RedIRIS Identity Service
|
|
- Ariel Sullivan
- 8 years ago
- Views:
Transcription
1 RedIRIS Identity Service latest news and developments Jaime Pérez Middleware Engineer FAM11 London, November 09 th 2011
2 Intro & numbers The research & education federation in Spain Hub & Spoke Supports multiple protocols SAML OpenID PAPI OAuth edugain STORK IdPs, 189 SPs More than 1M potential users
3 Growth Usage heavily raised last months due to services in the cloud: Google Apps
4 Problems The service became critical for our community If it stops working, users won t be able to work, read their So we need: A new, more scalable and reliable infrastructure A monitoring/diagnostics tool
5 Action #1 Monitor the infrastructure Based on nagios and JMeter software It consists of a nagios plugin and a JMeter test plan to run automated checks The key is to simulate the behavior of the user and his browser Must be completely independent of the underlying technology Remember. SIR federation is multi-protocol Users know nothing about technology, just make use of it!
6 Action #1 Monitor the infrastructure We deployed a brand new platform which gathered international recognition: TERENA TF-EMC 2 TERENA Networking Conference 11slew (Prague) A set of Open Source tools Many countries asked for the software to deploy the same platform: Denmark Portugal Greece Italy Australia
7 Action #1 Monitor the infrastructure Currently integrated within our Monitoring Service Users can manage the system and see the stats online:
8 Action #1 Monitor the infrastructure
9 Action #1 Monitor the infrastructure
10 Action #1 Monitor the infrastructure
11 Action #1 Monitor the infrastructure
12 Action #1 Monitor the infrastructure Monthly reports are sent by Administrators can manage and schedule downtimes Next steps: Find some solution suitable for IdPs making heavy use of JavaScript Start monitoring Service Providers
13 Action #2 New infrastructure We wanted something more scalable and reliable Moving from Perl to PHP based infrastructure Our central hub is based on our own protocol, PAPI: Simpler to manage Simpler to deploy Lightweight A completely new Discovery Service (WAYF), with support for mobile users A new module to ask for consent
14 Action #2 New infrastructure The new WAYF: process indications
15 Action #2 New infrastructure The new WAYF: multi-language
16 Action #2 New infrastructure The new WAYF: Service Provider identification
17 Action #2 New infrastructure The new WAYF: search by name, acronym
18 Action #2 New infrastructure The new WAYF: search by region
19 Action #2 New infrastructure The new WAYF: accessible/mobile versions
20 Action #2 New infrastructure The new WAYF: accessible/mobile versions
21 Action #2 New infrastructure The consent module: follow the process
22 Action #2 New infrastructure The consent module: multi-language
23 Action #2 New infrastructure The consent module: IdP & SP recognition
24 Action #2 New infrastructure The consent module: comprehensive attributes
25 Action #3 Collect better stats We are already collecting stats, but need something more flexible As we are migrating our infrastructure, we are also rationalizing how we collect statistics: Group by SPs Group by IdPs Relate both We have a web interface ready for us and the service administrators in our institutions Will include all SPs as soon as we finish the migration
26 Action #3 Collect better stats Web interface: group by SP
27 Action #3 Collect better stats Web interface: group by IdP
28 Action #3 Collect better stats Web interface: daily usage per IdP
29 Action #3 Collect better stats Web interface: daily accesses per IdP to an SP
30 Inter-federation STORK Aims to create an European eid interoperability platform It will enable secure access to online services between Member States It will be tested through 5 pilots: Pilot 3: student s mobility Online access to university services, using national eids for eidentification and esignature
31 Inter-federation STORK Extends SAML2 to request extra information, as: QAA level Requested attributes <stork:requestedattribute Name= NameFormat= urn:oasis:names:tc:saml:2.0:attrname-format:uri isrequired= true!!<saml:attributevalue>16</saml:attributevalue>! </ stork:requestedattribute>! New gateway in SIR, based on the STORK core library SIR performs on demand attribute mapping from STORK definitions to HE standards
32 Inter-federation
33 Inter-federation STORK 15 universities connected, 9 active Main use cases: Pre-enrollment of Erasmus students Authentication of Spanish citizens with a higher LoA Initial contacts established for STORK2 support Collaboration between edugain (GN3 Project) and STORK
34 Inter-federation edugain GÉANT academic inter-federation service Based on SAML2, federates federations Went into production in April 2011 Current uptake: SIR is an early adopter, but currently allowing only the RedIRIS Identity Provider Internal opt-in process for SIR IdPs is under validation: Entities must join SIR prior to joining edugain Becoming an edugain entity may require signing an additional inter-federation policy
