1 / 6

Developments and challenges in authentication and authorisation

This document addresses the key developments and challenges in authentication and authorization within organizations, particularly focusing on local identity management, role and attribute management, and the need for harmonization across applications. It highlights significant technical hurdles, including horizontal and vertical integration within federations, various levels of authentication and authorization, and concerns regarding privacy and policy constraints. The interplay between enterprise and personal identity is also examined, alongside the roles of major stakeholders in shaping future authentication frameworks.

neviah
Download Presentation

Developments and challenges in authentication and authorisation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Developments and challenges in authentication and authorisation Klaas Wierenga klaas.wierenga@surfnet.nl Amsterdam, October 2 2006

  2. Organisational Challenges • Local identity management • Provisioning • must be understood both on campus and in applications • Managing roles and attributes • Harmonisation • OSI-layer crossing • Scalability problems (many sources of authority)

  3. Technical Challenges (1) • Horizontal integration • Government federations • Commercial federations (Liberty Alliance, WS-* based) • Across national boundaries • Vertical integration • Web SSO, eduroam, grids • Lightpath provisioning (GLIF), measurement and monitoring (PerfSonar) • E-mail, IM, SIP, SSH

  4. Technical Challenges (2) • External IdP’s • Different levels of authentication • Different levels of authorisation • From authentication to authorisation • Do those enterprise directories really contain authoritative authorisation information? • Security constraints • Policy and technology • N-tier problems • Where are the attributes?

  5. Political and Societal challenges • Privacy • Locally • Within federations • Across Europe • World-wide • Interconnection policies • building federations • bridging federations • Integration of enterprise and federated identity with personal identity • Agreement on consistent approaches to authentication

  6. Players • Cisco • Nortel • Juniper • Sun • M$ • Liberty Alliance • Amazon • OGF • GLIF

More Related