The AAF - Supporting Greener Collaboration

Similar documents
Integrating Identity Management Aspirations and Issues

Oman Research & Education Network (OMREN)

Using Your Own Authentication System with ArcGIS Online. Cameron Kroeker and Gary Lee

Liberty Alliance Project

Identity management. Tuomas Aura T Information security technology. Aalto University, autumn 2011

EGI-InSPIRE. GridCertLib Shibboleth authentication for X.509 certificates and Grid proxies. Sergio Maffioletti

Qualys SAML 2.0 Single Sign-On (SSO) Technical Brief

Identity management. Tuomas Aura CSE-C3400 Information security. Aalto University, autumn 2014

SAML-Based SSO Solution

Morningstar ByAllAccounts SAML Connectivity Guide

Géant-TrustBroker Dynamic inter-federation identity management

Single Sign-On (SSO)Technical Specification

GÉANT-TrustBroker project overview

Introduction of Identity & Access Management Federation. Motonori Nakamura, NII Japan

GrIDP: Grid IDentity Pool Federation

Federated Identification Architecture

RSA SecurID Access SAML Configuration for Datadog

Configuration Guide - Single-Sign On for OneDesk

The Role of DEST: Opportunities and Responsibilities for Research Data

SAML-Based SSO Solution

2. HDF AAI Meeting -- Demo Slides

RealMe. SAML v2.0 Messaging Introduction. Richard Bergquist Datacom Systems (Wellington) Ltd. Date: 15 November 2012

Management der Virtuellen Organisation DARIAH im Rahmen von Shibboleth- basierten Föderationen. 58. DFN- Betriebstagung, Berlin, 12.3.

ISA 767, Secure Electronic Commerce Xinwen Zhang, George Mason University

New trends in Identity Management

RSA SecurID Access SAML Configuration for StatusPage

bwsync&share: A cloud solution for academia in the state of Baden-Württemberg

Diamond Moonshot Pilot Participation

FeduShare Update. AuthNZ the SAML way for VOs

ArcGIS Enterprise Security: An Introduction. Gregory Ponto & Jeff Smith

Integrated Security Context Management of Web Components and Services in Federated Identity Environments

All about SAML End-to-end Tableau and OKTA integration

Connect Authenticate

Extending Services with Federated Identity Management

This talk aims to introduce the Shibboleth web authentication/authorization framework and its intended deployment in the UK academic community and

DSIT WP1 WP2. Federated AAI and Federated Storage Report for the Autumn 2014 All Hands Meeting

The safe share project John Chapman, Deputy head, information security, Jisc

DARIAH Update. 9th FIM4R Workshop. Vienna, Novemer 30, Peter Gietz, DAASI International GmbH.

ORCID UPDATE. JISC Workshop, 16 June 2017

SafeNet Authentication Service

Goal. TeraGrid. Challenges. Federated Login to TeraGrid

National Research Data Cloud

SAML Metadata Signing gpolicy and Aggregation Practice Statement

Elements of sustained data management solutions for climate

Results from the EARNEST Technical Study

ComponentSpace SAML v2.0 Okta Integration Guide

DARIAH-AAI. DASISH AAI Meeting. Nijmegen, March 9th,

Greek Research and Technology Network. Authentication & Authorization Infrastructure. Faidon Liambotis. grnet

U.S. E-Authentication Interoperability Lab Engineer

Can R&E federations trust Research Infrastructures? - The Snctfi Trust Framework

Udemy for Business SSO. Single Sign-On (SSO) capability for the UFB portal

Managing Trust in e-health with Federated Identity Management

ShibVomGSite: A Framework for Providing Username and Password Support to GridSite with Attribute based Authorization using Shibboleth and VOMS

Welcome to Oracle Service Cloud Ask the Experts

CLI users are not listed on the Cisco Prime Collaboration User Management page.

EUDAT. Towards a Collaborative Data Infrastructure. Ari Lukkarinen CSC-IT Center for Science, Finland NORDUnet 2012 Oslo, 18 August 2012

Next-Generation Identity Federations. Andreas Åkre Solberg

Identity Services Overview from 3 rd Party UK federation commercial identity Providers

Identity Provider for SAP Single Sign-On and SAP Identity Management

CLI users are not listed on the Cisco Prime Collaboration User Management page.

Mashing Up, Wiring Up, Gearing Up: Solving Multi-Protocol Problems in Identity

ArcGIS Server and Portal for ArcGIS An Introduction to Security

D9.2.2 AD FS via SAML2

eresearch Collaboration across the Pacific:

SAML-Based SSO Configuration

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

CAS s IDP system and resources in Education Cloud

eidas cross-sector interoperability

From UseCases to Specifications

TRUST IDENTITY. Trusted Relationships for Access Management: AND. The InCommon Model

Identity and capability management and federation

Options for Joining edugain. Lukas Hämmerle, SWITCH DARIAH Workshop, Köln 18 October 2013

The Challenges of User Consent

Géant-TrustBroker Project Overview

Auto-Connect via Dynamic Federation

Attribute Aggregation in Federated Identity Management. David Chadwick, George Inman, Stijn Lievens University of Kent