35 Questions? Thanks for listening!
Licia Florio Project Development Officer licia@terena.org www.terena.org Identity Federations in Europe
APAN Conference Honolulu, Hawaii 24 January 2008 Licia Florio Project Development Officer licia@terena.org www.terena.org Identity Federations in Europe Outline Networking Organisations in Europe Requirements
More informationTRUST AND IDENTITY EXCHANGE TALK
TRUST AND IDENTITY EXCHANGE TALK Ken Klingenstein, Internet2 2015 Internet2 Trust and Identity Why It Matters An Identity Layer for the Internet Benefits for the Rest of the Stack What It Is Technologies
More informationMasdar Institute Single Sign-On: Standards-based Identity Federation. John Mikhael ICT Department jmikhael@masdar.ac.ae
Masdar Institute Single Sign-On: Standards-based Identity Federation John Mikhael ICT Department jmikhael@masdar.ac.ae Agenda The case for Single Sign-On (SSO) Types of SSO Standards-based Identity Federation
More informationEnabling a federated environment to support biomedical research. Gianmauro Cuccuru CRS4
Enabling a federated environment to support biomedical research Gianmauro Cuccuru CRS4 ELIXIR connects national bioinformatics centres and EMBL- EBI into a sustainable European infrastructure for biological
More informationVOPaaS Virtual Organisation Platform as a Service
VOPaaS Virtual Organisation Platform as a Service Marina Adomeit Task Leader, AMRES, Serbia Niels Van Dijk Technical Lead, SURFnet, The Netherlands FIM4R meeting Nov 30, 2015, Austria About VOPaaS in GÉANT
More informationРазработка программного обеспечения промежуточного слоя. TERENA BASNET Workshop, 16-17 November 2009 Joost van Dijk - SURFnet
Разработка программного обеспечения промежуточного слоя TERENA BASNET Workshop, 16-17 November 2009 Joost van Dijk - SURFnet Contents - SURFnet Middleware Services department: - eduroam, SURFfederatie,
More informationTrustedX: eidas Platform
TrustedX: eidas Platform Identification, authentication and electronic signature platform for Web environments. Guarantees identity via adaptive authentication and the recognition of either corporate,
More informationFederated Identity Management. Willem Elbers (MPI-TLA) EUDAT training
Federated Identity Management Willem Elbers (MPI-TLA) EUDAT training Date: 26 June 2012 Outline FIM and introduction to components Federation and metadata National Identity federations and inter federations
More informationFederated Identity Management
Federated Identity Management SWITCHaai Team aai@switch.ch Agenda 2 What is Federated Identity Management? What is a Federation? The SWITCHaai Federation Interfederation Evolution of Identity Management
More informationIdentity and Access Management for Federated Resource Sharing: Shibboleth Stories
Identity and Access Management for Federated Resource Sharing: Shibboleth Stories http://arch.doit.wisc.edu/keith/apan/ apanshib-060122-01.ppt Keith Hazelton (hazelton@doit.wisc.edu) Sr. IT Architect,
More informationToward campus portal with shibboleth middleware
Toward campus portal with shibboleth middleware Eisuke Ito and Masanori Nakakuni itou@cc.kyushu u.ac.jp, Kyushu University nak@fukuoka u.ac.jp, Fukuoka University Outline 1. Background 2. Shibboleth 3.
