1 / 24

Introduction to Shibboleth and IAMSECT Project: Enhancing Authentication and Authorization Management

Discover the key features of Shibboleth, authentication and authorization management, and the IAMSECT Project involving decentralized trust and federations. Learn how Shibboleth simplifies user access and enhances security for services. Explore the demonstrations showcasing its application in e-learning and clinical teaching.

cora-bailey
Télécharger la présentation

Introduction to Shibboleth and IAMSECT Project: Enhancing Authentication and Authorization Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Introduction to Shibboleth and the IAMSECT Project

  2. What is Shibboleth? • Authentication management • Authorisation management • (Open Source) Software • A decentralised, key-based trust model • Web-based

  3. Overview • Users and Services, now • Users and Services, with Shibboleth • ID Providers • The IAMSECT Project • Demonstration #1 - Shibboleth & BB • Demonstration #2 – BIOSIS (live) • Questions

  4. Users and Services - now Users Services • Many username & password pairs • Tools to manage them • Means of Coping • Managing user lists • ‘remote users’ • Keeping up-to-date • Confidentiality • Security

  5. User and Services - Shibboleth • One Home institution • One username and password Users Services • No user lists • Federations How?

  6. Identity Providers • Assert someone’s identity • You want your users to access remote services • Only worry about your own users

  7. Federations • Groups of Identity & Service Providers • A set of agreed policies • Mutual trust (via symmetric keys)

  8. IAMSECT • Inter-institutional Authorisation Management to Support eLearning with reference to Clinical Teaching

  9. IAMSECT • JISC funded • Collaboration between Durham, Northumbria, Newcastle • Shibboleth isn’t trivial • Technical issues • Managerial issues • Confidentiality - Clinical Teaching

  10. Demonstration #1 (theoretical) • At present, theoretical • Durham Blackboard (Service Provider) • Newcastle login (Identity Provider)

  11. Demonstration #1

  12. User attempts to access Service

  13. http://duo.dur.ac.uk/

  14. User redirected to ‘WAYF’

  15. https://wayf.sdss.ac.uk/shibboleth-wayf/...

  16. User selects their Identity Provider

  17. https://weblogin.ncl.ac.uk/cgi-bin/index.cgi

  18. I.P. authenticates User Active Directory

  19. User redirected back to Service Active Directory

  20. https://shib.ncl.ac.uk/shibboleth/HS?...

  21. User accesses Service Active Directory

  22. http://duo.dur.ac.uk/

  23. Demonstration #2 (live) • EDINA BIOSIS e-journal Service • SDSS federation WAYF • Newcastle Identity Provider

  24. Questions

More Related