Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.
-
Upload
raegan-bardell -
Category
Documents
-
view
212 -
download
0
Transcript of Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.
![Page 1: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/1.jpg)
http://iamsect.ncl.ac.uk/
Introduction to Shibboleth and the IAMSECT Project
![Page 2: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/2.jpg)
2
http://iamsect.ncl.ac.uk/
What is Shibboleth?
• Authentication management
• Authorisation management
• (Open Source) Software
• A decentralised, key-based trust model
• Web-based
![Page 3: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/3.jpg)
3
http://iamsect.ncl.ac.uk/
Overview
• Users and Services, now• Users and Services, with Shibboleth• ID Providers• The IAMSECT Project
• Demonstration #1 - Shibboleth & BB• Demonstration #2 – BIOSIS (live)• Questions
![Page 4: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/4.jpg)
4
http://iamsect.ncl.ac.uk/
Users and Services - now
• Many username & password pairs
• Tools to manage them• Means of Coping
• Managing user lists• ‘remote users’• Keeping up-to-date
Users Services
•Confidentiality•Security
![Page 5: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/5.jpg)
5
http://iamsect.ncl.ac.uk/
User and Services - Shibboleth
• One Home institution• One username and
password
• No user lists• Federations
Users Services
How?
![Page 6: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/6.jpg)
6
http://iamsect.ncl.ac.uk/
Identity Providers
• Assert someone’s identity
• You want your users to access remote services• Only worry about your own users
![Page 7: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/7.jpg)
7
http://iamsect.ncl.ac.uk/
Federations
• Groups of Identity & Service Providers
• A set of agreed policies
• Mutual trust (via symmetric keys)
![Page 8: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/8.jpg)
8
http://iamsect.ncl.ac.uk/
IAMSECT
• Inter-institutional Authorisation Management to Support eLearning with reference to Clinical Teaching
![Page 9: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/9.jpg)
9
http://iamsect.ncl.ac.uk/
IAMSECT
• JISC funded
• Collaboration between Durham, Northumbria, Newcastle
• Shibboleth isn’t trivial
• Technical issues
• Managerial issues
• Confidentiality - Clinical Teaching
![Page 10: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/10.jpg)
10
http://iamsect.ncl.ac.uk/
Demonstration #1 (theoretical)
• At present, theoretical
• Durham Blackboard (Service Provider)• Newcastle login (Identity Provider)
![Page 11: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/11.jpg)
11
http://iamsect.ncl.ac.uk/
Demonstration #1
![Page 12: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/12.jpg)
12
http://iamsect.ncl.ac.uk/
User attempts to access Service
![Page 13: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/13.jpg)
13
http://iamsect.ncl.ac.uk/
http://duo.dur.ac.uk/
![Page 14: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/14.jpg)
14
http://iamsect.ncl.ac.uk/
User redirected to ‘WAYF’
![Page 15: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/15.jpg)
15
http://iamsect.ncl.ac.uk/
https://wayf.sdss.ac.uk/shibboleth-wayf/...
![Page 16: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/16.jpg)
16
http://iamsect.ncl.ac.uk/
User selects their Identity Provider
![Page 17: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/17.jpg)
17
http://iamsect.ncl.ac.uk/
https://weblogin.ncl.ac.uk/cgi-bin/index.cgi
![Page 18: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/18.jpg)
18
http://iamsect.ncl.ac.uk/
I.P. authenticates User
Active Directory
![Page 19: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/19.jpg)
19
http://iamsect.ncl.ac.uk/
User redirected back to Service
Active Directory
![Page 20: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/20.jpg)
20
http://iamsect.ncl.ac.uk/
https://shib.ncl.ac.uk/shibboleth/HS?...
![Page 21: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/21.jpg)
21
http://iamsect.ncl.ac.uk/
User accesses Service
Active Directory
![Page 22: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/22.jpg)
22
http://iamsect.ncl.ac.uk/
http://duo.dur.ac.uk/
![Page 23: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/23.jpg)
23
http://iamsect.ncl.ac.uk/
Demonstration #2 (live)
• EDINA BIOSIS e-journal Service
• SDSS federation WAYF
• Newcastle Identity Provider
![Page 24: Http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project.](https://reader035.fdocuments.in/reader035/viewer/2022070307/551ae8685503465e7d8b4af5/html5/thumbnails/24.jpg)
24
http://iamsect.ncl.ac.uk/
Questions