Communications Services University of Guelph 1 Keeping access control while moving to the cloud Presented by Zdenek
More informationCase Study: SSO for All: SSOCircle Makes Single Sign-On Available to Everyone
Case Study: SSO for All: SSOCircle Makes Single Sign-On Available to Everyone Although single sign-on (SSO) technology based on Liberty standards is being rapidly adopted by businesses, governments and
More informationeduroam(radius based Federation)
eduroam(radius based Federation) Deokjai Choi (Chonnam National University, Korea) 2015. 8. 18 WHAT IS eduroam? eduroam: EDUcation ROAMing Provides secure internet access for academic roamers. User experience
More informationCampus Best Practices What s that?
Campus Best Practices What s that? Vidar Faltinsen GÉANT3 Task Leader CTO UNINETT Wireless workshop, Stockholm March 13 2013 The GÉANT projects GN3: 2009-2013 GN3+: 2013-2015! Enable research communities
More informationStandardisation of eduroam Testing, Monitoring, Metrics and Support Tools
STANDARDISATION OF EDUROAM TESTING, MONITORING, METRICS AND SUPPORT TOOLS Page 1/16 20 January 2014 Standardisation of eduroam Testing, Monitoring, Metrics and Support Tools Neil Witheridge neil.witheridge@aarnet.edu.au
More informationAAA for IMOS: Australian Access Federation & related components
AAA for IMOS: Australian Access Federation & related components James Dalziel Professor of Learning Technology, and Director, Macquarie E-Learning Centre Of Excellence (MELCOE) Macquarie University james@melcoe.mq.edu.au
More informationFederated Identity Management Solutions
Federated Identity Management Solutions Jyri Kallela Helsinki University of Technology jkallela@cc.hut.fi Abstract Federated identity management allows users to access multiple services based on a single
More informationBob Jones Technical Director bob.jones@cern.ch
Bob Jones Technical Director bob.jones@cern.ch CERN - August 2003 EGEE is proposed as a project to be funded by the European Union under contract IST-2003-508833 EGEE Goal & Strategy Goal: Create a wide
More informationConfiguring Single Sign-on from the VMware Identity Manager Service to ServiceNow
Configuring Single Sign-on from the VMware Identity Manager Service to ServiceNow VMware Identity Manager AUGUST 2015 V1 Configuring Single Sign-On from VMware Identity Manager to ServiceNow Table of Contents
More informationManaging identities. TICAL 2012, Lima, Peru Roland Hedberg <roland.hedberg@adm.umu.se> tisdag 3 juli 12
Managing identities TICAL 2012, Lima, Peru Roland Hedberg Who am I? Got into networking in 1987 Managed computer networks and network applications Worked with standardisation
More informationAMRES Experience with Implementing the Campus Best Practices Model
AMRES Experience with Implementing the Campus Best Practices Model Mara Bukvić University of Belgrade Computer Centre University of Belgrade Belgrade, Serbia e-mail: mara@rcub.bg.ac.rs Abstract This paper
More informationIdentity opens the participation age. Dr. Rainer Eschrich. Program Manager Identity Management Sun Microsystems GmbH
Identity opens the participation age Open Web Single Sign- On und föderierte SSO Dr. Rainer Eschrich Program Manager Identity Management Sun Microsystems GmbH Agenda The Identity is the Network Driving
More informationLogout in Single Sign-on Systems
Logout in Single Sign-on Systems Sanna Suoranta, Asko Tontti, Joonas Ruuskanen, Tuomas Aura IFIP IDMAN, London, UK, 8-9.4.2013 Logout in Single Sign-on Systems Motivation Single sign-on (SSO) systems SSO
More informationShibboleth Identity Provider (IdP) Sebastian Rieger sebastian.rieger@gwdg.de
Shibboleth Identity Provider (IdP) Sebastian Rieger sebastian.rieger@gwdg.de Gesellschaft für wissenschaftliche Datenverarbeitung mbh Göttingen, Germany CLARIN AAI Hands On Workshop, 25.02.2009, Oxford
More informationShibboLEAP Project. Final Report: School of Oriental and African Studies (SOAS) Colin Rennie
ShibboLEAP Project Final Report: School of Oriental and African Studies (SOAS) Colin Rennie May 2006 Shibboleth Implementation at SOAS Table of Contents Introduction What this document contains Who writes
More informationOpenSSO: Cross Domain Single Sign On
OpenSSO: Cross Domain Single Sign On Version 0.1 History of versions Version Date Author(s) Changes 0.1 11/30/2006 Dennis Seah Contents Initial Draft. 1 Introduction 1 2 Single Domain Single Sign-On 2
More informationKlaus Schmeh. Identity Super Hero
