Access Management Transition Programme Meeting Access Management Futures: JISC and International Development Strategy  Nic...
A Little Background
Some Background <ul><li>1995: Athens developed by NISS (National Information Services and Systems) at University of Bath a...
The Requirements  <ul><li>A single access management system for: </li></ul><ul><ul><li>Intra-institutional resources. </li...
Not just about preventing.. Copyright: Getty Images from the Education Image Gallery
..but about collaborating and sharing Copyright: Getty Images from the Education Image Gallery
The UK Development Landscape Athens Gateways CA Bridge eduRoam Gateway Development Level of Assurance – FAME project Ident...
JISC Plans
<ul><li>Access Management Transition Programme!   </li></ul>
e-Infrastructure Programme <ul><li>Continued support for integration of UK federation and Grid.  </li></ul><ul><li>Levels ...
Orphans American evangelist Dwight Lyman Moody (1837 - 1899) with a group of orphans at one of his Chicago missions. Court...
Identity Management outside Institutions
Multiple Affiliations
Attributes and Personalisation Copyright: HEFCE
e-Research <ul><li>Access Management for complex data </li></ul><ul><li>Flexible Service Provider models for virtual organ...
Federated  Tools such as ShARPE
Internet2 Plans
SAML 2.0 <ul><li>Scott Cantor: technical editor of SAML 2.0 specification and lead Shibboleth architect.  </li></ul><ul><l...
Shibboleth 2.0 <ul><li>Major changes: </li></ul><ul><ul><li>New and broadening concepts  </li></ul></ul><ul><ul><li>New co...
Other Internet2 Stuff <ul><li>More work in collaborative scenarios: virtual organisations etc.  </li></ul><ul><li>Applicat...
International Plans
Work with our International Partners <ul><li>International Vendor Liaison, with specific emphasis on work with SURF and In...
and developing the UK federation… (see Josh Howlett presentation)
Upcoming SlideShare
Loading in …5
×

JISC Access and Identity Management: Future Directions

3,044 views

Published on

This presentation by Nicole Harris looks at JISC's future plans in relation to access and identity management

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
3,044
On SlideShare
0
From Embeds
0
Number of Embeds
43
Actions
Shares
0
Downloads
98
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

