1 / 26

Australian Access Federation

Australian Access Federation. Robert Hazeltine Identity and Access Management Enterprise Systems Office. Extending our reach. UWS staff and students now belong to two networks - since 6 October 2009 UWS network Web sites and applications, and enterprise applications AAF network

brianashley
Download Presentation

Australian Access Federation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Australian Access Federation • Robert Hazeltine • Identity and Access Management • Enterprise Systems Office

  2. Extending our reach • UWS staff and students now belong to two networks - since 6 October 2009 • UWS network • Web sites and applications, and enterprise applications • AAF network • participating universities and research institutions and other national federations

  3. Services • data collections and data grids • scientific instruments, modelling and visualisation tools and computing resources • collaboration environments and workspaces for virtual teams • scholarly resources and publications • e-learning resources and learning object collections • national higher education and research administration schemes

  4. How does it work ... • Single sign on • local credentials • Role based access control • Uses attributes and record keeping curtailed • Pubic Key Infrastructure • Electronic passport

  5. Identity Provider • the software run by an organisation with users wishing to access a restricted service • Service Provider • the software run by the provider managing the restricted service • Federation • Where are you from = “WAYF” • Public key infrastructure • Privacy a key consideration

  6. Shibboleth • Federated Single Sign On software • The Shibboleth system is a standards based, open source software package for web single sign-on across or within organisational boundaries. It allows sites to make informed authorisation decisions for individual access of protected online resources in a privacy-preserving manner • Shibboleth leverages the organisation’s identity and access management system, so that the individual’s relationship with the institution determines access rights to services that are hosted both on and off campus

  7. AAF site about the AAF • http://www.aaf.edu.au/ • UWS site about the AAF • http://www.uws.edu.au/campuses_structure/cas/services_facilities/it/single_sign-on • US Shibboleth site • http://shibboleth.internet2.edu/about.html • Swiss equivalent of the AAF • http://www.switch.ch/aai/demo/easy.html

  8. Your role in this • Maybe no direct involvement yourself • Finding uses for it • Identifying your users as a group • Telling your ITS contact your needs • Giving us a little time to organise it • Becoming an advocate

  9. How does UWS turn the technology to its advantage?

  10. Thank you

  11. AAF core attributes • authenticationMethod • o (organisation) • eduPersonAffiliation • eduPersonScopedAffiliation • eduPersonEntitlement • eduPersonAssurance • eduPersonTargettedID • auEduPersonSharedToken • displayName • cn (common name) • mail

  12. Identity Provider (Origin) • Log on to a web site or application • Shibboleth • Use the AAF “WAYF” for federation sites • Use the AAF “WAYF” for local only sites • Use the technology for local sites only • No password is exchanged with SP • Attributes are encrypted • Anonymous, pseudo-anonymous, identifier • Uses your UWS password

  13. Service Providers (Target) • Australian Access Federation itself • AAF member as service provider • Confluence • Library services • On line learning • No portal required

  14. Enterprise Directory • Repository of attributes for various uses: • Australian Access Federation • White and green pages • Online voting • Authentication and authorization • Course Approval and Publication System • VoIP (new phone system) • Faster on boarding

More Related