Klaus Schmeh Identity Super Hero My name is Klaus Schmeh, consultant at cryptovision. I m going to give an overview on identity initiatives. First of all, we need a model. This is our model mail server
More informationThe UK Access Management Federation
Connecting People to Resources The UK Access Management Federation Nicole Harris Programme Manager Joint Information Systems Committee 19/10/2006 Slide 1 Federations within the UK: Unique Issues The need
More informationThe role of authentication and eid interoperability in the access to scientific databases
The role of authentication and eid interoperability in the access to scientific databases Fernando M. Silva Instituto Superior Técnico Lisboa, Portugal 13-14 November 2013, UP Fernando M Silva Outline
More informationSchichtenübergreifendes Identitätsmanagement zwischen HIP und SAML
Schichtenübergreifendes Identitätsmanagement zwischen HIP und SAML Ein Architekturkonzept Supported by the SWIFT project www.ist-swift.org Marc Barisch, Alfredo Matos marc.barisch@ikr.uni-stuttgart.de,
More informationEnabling Federation and Web-Single Sign-On in Heterogeneous Landscapes with the Identity Provider and Security Token Service Supplied by SAP NetWeaver
Enabling Federation and Web-Single Sign-On in Heterogeneous Landscapes with the Identity Provider and Security Token Service Supplied by SAP NetWeaver SAP Product Management, SAP NetWeaver Identity Management
More informationFederated Access Control in Heterogeneous Intercloud Environment: Basic Models and Architecture Patterns
Federated Access Control in Heterogeneous Intercloud Environment: Basic Models and Architecture Patterns Craig Lee, The Aerospace Corporation On behalf of Yuri Demchenko, Craig Lee, Canh Ngo, Cees de Laat
More informationApplication of the PAPI authn and authz system to the TJ-II Remote Participation environment. Madrid, 21 March 2003
Application of the PAPI authn and authz system to the TJ-II Remote Participation environment Madrid, 21 March 2003 Outline An introduction to PAPI A short tour on PAPI internals Applying PAPI in the TJ-II
More informationDeliverable DS5.1.1: eduroam Service Definition and Implementation Plan
07.01.08 Deliverable DS5.1.1: eduroam Service Definition and Implementation Plan Deliverable DS5.1.1 Contractual Date: 31/10/07 Actual Date: 07/01/08 Contract Number: 511082 Instrument type: Integrated
More informationLiberty Alliance. What's After Federation. Fulup Ar Foll Master Architect Sun Microsystems
Liberty Alliance What's After Federation Fulup Ar Foll Master Architect Sun Microsystems What's About Federation Federation of providers (CoT), a group of entities providing services who signed agreement,
More informationLeveraging New Business Models with Identity Management An e-learning case study
Leveraging New Business Models with Identity Management An e-learning case study José M. del Álamo DIT, Universidad Politécnica de Madrid, Ciudad Universitaria s/n, 28040 Madrid, Spain jmdela@dit.upm.es,
More informationFederated Authentication and Credential Translation in the EUDAT Collaborative Data Infrastructure
Federated Authentication and Credential Translation in the EUDAT Collaborative Data Infrastructure Ahmed Shiraz Memon (JSC - DE) Jens Jensen (STFC escience - UK) Ales Cernivec (XLAB - SL) Krzysztof Benedyczak
More informationConfiguring Single Sign-on from the VMware Identity Manager Service to WebEx
Configuring Single Sign-on from the VMware Identity Manager Service to WebEx VMware Identity Manager SEPTEMBER 2015 V 2 Configuring Single Sign-On from VMware Identity Manager to WebEx Table of Contents
More informationFederated Identity for Cloud Computing and Cross-organization Collaboration
Federated Identity for Cloud Computing and Cross-organization Collaboration Steve Moitozo Strategy and Architecture SIL International 20110616.2 (ICCM) Follow me @SteveMoitozo2 2 Huge Claims You want federated
More informationHP Software as a Service
HP Software as a Service Software Version: 6.1 Federated SSO Document Release Date: August 2013 Legal Notices Warranty The only warranties for HP products and services are set forth in the express warranty
More informationNew Generation of Liberty. for Enterprise. Fulup Ar Foll, Sun Microsystems Fulup@sun.com
New Generation of Liberty TEG Federated Progress Architecture Update for Enterprise Fulup Ar Foll, Sun Microsystems fulup@sun.com 1 Identity Framework Problematic User Seamless (nothing is too simple)
More informationOpenAM All-In-One solution to securely manage access to digital enterprise and customer services, anytime and anywhere.
OpenAM All-In-One solution to securely manage access to digital enterprise and customer services, anytime and anywhere. OpenAM, the only all-in-one open source access management solution, provides the
More informationHP Software as a Service. Federated SSO Guide
HP Software as a Service Federated SSO Guide Document Release Date: July 2014 Legal Notices Warranty The only warranties for HP products and services are set forth in the express warranty statements accompanying
More informationInternet2 middleware initiative: past, present and future
Internet2 middleware initiative: past, present and future Heather Boyles, Internet2 heather@internet2.edu APAN Meeting 22 January 2006 Akihabara, Tokyo, Japan Credit: thanks to Ken Klingenstein and the
More informationAccelerate Without Fear: Extend Your Enterprise with Identity Federation. Kirk Brown CTO, Identity Management Sun Microsystems
Accelerate Without Fear: Extend Your Enterprise with Identity Federation Kirk Brown CTO, Identity Management Sun Microsystems 1 Welcome to the Participation Age Enterprise Collaborative Industry Networks,
More informationFlexible Identity Federation
Flexible Identity Federation Quick start guide version 1.0.1 Publication history Date Description Revision 2015.09.23 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services
More informationAPAN Task Force proposal
Task Force proposal for Federation Deployment in the Asia Pacific Region Version 1.0 Prepared by Terry Smith Australian Access Federation November 2014 Page 1 of 14 1. Acknowledgements 2. Contributors
More informationDocuSign Single Sign On Implementation Guide Published: March 17, 2016
DocuSign Single Sign On Implementation Guide Published: March 17, 2016 Copyright Copyright 2003-2016 DocuSign, Inc. All rights reserved. For information about DocuSign trademarks, copyrights and patents
More informationGetting Started with Single Sign-On
Getting Started with Single Sign-On I. Introduction Your institution is considering or has already purchased Collaboratory from Treetop Commons, LLC. One benefit provided to member institutions is Single
More informationIdentiFi and Eduroam Roaming Wireless Service Integration CONFIGURATION GUIDE
IdentiFi and Eduroam Roaming Wireless Service Integration CONFIGURATION GUIDE TABLE OF CONTENTS Introduction... 3 Prerequisites... 3 Design and Deployment Overview... 4 Configuring the wireless SSID and
More informationOpen Source Identity Integration with OpenSSO
Open Source Identity Integration with OpenSSO April 19, 2008 Pat Patterson Federation Architect pat.patterson@sun.com blogs.sun.com/superpat Agenda Web Access Management > The Problem > The Solution >
More informationInfocard and Eduroam. Enrique de la Hoz, Diego R. López, Antonio García, Samuel Muñoz
Infocard and Eduroam Enrique de la Hoz, Diego R. López, Antonio García, Samuel Muñoz Index Introduction to Infocard Infocard usage usso using Infocard in eduroam Questions Infocard Artifact with a unique
More informationIdentity, Privacy, and Data Protection in the Cloud XACML. David Brossard Product Manager, Axiomatics
Identity, Privacy, and Data Protection in the Cloud XACML David Brossard Product Manager, Axiomatics 1 What you will learn The issue with authorization in the cloud Quick background on XACML 3 strategies
More informationGÉANT IaaS suppliers meeting Towards Pan-European Cloud Services. Utrecht October 14 2015
GÉANT IaaS suppliers meeting Towards Pan-European Cloud Services Utrecht October 14 2015 Why and what TODAY More information about IaaS delivery through GÉANT Tender Provider GÉANT interaction Opportunity
More informationLes technologies de gestion de l identité
Commission Identité Numérique Groupe de travail Gestion des identités Les technologies de gestion de l identité ATELIER 1 Paul TREVITHICK, CEO de Parity Responsable projet Higgins Président Fondation Infocard
More informationCloud federation. Prelude to Hybrid Clouds. CHEP 2015 Okinawa, Japan. Marek Denis CERN Geneva, Switzerland
