View stunning SlideShares in full-screen with the new iOS app!Introducing SlideShare for AndroidExplore all your favorite topics in the SlideShare appGet the SlideShare app to Save for Later — even offline
View stunning SlideShares in full-screen with the new Android app!View stunning SlideShares in full-screen with the new iOS app!
Each part will last 10 minutes followed by 5 minutes for questions and discussion. There will be 2 live demos: 1.) a locally hosted streaming service and 2. ) the centrally hosted service. Extra time will be reserved for discussion at the end.
“ The Shibboleth System is a standards based, open source software package for web single sign-on across or within organizational boundaries. It allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner.”
Source: Shibboleth® Web Site
Short Definition: Single sign-on access to online services based on assertions about user attributes.
The VIVA PBS project offers a low risk, high benefit opportunity to test the technology.
Pursue a Federation? N=31 (including VCCS with 24 campuses)
Implementation Timetable N=31 (including VCCS with 24 campuses)
Establish a federation within VIVA along with a “trust fabric” and policies governing which types of users have access to which types of video streams
Implement a Shibboleth Service Provider for video streaming at the University of Virginia
Join InCommon federation to manage policies and WAYF (Where are you from?) services
Install Shibboleth Identity Provider software at participating campuses
Search for a Video I think I will search for the online video my Professor recommended.
Request a Video Stream This looks interesting. I think I will watch it now.
Request for Shibboleth Streaming Service Hmm… looks like I need to click on the link to see the online video Link to Shibboleth enabled Streaming service
WAYF dialog I guess they need to know where I am from before they let me see the video. Where are you from? College of William and Mary George Mason University James Madison University Old Dominion University Sweet Briar College University of Mary Washington University of Richmond University of Virginia Virginia Commonwealth University Virginia Tech University User request is redirected to InCommon Federation WAYF.
Login at Home Institution Now they want me to login to JMU. After login, assertion about user attributes is passed to streaming service
View Stream After Authentication Hey …this looks a lot better than what I am used to seeing on YouTube. Streaming video in QuickTime player Stream is launched after Shibboleth Service Provider determines that attribute obtained from Identity Provider at home school matches type of person authorized to view the stream.
Shibboleth-Enabled Service at University of Virginia
For VIVA Members via InCommon
Streaming files WAYF (InCommon) Shibboleth Identity Provider Shibboleth Streaming Service Provider Shibboleth Authentication Adapted from Michael Gettes, 2004 3 2 Where Are You From? 4 OK, your request is redirected to the Handle Service of your home org. HS 5 6 I don’t know you. Please authenticate Using WEBLOGIN Attribute 10 Shibbolized Darwin Streaming Server Attributes 1 ACS I don’t know you. Not even which home org you are from. I redirect your request to the WAYF User Database 7 Credentials OK, I know you now. I redirect your request to the target, together with a handle AA Pass user attribute to Service Provider. 9 Handle Handle 8 Ask Attribute Authority for attributes to see if user is eligible to receive service Handle AR