saml a mature six year old
Download
Skip this Video
Download Presentation
SAML a mature six year old?

Loading in 2 Seconds...

play fullscreen
1 / 40

SAML a mature six year old? - PowerPoint PPT Presentation


  • 121 Views
  • Uploaded on

SAML a mature six year old?. Glenn Wearen, Paul Caskey & Josh Howlett. Introduction. Identity Management Edugate project. Firstly. Identity Management (IdM) Identity and Access Management (IAM). Identity Management -who?. Who?. Students Onsite / Offsite Local / Remote

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'SAML a mature six year old?' - autumn-jackson


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
saml a mature six year old

SAML a mature six year old?

Glenn Wearen, Paul Caskey & Josh Howlett

introduction
Introduction
  • Identity Management
  • Edugate project
firstly
Firstly
  • Identity Management (IdM)
  • Identity and Access Management (IAM)
slide5
Who?
  • Students
    • Onsite / Offsite
    • Local / Remote
    • Undergraduate / Postgraduate
    • Full-time / Part-time
    • Primary / Post-primary
slide6
Who?
  • Employees
    • Full-time
    • Part-time
    • Contractors
    • Temporary
    • Teaching
    • Administrative
slide8
What?
  • User
    • Firstname
    • Lastname
    • Password
    • Group
    • Role
    • Email
    • Id
  • X500
  • Active Directory
  • eduPerson
  • SCHAC
  • Custom
slide10
When?
  • Registration
    • New Student
    • Transfer
  • Re-registration
    • Undergraduate > Postgraduate > Lecturer
  • Graduation
  • Alumni
slide11
When?
  • IdM Lifecycle
    • Provision
    • Promote
    • Demote
    • Disable
    • Enable
    • Deprovision
    • Reprovision
    • Synchronise
where
Where?
  • Registry
  • HR
  • Alumni database
  • Email
  • Directory
  • Database
  • Library
  • External Services
where1
Where?
  • Computing Resource
    • Desktop
    • Server
    • Grid
  • Resources
    • Application
      • Webmail
      • Portal
      • VLE
      • Device
where2
Where?
  • External
        • Remotely Accessible?
  • Resources
  • Internal
        • Remotely Accessible?
slide17
Why?
  • Because we have to...

...as part of day to day responsibility

slide18
Why?
  • Because we have to...

...if we get it wrong, the consequences can be far reaching.

slide20
Why?
  • Because we have to...

...our users expect to be able to have some control over their digital identity.

slide22
Why?
  • Because we have to...

... Student and employee login accounts are valuable.

what is the best practice
What is the best practice?
  • Kim Cameron’s 7 Laws of Identity.
    • 1. User Control and Consent
    • 2. Minimal Disclosure for a Constrained Use
    • 3. Justifiable Parties
    • 4. Directed Identity
    • 5. Pluralism of Operators and Technologies
    • 6. Human Integration
    • 7. Consistent Experience Across Contexts
what is the best framework1
What is the best framework?
  • Centralised
  • Devolved
what is the best framework2
What is the best framework?
  • Centralised
  • Devolved
    • SAML (or similar)
    • Active Directory Inter-domain Trust
    • Kerberos
    • RADIUS
  • User-centric
what is the best framework3
What is the best framework?
  • Centralised
  • Devolved
  • User-centric
  • Hybrid
edugate
Edugate
  • e-INIS PRTLI Cycle 4
  • Research Federated Access
  • Technology Trial
  • Pilot Project
edugate1
Edugate

Research

  • Federated Models
  • Existing Federations
    • Schema (x500, eduPerson, SCHAC)
    • Protocols (SAML based only)
  • Policy
    • Governance (Direction)
    • Membership (Rules)
edugate2
Edugate

Technology Trial

  • Protocols and Standards
    • Shibboleth 1.3 & 2.0
    • ADFS
    • SAML
    • eduPerson
  • Interoperability
  • Performance and scalability
edugate3
Edugate

Pilot Project

  • Services
    • Managed IdP
    • Hosted IdP
    • Hosted SP
  • Applications
    • Web-based
    • GRID
summary
Summary
  • Edugate
  • Research
  • Trial
  • Pilot

IAM

  • Who
  • What
  • When
  • Where
  • Why
  • How
lastly
Lastly

Questions

Athens

Federated Access as SSO for Campus.

Federated Access for HEI

ad