JISC Access and Identity Management: Future Directions

  1. 1. Access Management Transition Programme Meeting Access Management Futures: JISC and International Development Strategy Nicole Harris Senior Services Transition Manager, JISC
  2. 2. A Little Background
  3. 3. Some Background <ul><li>1995: Athens developed by NISS (National Information Services and Systems) at University of Bath as an in-house system. </li></ul><ul><li>1996: eLib Study ‘Technologies to Support Authentication in Higher Education’ identified Athens as a potential solution for all JISC Services. </li></ul><ul><li>1997: Athens in use in all JISC Data Centres and rolled out across HEIs / FEIs over the next two years. </li></ul><ul><li>1998: CNI White Paper on AAA requirements. JISC commits to using as a basis for next-generation technologies. </li></ul><ul><li>1997 – 2000: three year contract for Athens provision with University of Bath and then Eduserv. </li></ul><ul><li>2000 – 2008: two three year plus one two year contract with Eduserv for Athens provision. </li></ul><ul><li>2000: Alan Robiette and JCAS scope requirements for next generation access management system (ANGEL project starts testing Shibboleth and PAPI technologies). </li></ul><ul><li>2002 – 2004: AAA Programme – audit of next generation technologies and ratification of requirements. </li></ul><ul><li>2004 – 2007: Core Middleware Programmes. JISC decision to support federated access management. </li></ul><ul><li>2006 – 2009: Access Management: Transition Programme. Roll-out and embedding. </li></ul>
  4. 4. The Requirements <ul><li>A single access management system for: </li></ul><ul><ul><li>Intra-institutional resources. </li></ul></ul><ul><ul><li>Third party digital library type resources. </li></ul></ul><ul><ul><li>Inter-institutional resources for secure long-term collaboration. </li></ul></ul><ul><ul><li>Inter-institutional resources for ad-hoc (virtual organisation) collaboration. </li></ul></ul><ul><li>Evolving strategy: </li></ul><ul><ul><li>Where possible, JISC should focus on fostering development and use of standards rather than specific technologies. </li></ul></ul><ul><ul><li>Institutions should have the widest possible range of options, from full open source to commercial support. </li></ul></ul><ul><ul><li>Solutions should be in line with international developments in the field. </li></ul></ul><ul><ul><li>Solution must provide real benefits to institutions and service providers. </li></ul></ul>
  5. 5. Not just about preventing.. Copyright: Getty Images from the Education Image Gallery
  6. 6. ..but about collaborating and sharing Copyright: Getty Images from the Education Image Gallery
  7. 7. The UK Development Landscape Athens Gateways CA Bridge eduRoam Gateway Development Level of Assurance – FAME project Identity Management – inter- and intra- NHS / Government N-tier Developments – SPIE project Authorisation Tools - PERMIS, DYVOSE (Authority Delegation) Interfaces / User Tools Virtual Home for Identities Federation Tools Identity / Service Providers outreach support federation Federation Services
  8. 8. JISC Plans
  9. 9. <ul><li>Access Management Transition Programme! </li></ul>
  10. 10. e-Infrastructure Programme <ul><li>Continued support for integration of UK federation and Grid. </li></ul><ul><li>Levels of Assurance: ES-LOA. </li></ul><ul><li>Identity Project. </li></ul><ul><li>Federated tools: 5 new projects. </li></ul><ul><ul><li>Federated Identities and virtual organisations with Grouper </li></ul></ul><ul><ul><li>Virtual Organisations and management of organisations objects </li></ul></ul><ul><ul><li>Integrated Authorisation for Shibboleth/Grid. </li></ul></ul><ul><ul><li>Integrating VOMS and PERMIS </li></ul></ul><ul><ul><li>Virtual Organisation tools </li></ul></ul><ul><li>Upcoming ITTs / Calls / other work in the areas of… </li></ul>
  11. 11. Orphans American evangelist Dwight Lyman Moody (1837 - 1899) with a group of orphans at one of his Chicago missions. Courtesy of the Education Image Gallery Copyright: Getty Images
  12. 12. Identity Management outside Institutions
  13. 13. Multiple Affiliations
  14. 14. Attributes and Personalisation Copyright: HEFCE
  15. 15. e-Research <ul><li>Access Management for complex data </li></ul><ul><li>Flexible Service Provider models for virtual organisations </li></ul><ul><li>Ongoing work with the National Grid Service, including the CA </li></ul><ul><li>Copyright: Getty Images </li></ul><ul><li>Education Image Gallery </li></ul>
  16. 16. Federated Tools such as ShARPE
  17. 17. Internet2 Plans
  18. 18. SAML 2.0 <ul><li>Scott Cantor: technical editor of SAML 2.0 specification and lead Shibboleth architect. </li></ul><ul><li>SC describes it as a ‘vulcan mind-meld’ of SAML 1.1, Shibboleth and Liberty ID-FF 1.2. </li></ul><ul><li>You can expect in the long-term: </li></ul><ul><ul><li>Focus on federated identity management. </li></ul></ul><ul><ul><li>Single log-out. </li></ul></ul><ul><ul><li>Account linking / management. </li></ul></ul><ul><ul><li>More features / more complexity. </li></ul></ul>Copyright: Getty Images Education Image Gallery
  19. 19. Shibboleth 2.0 <ul><li>Major changes: </li></ul><ul><ul><li>New and broadening concepts </li></ul></ul><ul><ul><li>New configuration files </li></ul></ul><ul><ul><li>Metadata updates </li></ul></ul><ul><ul><li>Minor installation differences </li></ul></ul><ul><li>Partial SAML 2.0 support (AuthnRequest, AttributeQuery, SingleLogout). </li></ul><ul><li>Better session management </li></ul><ul><li>Better authentication packaged with Shib </li></ul><ul><li>Better attribute management – particularly attribute filter policy </li></ul><ul><li>Focus on SP side discovery service (the future?) </li></ul><ul><li>Better audit and access logs </li></ul><ul><li>Java Service Provider </li></ul><ul><li>https://spaces.internet2.edu/display/SHIB/ShibTwoRoadmap . </li></ul>
  20. 20. Other Internet2 Stuff <ul><li>More work in collaborative scenarios: virtual organisations etc. </li></ul><ul><li>Application integration with infrastructure: wikis, SharePoint, Sakai, mailing lists etc. </li></ul><ul><li>Integrated application providers: yahoo, google, e-bay etc. </li></ul><ul><li>Easier install IdPs. </li></ul><ul><li>Information card integration including CardSpace (in place now). </li></ul><ul><li>Open Liberty Integration </li></ul>
  21. 21. International Plans
  22. 22. Work with our International Partners <ul><li>International Vendor Liaison, with specific emphasis on work with SURF and Internet2. </li></ul><ul><li>Directory Schema work with TERENA through TF-EMC2. </li></ul><ul><li>Inter-federation and licensing work with Knowledge Exchange Partners in Netherlands, Germany and Denmark. </li></ul><ul><li>Inter-federation work with TERENA, Internet2 and DEST. </li></ul><ul><li>Contributions to the Shibboleth code-base through team at EDINA. </li></ul><ul><li>Continued international dialogue </li></ul>
  23. 23. and developing the UK federation… (see Josh Howlett presentation)

×