More informationA Shibboleth View of Federated Identity. Steven Carmody Brown Univ./Internet2 March 6, 2007 Giornata AA - GARR
A Shibboleth View of Federated Identity Steven Carmody Brown Univ./Internet2 March 6, 2007 Giornata AA - GARR Short Section Title Agenda Assumptions and Trends Identity Management and Shibboleth Shibboleth
More informationCAS s IDP system and resources in Education Cloud
CAS s IDP system and resources in Education Cloud DAREN ZHA CANS2015, Chengdu Outline CAS s IDP system and Education Cloud introduction Problems of interoperation A interoperation plan CAS s Education
More informationFederated Authentication and Credential Translation in the EUDAT Collaborative Data Infrastructure
Federated Authentication and Credential Translation in the EUDAT Collaborative Data Infrastructure Ahmed Shiraz Memon (JSC - DE) Jens Jensen (STFC escience - UK) Ales Cernivec (XLAB - SL) Krzysztof Benedyczak
More informationMY1LOGIN SOLUTION BRIEF: PROVISIONING. Automated Provisioning of Users Access to Apps
MY1LOGIN SOLUTION BRIEF: PROVISIONING Automated Provisioning of Users Access to Apps MY1LOGIN SOLUTION BRIEF: PROVISIONING Automated Provisioning of Users Access to Apps The ability to centrally provision
More informationTitle: A Client Middleware for Token-Based Unified Single Sign On to edugain
Title: A Client Middleware for Token-Based Unified Single Sign On to edugain Sascha Neinert Computing Centre University of Stuttgart, Allmandring 30a, 70550 Stuttgart, Germany e-mail: sascha.neinert@rus.uni-stuttgart.de
More informationTopics. Context. Scalable Privacy. Frontiers. R&E federations globally InCommon
Scalable Privacy Topics Context R&E federations globally InCommon Scalable Privacy MFA Deliverables Citizen-centric attribute deliverables Privacy managers Anonymous credentials In support of trust Periodic
More informationA Federated Authorization and Authentication Infrastructure for Unified Single Sign On
A Federated Authorization and Authentication Infrastructure for Unified Single Sign On Sascha Neinert Computing Centre University of Stuttgart Allmandring 30a 70550 Stuttgart sascha.neinert@rus.uni-stuttgart.de
More informationNew InCommon Working Groups
New InCommon Working Groups IAM Online August 13, 2014 Steve Carmody, Brown University Paul Caskey, University of Texas System Janemarie Duh, Lafayette College Keith Hazelton, University of Wisconsin Madison
More informationFederated Identity Management Interest Group
1 Federated Identity Management Interest Group The FIM interest group (FIMig) is an international crossdomain interest group to work on all issues related to the use FIM for the implementation of AAIs
More informationFederated Wikis Andreas Åkre Solberg andreas@uninett.no
Federated Wikis Andreas Åkre Solberg andreas@uninett.no Wikis in the beginning...in the beginning wikis were wide open. Great! - But then the spammers arrived. Password protected wikis Create yet another
More informationHOL9449 Access Management: Secure web, mobile and cloud access
HOL9449 Access Management: Secure web, mobile and cloud access Kanishk Mahajan Principal Product Manager, Oracle September, 2014 Copyright 2014, Oracle and/or its affiliates. All rights reserved. Oracle
More informationThe Top 5 Federated Single Sign-On Scenarios
The Top 5 Federated Single Sign-On Scenarios Table of Contents Executive Summary... 1 The Solution: Standards-Based Federation... 2 Service Provider Initiated SSO...3 Identity Provider Initiated SSO...3
More informationHEDM and Integration. Michael Agnew Vice President, Localization Solutions
HEDM and Integration Michael Agnew Vice President, Localization Solutions Agenda 1 The challenges faced 2 The potential benefits 3 How the HeDM relates to the Irish HE sector 4 Q&A The challenges faced
More informationFederations 101. An Introduction to Federated Identity Management. Peter Gietz, Martin Haase
Authentication and Authorisation for Research and Collaboration Federations 101 An Introduction to Federated Identity Management Peter Gietz, Martin Haase AARC NA2 Task 2 - Outreach and Dissemination DAASI
More informationJune 5, 2013 Ken Klingenstein. Identity Management, the Cloud, NSTIC and Accessibility
June 5, 2013 Ken Klingenstein Identity Management, the Cloud, NSTIC and Accessibility Identity Management, the Cloud, NSTIC and Accessibility Contents Internet Identity Today Two types of cloud use cases
More informationSingle Sign On. SSO & ID Management for Web and Mobile Applications
Single Sign On and ID Management Single Sign On SSO & ID Management for Web and Mobile Applications Presenter: Manish Harsh Program Manager for Developer Marketing Platforms of NVIDIA (Visual Computing