MITA s approach to Open Standards. Presented by: Noel Cuschieri 24 th November 2015

DDS Identity Federation Service

AARC Blueprint Architecture

FEDERATED IDENTITY AT ARGONNE NATIONAL LABORATORY

The Future of Indoor Plumbing. Dr Ken Klingenstein Director, Internet2 Middleware and Security

Integration Guide. PingFederate SAML Integration Guide (SP-Initiated Workflow)

Introduction to Identity Management Systems

Upland Qvidian Proposal Automation Single Sign-on Administrator's Guide

eid Interoperability for PEGS WS-Federation

A Guanxi Shibboleth based Security Infrastructure for e-social Science

Strong Authentication for Web Services using Smartcards

Liferay Security Features Overview. How Liferay Approaches Security

BEST PRACTICES GUIDE MFA INTEGRATION WITH OKTA

Configuring Single Sign-on from the VMware Identity Manager Service to Marketo

EDINBURGH S TELFORD COLLEGE

EUDAT. Towards a pan-european Collaborative Data Infrastructure

IdP User Consent. Part 1: Overview of user consent in IdP version 3 Part 2: Technical bits. Transparency for attribute release

VMware Identity Manager Administration. MAY 2018 VMware Identity Manager 3.2

Supporting a Widely Deployed Campus Shibboleth Implementation

Assurance Enhancements for the Shibboleth Identity Provider 19 April 2013

SAML Single Sign On Integration

Federated access to Grid resources

Slack Cloud App SSO. Configuration Guide. Product Release Document Revisions Published Date

Configuring Alfresco Cloud with ADFS 3.0

Transcription:

SPUSC 2008 SOUTH PACIFIC USER SERVICES CONFERENCE The AAF - Supporting Greener Collaboration Stuart Allen MAMS MELCOE Macquarie University sallen@melcoe.mq.edu.au

What is the AAF? The Australian Access Federation is a Trust Federation: Trust Federations are an alternative to the traditional approach of application-managed accounts Comprised of a collection of trusted higher education and research institutions each user has a home institution login for access to federated services (can also be used for local web SSO) other members of the federation trust the user's home institution to assert information about that user

What is the AAF? AAF Shibboleth Federation Overview Identity Providers: organisations that can authenticate their users and share their attribute values (eg, role) Service Providers: services (ie, applications) that are accessible by users from Identity Providers Trust Federation: a trust framework (policy and technical) that connects Identity Providers and Services Providers

What is the AAF? The Australian Access Federation is: Australian Access Federation Operator governed by the Rules of Membership infrastructure to facilitate trusted electronic communications and collaboration a set of operational requirements and recommendations a set of agreed end-user attributes the common language of the federation t f t l i d t d d ( t i d a set of tools, services, and standards (e.g. customised metadata, shared services, etc)

AAF Overview AAF Shibboleth Federation Overview: Shibboleth is an open-source implementation of the SAML standard d Rollout of Shibboleth trust federations in the USA, UK, Australia, Switzerland, Finland, France, Germany, etc MAMS Level 2 Testbed Federation currently has 27 IdPs (approximately 900, 000 identies) and 28 SPs. MAMS Software to assist with deployment (e.g. Federation Manager, Autograph, ShARPE, etc)

Benefits of the AAF Single Sign On intra- and inter-institutions Improved collaboration Unification Greater accuracy of information Reduced administration

User wants to access SP Service Provider Identity Provider

User is redirected and selects IdP: Where Are You From Service Provider Identity Provider

User is redirected to IdP and logs in Service Provider Identity Provider

IdP uses Attribute Release Policy for SAML assertion Service Provider Identity Provider

User is redirected to SP with SAML handle Service Provider Identity Provider

SP uses SAML handle to retrieve user attributes Service Provider Identity Provider

AAF Shibboleth Use Cases Research data and facilities Institutional repositories Cross-institutional course delivery Collaboration tools and shared services Scholarly and information resource licensing

Sharing Services Vendor Services (e.g. Microsoft Dreamspark, Elsevier, etc) Research Domain Services (e.g. Atlas, Medical Images, etc) Federation Services (e.g. Wiki, Forum, e-learning, White Pages, repositories, etc) Your Institutional Services (e.g. Wiki, repositories, i multi-users applications, etc)

Greener Collaboration Federation to provide the middleware Reduce manual processes Encourage collaboration Increase business value and competitiveness ii (e.g. inter institutional course delivery) Increase research activities (easier to share/ access data) Improve internal organisation processes (secure access to organisation s resources, e.g. Room booking application)

Joining the Federation Join MAMS Federation as IdP and/or SP: http://federation.org.au AAF goes live in 2009, full transitional support provided Technical readiness for requirements http://federation.org.au/requirementsfinaldraft.pdf Shibboleth Federation Rollout workshop in Sydney, Shibboleth Federation Rollout workshop in Sydney, 16-17 Feb 2009 (free): http://federation.org.au/rollout

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback