1 / 7

The Feds and Shibboleth

The Feds and Shibboleth. Peter Alterman, Ph.D. Asst. CIO, E-Authentication National Institutes of Health. Purpose of Contracts.

renate
Télécharger la présentation

The Feds and Shibboleth

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Feds and Shibboleth Peter Alterman, Ph.D. Asst. CIO, E-Authentication National Institutes of Health

  2. Purpose of Contracts • Develop technical and policy interoperability to enable university end users access to online Federal Agency applications using their inCommon Shib identity credentials, and • Allow government end users access to inCommon applications using Agency-issued identity credentials Peter Alterman will

  3. Relationship to FedFed • Opening to Shib extends the Federal architecture while maintaining compliance with open standards • Creates a model for other industry segment engagements • A trustworthy Federation to Federation strategy enables both parties to expand their user base with little or no added overhead

  4. Federal Shibboleth Interoperability Project Overview • Phases 1 & 2: • Demonstrated technical interoperability between E-Auth SAML 1.0 architecture and Shibboleth 1.2 – led to Shibboleth 1.3 becoming government-approved SAML product • Initiated bilateral policy and procedures review – led to credential assessment of 3 schools • Ongoing Interfederation Interoperability Work Group for policy issues • Bridge-to-bridge engagement through International Collaborative IDentity Management Forum

  5. Phases 3 & 4 In Process • Develop SAML 2.0 profile and scripts for Federal use • Develop USPerson profile model for enabling SAML-based identity authentication and authorization to Agency online applications • Build Step Down Translator to convert digital certs to SAML assertions • Continue Policy and Procedure engagement leading to true interfederation interoperability – goal is a viable MOA and interoperability • Provide on-call SAML 2.0 implementation expertise • Continue Bridge-to-Bridge engagement

  6. A Possible Future • Digitally-signed SAML 2.0 assertions extends architecture to bridge the gap between Levels 2 and 3. • Implement a Federation-to-Federation Interoperability and Trust Agreement and go live by 2006

  7. Discussion altermap@mail.nih.gov deborah.blanchard@cybertrust.com kjk@internet2.edu

More Related