More informationCollaboration in the Cloud. Niels van Dijk, SURFnet, niels.vandijk@surfnet.nl CAMP, Nov 15 2013, San Francisco
Collaboration in the Cloud Niels van Dijk, SURFnet, niels.vandijk@surfnet.nl CAMP, Nov 15 2013, San Francisco R&E SURF in and The SURFnet Netherlands: SURF and SURFnet National Research & Education Network
More informationKeeping access control while moving to the cloud. Presented by Zdenek Nejedly Computing & Communications Services University of Guelph
Keeping access control while moving to the cloud Presented by Zdenek Nejedly Computing & Communications Services University of Guelph 1 Keeping access control while moving to the cloud Presented by Zdenek
More informationManaging identities. TICAL 2012, Lima, Peru Roland Hedberg <roland.hedberg@adm.umu.se> tisdag 3 juli 12
Managing identities TICAL 2012, Lima, Peru Roland Hedberg Who am I? Got into networking in 1987 Managed computer networks and network applications Worked with standardisation
More informationProject Moonshot. TF-EMC2 & TF-Mobility. Vienna, 17 th February. Josh Howlett, JANET(UK) Image Viatour Luc (http://www.lucnix.be)
Project Moonshot TF-EMC2 & TF-Mobility Vienna, 17 th February Josh Howlett, JANET(UK) Image Viatour Luc (http://www.lucnix.be) Introduction "[I]f you go for a complete client stack revamp [...] then I
More informationOpenAM All-In-One solution to securely manage access to digital enterprise and customer services, anytime and anywhere.
OpenAM All-In-One solution to securely manage access to digital enterprise and customer services, anytime and anywhere. OpenAM, the only all-in-one open source access management solution, provides the
More informationSURFfederatie - edugain. Opt-in Metadata Management for a Hub & Spoke Federation
SURFfederatie - edugain Opt-in Metadata Management for a Hub & Spoke Federation Content - History of SURFfederatie - Federation models - Functional view - Consequences of hub & spoke - edugain - Future
More informationEUDAT Federated AAI TF (Authentication Authorization Infrastructure Task Force)
EUDAT Federated AAI TF (Authentication Authorization Infrastructure Task Force) EUDAT WP5 Slides by Jens Jensen+AAITF Presented by Claudio Cacciari (c.cacciari@cineca.it) Date:2012/03/08 Outline Background
More informationOnline Identity Attribute Exchange 2013-2014 Initiatives
Online Identity Attribute Exchange 2013-2014 Initiatives Agenda Overview AXN Services Framework Demonstration NSTIC Pilots Summary ABAC Services Attribute Exchange Network Page 2 AXN - Enabling IT & Other
More informationDeliverable D9.2 Market Analysis for Virtual Organisation Platform as a Service (VOPaaS)
19-11-2015 Contractual Date: 30-09-2015 Actual Date: 19-11-2015 Grant Agreement No.: 691567 Activity: SA5 Task Item: 4 Nature of Deliverable: R (Report) Dissemination Level: PU (Public) Lead Partner: AMRES
More informationExtend and Enhance AD FS
Extend and Enhance AD FS December 2013 Sponsored By Contents Extend and Enhance AD FS By Sean Deuby Introduction...2 Web Service SSO Architecture...3 AD FS Overview...5 Ping Identity Solutions...7 Synergy
More informationFederated Identity Management
Federated Identity Management SWITCHaai Introduction Course Bern, 1. March 2013 Thomas Lenggenhager aai@switch.ch Overview What is Federated Identity Management? What is a Federation? The SWITCHaai Federation
More informationperfsonar AAI for network-oriented services Cándido Rodríguez candido.rodriguez@rediris.es
perfsonar AAI for network-oriented services Cándido Rodríguez candido.rodriguez@rediris.es 10 th TF-EMC2 Meeting - Marseille, 4 th -5 th February 08 1.16 Agenda 1.Scenario of perfsonar 2. Using edugain
More informationShibboleth N-Tier Support. Chad La Joie chad.lajoie@switch.ch
Shibboleth N-Tier Support Chad La Joie chad.lajoie@switch.ch Agenda Use Case Terminology Shibboleth Solution Future Effort Resources 2 Use Case Current use case comes from University of Chicago University
More informationSouth Africa's Federated Identity Management Initiative
Abstract South Africa's Federated Identity Management Initiative Siju A. MAMMEN SANREN, Building 43d, CSIR, Meiring Naude Rd. Brummeria, Pretoria, South Africa Tel: +27 12 841 4213, Fax +27 12 841 4223,
More informationIdentity Management Systems for Collaborations and Virtual Organizations
Identity Management Systems for Collaborations and Virtual Organizations Topics Update on Internet identity IdM Systems for Virtual Organizations Goals Early Implementations Issues and Discussions Update
More informationInteroperate in Cloud with Federation
Interoperate in Cloud with Federation - Leveraging federation standards can accelerate Cloud computing adoption by resolving vendor lock-in issues and facilitate On Demand business requirements Neha Mehrotra
