Your SlideShare is downloading. ×
  • Like
Glenn Wearen 20091203 Ifif He Anet Gwearen
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Glenn Wearen 20091203 Ifif He Anet Gwearen

  • 758 views
Published

 

Published in Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
758
On SlideShare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
3
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Federated Access Glenn Wearen HEAnet
  • 2. Terminology Single Log On • single point of authentication (e.g ldap) • synchronised account and credentials • authenticate to each application Single Sign On • single point of authentication • single credential, single account • authenticate once
  • 3. Terminology Identity Provider • Organisation that holds identity data/credentials Service Provider • Organisation accepting federated identities IdP, SP, OP, RP
  • 4. Terminology Web SSO – OpenID – Cardspace (Infocard, Higgins etc.) – SAML, WS-Trust – Facebook Connect, Friend Connect – OAuth Data exchange
  • 5. Federated Access in Education SAML widely adopted in national academic federations • UK Access Management Federation • InCommon • Switch AAI • HAKA • Swamid • AAF Confederation • Surfederatie • Feide • GARR Idem AAI SAML used in other sectors Realty, Aerospace, Automobile, 401k
  • 6. Federation or Service Provider WAYF Server Institutional SAML Server Service Provider SAML server Service Provider Web Server Se Institutional User Institutional Web rvi c Repository Server eP . ) rov IdP ide n( r( tio SP titu ) Ins . Service Provider User Repository
  • 7. Federated Access in Education
  • 8. Edugate – IdP’s • Institutes of Technology • Universities • Private colleges • Research agencies
  • 9. Edugate – SP's • Any IdP can be a SP • Shared services offered by IdP's • Academic content providers • Research portals • Organisations offering academic discount
  • 10. Membership has its benefits Federation is a web of trust underpinned by... – Policy • Membership rules – Identity providers must ensure identities are assured – Service providers must not abuse data protection rules • Confederation/Interfederation – Technical • Standard protocol
  • 11. Membership has its benefits Management of identity provider – Consent management – Attribute release HEAnet assistance to get started – Directory integration for IdP's – Application integration for SP's
  • 12. Resource Registry -SP
  • 13. Resource Registry –IdP (i)
  • 14. Resource Registry –IdP (ii)
  • 15. Resource Registry – IdP (iv)
  • 16. Resource Registry – IdP (v)
  • 17. Resource Registry – IdP (v)
  • 18. Future Directions – Confederation • UK Federation / eduGAIN – Attribute aggregation • Student account is but one part of a user account – Who knows? • Schools • Make a 'social' account out of of the 'campus' id. • National student ID
  • 19. Summary Terminology SAML Edugate Join us at www.edugate.ie