Download
dk update n.
Skip this Video
Loading SlideShow in 5 Seconds..
DK update PowerPoint Presentation

DK update

126 Vues Download Presentation
Télécharger la présentation

DK update

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. DK update • David Simonsen, WAYF • (the federation formerly known as DK-AAI) It's a WAYF It's about consent It's a project

  2. WAYF architecture simpleSAMLphp SAML2 LDAP Host’ed + CAS Shibboleth 1.3

  3. Supported interfaces • SP: SAML2 • SP: Shibboleth 1.3 • IdP: SAML2 • IdP: LDAP (hosted login page) • IdP: CAS + LDAP

  4. IdM requirements • Describe your IdP routines (will not be publicly available) • 24 hours after status is changed, status is changed... • LoA - not supported • Strenth of initial authentication not flagged

  5. Attributes • MUST • ---- Personal information----- • SurName • GivenName • CommonName • eduPersonPricipleName • Mail • eduPersonPrimaryAffiliation • ----- Information about the organisation----- • schacHomeOrganization • MAY • ---- Personal information ---- • norEduPersonNIN • eduPersonScopedAffiliation • PreferredLanguage • eduPersonEntitelment • ----- Information about the organisation----- • - • Attributtes provided / generated by WAYF • eduPersonTargedID (hash (SP-ID + hash (IdP-ID + salt + unique-personID) + salt) • OrganizationName

  6. Attribute profiles • Normal profile • eduPersonPrimaryAffiliation • schacHomeOrganization • Extended profile with persistent ID • eduPersonPrimaryAffiliation • schacHomeOrganization • eduPersonTargedID • Extended profil with persistent ID and name • eduPersonPrimaryAffiliation • schacHomeOrganization • eduPersonTargedID • SurName • GivenName • CommonName • Extended profil with persistent ID, name and email • eduPersonPrimaryAffiliation • schacHomeOrganization • eduPersonTargedID • SurName • GivenName • CommonName • mail

  7. WAYF is live • as of 28th of March 2008 • All central services running • WAYF, consent, consent-admin • Central federating component (CFC): simpleSAMLphp • Contract draft (turned down yesterday) • websites open (Danish only so far) • Production evironment + QA • Press release to come (with ministers)

  8. WAYF is live • Only a few services still • Cross federated to FEIDE (OpenWiki, Foodle)

  9. Connected institutions • The Royal Library • Roskilde University • Syddansk University • The State Library • WAYF Orphanage • Århus University • Technical University of DK

  10. Planned services • Connect, Forskningsnettets videotjeneste • DSB • NetID • BBC Motion Gallery • Danske reklamefilm • eduMedia, Forskningsnettet • Studenterportaler

  11. Planned services • NIAS, Nordisk Inst. for Asien Studier (Kalmar) • Microsoft's 'Dream Sparks' • ElseVier (forlag) • OVID (forlag) • EBSCO (forlag) • WAYF-baseret ID-oprettelse

  12. Users' consent

  13. Volontarily The users' informed consent Obligation to inform Specific Informed Consent No personal info is kept

  14. Ingen personlige oplysninger gemmes ! 2km4756k4l3n43j34j3 8ds989g+sdfhkjrwk30

  15. DEMONSTRATION • www.wayf.dk • www.dk-aai.dk • wiki.dk-aai.dk • https://wayf.wayf.dk/consent/consentAdmin.php