More informationFederated Identity Management Solutions
Federated Identity Management Solutions Jyri Kallela Helsinki University of Technology jkallela@cc.hut.fi Abstract Federated identity management allows users to access multiple services based on a single
More informationShibboLEAP Project. Final Report: School of Oriental and African Studies (SOAS) Colin Rennie
ShibboLEAP Project Final Report: School of Oriental and African Studies (SOAS) Colin Rennie May 2006 Shibboleth Implementation at SOAS Table of Contents Introduction What this document contains Who writes
More informationOSOR.eu eid/pki/esignature Community Workshop in Brussels, 13. November 2008 IT Architect Søren Peter Nielsen - spn@itst.dk
The OIOSAML Toolkits Accelerating a common egov infrastructure using open source reference implementations OSOR.eu eid/pki/esignature Community Workshop in Brussels, 13. November 2008 IT Infrastructure
More informationIT@Intel. Improving Security and Productivity through Federation and Single Sign-on
White Paper Intel Information Technology Computer Manufacturing Security Improving Security and Productivity through Federation and Single Sign-on Intel IT has developed a strategy and process for providing
More informationFlexible Identity Federation
Flexible Identity Federation Quick start guide version 1.0.1 Publication history Date Description Revision 2015.09.23 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services
More informationFederated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning.
PingFederate We went with PingFederate because it s based on standards like SAML, which are important for a secure implementation. John Davidson Senior Product Manager, Opower PingFederate is the leading
More informationStep-up-authetication as a service
Step-up-authetication as a service Pieter van der Meulen Technical Product Manager For more details see the report at: http://www.surfnet.nl/ Documents/rapport_Step-up_Authentication-as-a- Service_Architecture_and_Procedures_final.pdf
More informationSAML and OAUTH comparison
SAML and OAUTH comparison DevConf 2014, Brno JBoss by Red Hat Peter Škopek, pskopek@redhat.com, twitter: @pskopek Feb 7, 2014 Abstract SAML and OAuth are one of the most used protocols/standards for single
More informationIdentity Management: Background, Principles, GENI
Identity Management: Background, Principles, GENI Topics Internet identity What s been happening Gaps Identity Management Includes identity and access control via groups and roles Adapting apps to use
More informationSD Departmental Meeting November 28 th, 2006. Ale de Vries Product Manager ScienceDirect Elsevier
ש בולת SD Departmental Meeting November 28 th, 2006 Ale de Vries Product Manager ScienceDirect Elsevier Shi... whát? : Shibboleth ש בולת [...] "stream, torrent". It derives from a story in the Hebrew Bible,
More informationAddressing threats to real-world identity management systems
Addressing threats to real-world identity management systems Wanpeng Li and Chris J Mitchell Information Security Group Royal Holloway, University of London Agenda Single sign-on and identity management
More informationMy Private Cloud. Project Objectives
My Private Cloud David W Chadwick University of Kent 1 Dec 2011 IEEE CloudCom 2011 1 Project Objectives Migrate (as much as possible in 6 months of) the trust, security and privacy preserving infrastructure
More informationA Framework for Security e-irg, Zürich, April 2008. Christoph Graf christoph.graf@switch.ch
A Framework for Security e-irg, Zürich, April 2008 Christoph Graf christoph.graf@switch.ch Outline What is Security? or: Where s the Security Layer? Naming is always a problem or: What is the plural form
More informationFAME-PERMIS Project. University of Manchester University of Kent. London, July 2006
FAME-PERMIS Project University of Manchester University of Kent London, July 2006 FAME-PERMIS Project Stands for Flexible Authentication Middleware Extension to PERMIS Addresses Access Management with
More informationTREADING THE PATH THE PORTUGUESE ADMINISTRATIVE MODERNIZATION EXPERIENCE
AGENCY FOR THE ADMINISTRATIVE MODERNIZATION TREADING THE PATH THE PORTUGUESE ADMINISTRATIVE MODERNIZATION EXPERIENCE PAULO NEVES PRESIDENT OF THE BOARD CHALLENGES HOW TO ADAPT AND SURVIVE IN A PERMANENT
More informationFederated Identity Management for Research Communities (FIM4R)
Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL, UK) david.kelsey@stfc.ac.uk Federations Virtual Day 19 Jun 2013 Who am I? Head of Particle Physics Computing at RAL
More informationCan We Reconstruct How Identity is Managed on the Internet?
Can We Reconstruct How Identity is Managed on the Internet? Merritt Maxim February 29, 2012 Session ID: STAR 202 Session Classification: Intermediate Session abstract Session Learning Objectives: Understand
More informationGARR Cloud Services. GARR strategy towards the provisioning of Cloud Services. Mario.Reale@garr.it. On behalf of the GARR Cloud Team
Cloud Services strategy towards the provisioning of Cloud Services Mario.Reale@garr.it On behalf of the Cloud Team Fabio Farina, Mario Reale, Cristiano Valli, Fulvio Galeazzi, Simon Vocella, Andrea Biancini,
More informationThe Future of Cloud Identity Security. Michael Schwartz Founder / CEO Gluu
The Future of Cloud Identity Security Michael Schwartz Founder / CEO Gluu Session ID: IAM-207 Session Classification: General Interest Background 2 Finally an Internet Identity Foundation 3 Who is behind
More informationOpenID Connect for SURFconext
OpenID Connect for SURFconext Assessment of the OpenID Connect protocol for Federations of Higher Education and Research Project : Samenwerkingsinfrastructuur Projectjaar : 2012 Projectmanager : Bas Zoetekouw
More informationOAuth2lib Based Groups Management Tool for Authorization and Services Aggregation
Thursday 16th June 2011 Poster Session OAuth2lib Based Groups Management Tool for Authorization and Services Aggregation 1. INTRODUCTION Over recent years we have witnessed the emergence and consolidation
More informationAn introduction of several development activities related to Shibboleth and Web browser-based simple PKI
An introduction of several development activities related to Shibboleth and Web browser-based simple PKI Toyokazu Akiyama 1, Motonori Nakamura 2, Takeshi Nishimura 2, Kazutsuna Yamaji 2, Yukiko Kawai 1
More informationPRODUCT BRIEF OpenAM. Delivering secure access for customers, applications, devices and things
PRODUCT BRIEF OpenAM Delivering secure access for customers, applications, devices and things Introduction Identity and access management is going through a new golden age. CEOs are pushing growth as their
More informationVISION Cloud: Highlighting challenges on Federation. Interoperability for data storage cloud. OGF 35 June 17-19, 2012 Delft, Netherlands
OGF 35 June 17-19, 2012 Delft, Netherlands : Highlighting challenges on Federation & Interoperability for data storage cloud Massimo Villari University of Messina, Italy OUTLINE Data lock-in Issue aims
More informationA Standards-based Mobile Application IdM Architecture
A Standards-based Mobile Application IdM Architecture Abstract Mobile clients are an increasingly important channel for consumers accessing Web 2.0 and enterprise employees accessing on-premise and cloud-hosted
More informationCloud Computing and Government Services August 2013 Serdar Yümlü SAMPAŞ Information & Communication Systems
eenviper White Paper #4 Cloud Computing and Government Services August 2013 Serdar Yümlü SAMPAŞ Information & Communication Systems 1 Executive Summary Cloud computing could revolutionise public services
More informationVAO Single Sign-on with OpenID
VAO Single Sign-on with OpenID Ray Plante VAO NCSA 20 October 2011 IVOA Interoperability 20 Meeting October -- Pune 2011 IVOA Interoperability Meeting -- Pune Common Identities across the VO VAO Single
More informationDESIGN OF A PLATFORM OF VIRTUAL SERVICE CONTAINERS FOR SERVICE ORIENTED CLOUD COMPUTING. Carlos de Alfonso Andrés García Vicente Hernández
DESIGN OF A PLATFORM OF VIRTUAL SERVICE CONTAINERS FOR SERVICE ORIENTED CLOUD COMPUTING Carlos de Alfonso Andrés García Vicente Hernández 2 INDEX Introduction Our approach Platform design Storage Security
More informationMiddleware integration in the Sympa mailing list software. Olivier Salaün - CRU
Middleware integration in the Sympa mailing list software Olivier Salaün - CRU 1. Sympa, its middleware connectors 2. Sympa web authentication 3. CAS authentication 4. Shibboleth authentication 5. Sympa