Cloud federation CHEP 2015 Okinawa, Japan Prelude to Hybrid Clouds Marek Denis CERN Geneva, Switzerland Basic definitions OpenStack: An Open Source Cloud Managing System which allows implementors to: --
More informationFederated access to Grid resources http://tinyurl.com/loubf
Federated access to Grid resources http://tinyurl.com/loubf Keith Hazelton (hazelton@wisc.edu) Internet2 Middleware Architecture Comm. for Ed. APAN, Singapore, 19-July-06 Topics http://tinyurl.com/loubf
More informationIssues in federated identity management
Issues in federated identity management Sandy Shaw EDINA IASSIST 24-27 May 2005, Edinburgh 1 Contents Federated identity management overview Open issues for federations 2 Introduction Federated identity
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Canadian Access Federation: Trust Assertion Document (TAD) Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert authoritative and accurate identity attributes
More information2.1.1 This policy and any future changes requires ratification by CAUDIT.
1.0 Background to this document 1.1 This document sets out guidelines that cover the control of the supply and receipt of Internet access for educational purposes, that is primarily (but not exclusively)
More informationComplementary notes to the agenda of the 34th TERENA General Assembly meeting Luxembourg, Luxembourg, 20-21 October 2010
7. Feedback from Member Visits In 2008, a series of bilateral meetings was started between TERENA member organisations and members of the TEC and TERENA Secretariat staff, with the purpose to discuss at
More informationZendesk SSO with Cloud Secure using MobileIron MDM Server and Okta
Zendesk SSO with Cloud Secure using MobileIron MDM Server and Okta Configuration Guide Product Release Document Revisions Published Date 1.0 1.0 May 2016 Pulse Secure, LLC 2700 Zanker Road, Suite 200 San
More informationMAGIC. Collaboration Tools and Agreements for Global Communities
MAGIC Collaboration Tools and Agreements for Global Communities María José López and Brook Schofield RedCLARA and GÉANT Organization 22-10-15 ICT2015, Networking session: Towards global research e-infrastructures
More informationServer based signature service. Overview
1(11) Server based signature service Overview Based on federated identity Swedish e-identification infrastructure 2(11) Table of contents 1 INTRODUCTION... 3 2 FUNCTIONAL... 4 3 SIGN SUPPORT SERVICE...
More informationDynamic Circuit Network (DCN) / perfsonar Shared Infrastructure
Dynamic Circuit Network (DCN) / perfsonar Shared Infrastructure Tom Lehman USC/ISI Network Cyberinfrastructure Application Classes: Bulk Transport 2-Way Interactive Video Real-Time Communications others.
More informationFederation Are We Ready? Alec Cartwright Authentication Common Capability Design Authority
Federation Are We Ready? Alec Cartwright Authentication Common Capability Design Authority copyright of British Telecommunications plc 2006 Abstract As a large organisation with many partners BT has been
More informationSecure the Web: OpenSSO
Secure the Web: OpenSSO Sang Shin, Technology Architect Sun Microsystems, Inc. javapassion.com Pat Patterson, Principal Engineer Sun Microsystems, Inc. blogs.sun.com/superpat 1 Agenda Need for identity-based
More informationA Framework for Security e-irg, Zürich, April 2008. Christoph Graf christoph.graf@switch.ch
A Framework for Security e-irg, Zürich, April 2008 Christoph Graf christoph.graf@switch.ch Outline What is Security? or: Where s the Security Layer? Naming is always a problem or: What is the plural form
More informationIMPLEMENTING SINGLE SIGN- ON USING SAML 2.0 ON JUNIPER NETWORKS MAG SERIES JUNOS PULSE GATEWAYS
APPLICATION NOTE IMPLEMENTING SINGLE SIGN- ON USING SAML 2.0 ON JUNIPER NETWORKS MAG SERIES JUNOS PULSE GATEWAYS SAML 2.0 combines encryption and digital signature verification across resources for a more
More information