More informationOnline Identity Attribute Exchange 2013-2014 Initiatives
Online Identity Attribute Exchange 2013-2014 Initiatives Agenda Overview AXN Services Framework Demonstration NSTIC Pilots Summary ABAC Services Attribute Exchange Network Page 2 AXN - Enabling IT & Other
More informationSecuring Identities & Trust
Securing Identities & Trust Agenda About Safelayer Identities & Trust eidas (eid, Authentication and Signature) Use case: Izenpe Mobile eidas services Safelayer Demo Portal Q& A? WWW.SAFELAYER.COM 2 About
More informationMIT Tech Talk, May 2013 Justin Richer, The MITRE Corporation
MIT Tech Talk, May 2013 Justin Richer, The MITRE Corporation Approved for Public Release Distribution Unlimited 13-1871 2013 The MITRE Corporation All Rights Reserved } OpenID Connect and OAuth2 protocol
More informationNISTIC Pilot - Attribute Exchange Network. Biometric Consortium Conference - 2013
NISTIC Pilot - Attribute Exchange Network Biometric Consortium Conference - 2013 Market Development Startup (2011) Unrealized Large Market Potential Evolving Value Props & Use-Cases Evolving Tech/Policy
More informationOpen Government Data Initiative. Dejan Cvetkovic Regional Technology Officer, Microsoft CEE Athens, Greece, December 1 st, 2011
Open Government Data Initiative OGDI Dejan Cvetkovic Regional Technology Officer, Microsoft CEE Athens, Greece, December 1 st, 2011 http://ec.europa.eu/information_society/policy/psi/docs/pdfs/pira_study/commercial_final_report.pdf
More informationLogout in Single Sign-on Systems
Logout in Single Sign-on Systems Sanna Suoranta, Asko Tontti, Joonas Ruuskanen, Tuomas Aura IFIP IDMAN, London, UK, 8-9.4.2013 Logout in Single Sign-on Systems Motivation Single sign-on (SSO) systems SSO
More informationSAML 101. Executive Overview WHITE PAPER
SAML 101 Executive Overview Today s enterprise employees use an ever-increasing number of applications, both enterprise hosted and in the Cloud, to do their jobs. What s more, they are accessing those
More informationIntegrating Apex into Federated Environment using SAML 2.0. Jon Tupman Portalsoft Solutions Ltd
Integrating Apex into Federated Environment using SAML 2.0 Jon Tupman Portalsoft Solutions Ltd Introduction Migration challenge Federated vs Single sign-on SAML process flow Integrating Apex and Weblogic
More informationSingle Logout. TF-EMC2 2010 Vienna 17 th February 2010. Kristóf Bajnok NIIF Institute
TF-EMC2 2010 Vienna 17 th February 2010 Kristóf Bajnok NIIF Institute TF-EMC2 2010 Vienna 17 th February 2010 Kristóf Bajnok NIIF Institute Everybody wants to logout... Single sign-on is a powerful toy
More informationData Privacy in the Cloud E-Government Perspective
Data Privacy in the Cloud E-Government Perspective Herbert Leitold; EGIZ, A-SIT International Cloud Symposium 2011, Panel on Data Privacy and the Role Policy Plays in Defining Trust Requirements Ditton
More informationMobile Security. Policies, Standards, Frameworks, Guidelines
Mobile Security Policies, Standards, Frameworks, Guidelines Guidelines for Managing and Securing Mobile Devices in the Enterprise (SP 800-124 Rev. 1) http://csrc.nist.gov/publications/drafts/800-124r1/draft_sp800-124-rev1.pdf
More informationFederated Identity for Cloud Computing and Cross-organization Collaboration
Federated Identity for Cloud Computing and Cross-organization Collaboration Steve Moitozo Strategy and Architecture SIL International 20110616.2 (ICCM) Follow me @SteveMoitozo2 2 Huge Claims You want federated
More informationEnhancing Web Application Security
Enhancing Web Application Security Using Another Authentication Factor Karen Lu and Asad Ali Gemalto, Inc. Technology & Innovations Austin, TX, USA Overview Introduction Current Statet Smart Cards Two-Factor
More informationA trusted identity management system is not only essential for ensuring your customers safety and confidence.
A trusted identity management system is not only essential for ensuring your customers safety and confidence. With the new EU legislation, high protection of personal data has become a pressing need. Side
More informationAddressing threats to real-world identity management systems
Addressing threats to real-world identity management systems Wanpeng Li and Chris J Mitchell Information Security Group Royal Holloway, University of London Agenda Single sign-on and identity management
More informationSAML SSO Configuration
SAML SSO Configuration Overview of Single Sign-, page 1 Benefits of Single Sign-, page 2 Overview of Setting Up SAML 2.0 Single Sign-, page 3 SAML 2.0 Single Sign- Differences Between Cloud-Based Meeting
More informationHow Single-Sign-On Improves The Usability Of Protected Services For Geospatial Data
2014 Fifth International Conference on Computing for Geospatial Research and Application How Single-Sign-On Improves The Usability Of Protected Services For Geospatial Data Andreas Matheus University of
More informationNCSU SSO. Case Study
NCSU SSO Case Study 2 2 NCSU Project Requirements and Goals NCSU Operating Environment Provide support for a number Apps and Programs Different vendors have their authentication databases End users must
More informationIdentity. Provide. ...to Office 365 & Beyond
Provide Identity...to Office 365 & Beyond Sponsored by shops around the world are increasingly turning to Office 365 Microsoft s cloud-based offering for email, instant messaging, and collaboration. A
More informationEnterprise & Vertical Reporting. Challenges and Solutions
Enterprise & Vertical Reporting Challenges and Solutions The Challenge: How do you design a real time data collection system that is scalable for states and districts that is easy to use and extendible
More informationBringing MNOs an end to end Mobile Connect Solution. Mobile Connect for Mobile Network Operator
Bringing MNOs an end to end Mobile Connect Solution Mobile Connect for Mobile Network Operator 1 What is Mobile Connect for MNO? 2 Unmatched end to end solution 1. Complete authenticator out of the box
More informationConnecting Web and Kerberos Single Sign On
Connecting Web and Kerberos Single Sign On Rok Papež ARNES aaa-podpora@arnes.si Terena networking conference Malaga, Spain, 10.6.2009 Kerberos Authentication protocol (No) authorization Single Sign On
More informationSAML single sign-on configuration overview
Chapter 46 Configurin uring Drupal Configure the Drupal Web-SAML application profile in Cloud Manager to set up single sign-on via SAML with a Drupal-based web application. Configuration also specifies
More informationHow to Extend Identity Security to Your APIs
How to Extend Identity Security to Your APIs Executive Overview The number of users and devices requesting access to applications is growing exponentially and enterprises are scrambling to adapt their
More informationLEGAL FRAMEWORK FOR E-SIGNATURE IN LITHUANIA AND ENVISAGED CHANGES OF THE NEW EU REGULATION
LEGAL FRAMEWORK FOR E-SIGNATURE IN LITHUANIA AND ENVISAGED CHANGES OF THE NEW EU REGULATION Aušra Kumetaitienė Head of Information Society Development Division Tomas Jakimavičius Telecommunications and
More informationPingFederate. Identity Menu Builder. User Guide. Version 1.0
Identity Menu Builder Version 1.0 User Guide 2011 Ping Identity Corporation. All rights reserved. Identity Menu Builder User Guide Version 1.0 April, 2011 Ping Identity Corporation 1099 18th Street, Suite
More informationInfocard and Eduroam. Enrique de la Hoz, Diego R. López, Antonio García, Samuel Muñoz
Infocard and Eduroam Enrique de la Hoz, Diego R. López, Antonio García, Samuel Muñoz Index Introduction to Infocard Infocard usage usso using Infocard in eduroam Questions Infocard Artifact with a unique
More informationTrustedX - PKI Authentication. Whitepaper
TrustedX - PKI Authentication Whitepaper CONTENTS Introduction... 3 1... 4 Use Scenarios... 5 Operation... 5 Architecture and Integration... 6 SAML and OAuth 7 RESTful Web Services 8 Monitoring and Auditing...
More information