brantley 2

47 %
53 %
Information about brantley 2

Published on June 18, 2007

Author: Brainy007


Shibboleth & Privacy:  Shibboleth andamp; Privacy Peter Brantley Director of Technology, California Digital Library University of California, Office of the President September 2005 Outline:  Outline Access Mgmt Shibboleth Federations UCTrust SAML Privacy Access Management:  Access Management Essential Requirements: Feasible and deployable Authentication strength proportionate to asset value Granularity of access and extensibility Cross-protocol / environment flexibility Provides for user-centered privacy Ensures accountability Ability to collect mgmt data A White Paper on Authentication and Access Management Issues Clifford Lynch, CNI, 1998 Distributed AM:  Distributed AM Optimally, separate AM functions are assumed by the most appropriate or relevant parties - Registration and Authentication: Library, College, University Authorization and Accounting: The Resource Owner Role vs Identity:  Role vs Identity Licenses providing access to restricted content, e.g., Elsevier’s ScienceDirect, are conceptually based on my role: {member of} University of California not my identity: peter.brantley {at} or my IP address: 128 . 218 . 14 . x Improved AM:  Improved AM Ideally want something non-identifying that a service can use to associate with me, and give me access. If a service provider knew where I was from, it could ask my identity-provider (i.e., my University) to authenticate me. Once authenticated, the service provider could determine whether or not I should have access to the resource based on information about my role. A service provider could therefore ask for only the attributes about my role that it most cares about. Might be {member of}, or {staff}, or {IT Director} This approach enables finer role based distinctions. This is Shibboleth!:  This is Shibboleth! Shibboleth Project An umbrella of activities around federated authentication and access management managed by Internet2 and its international partners, still ad hoc but moving toward formalism. Shibboleth Specifications The wire protocols and conformance requirements that define 'Shibboleth Compatible', currently derived in large part from SAML 1.1 with additions supporting user-centric privacy-preserving interaction. Shibboleth System Internet2-developed open source implementation of the specification and value-added components Not the only extant or planned implementation (at least 2-3 other implementations known, and smaller projects based on the code base) Shibboleth status:  Shibboleth status V1.3 released July/August 2005 In production use by commercial information providers (e.g., Elsevier SD, OCLC, JSTOR, EBSCO, Proquest, Blackwell) Growing int’l uptake (countrywide deployments underway in HE within Switzerland, Finland, UK, Australia, others) Deployment in US campuses accelerating rapidly Vendors peripheral to HE beginning to support. Production Federations (e.g., InCommon) now available Meetings of 'Leagues of Federations' Supports through pluggable extension the US Federal E-Authentication Initiative ( Shibboleth Arch:  Shibboleth Arch High Altitude Arch:  High Altitude Arch Shibboleth Federations:  Shibboleth Federations Persistent enterprise-centric trust facilitators Usually nationally-oriented Federated operator handles enterprise I/A, management of centralized metadata operations Members of federation communicate bilaterally through agreed upon sets of attributes Members of federation determine what to trust and for what purposes on an application basis Steering group of members sets policy and operational direction for federation Hard work. Meta-Federations:  Meta-Federations Federations of federations are under discussion. Shibboleth InCommon and U.S. Federal federation ('FedFed') are establishing a peering relationship. Sun’s Project Liberty and Shibboleth will interoperate through advancement of technical standards. Increased support for virtual organizations (VOs) uniting users within distinct Federations via adaptation of existing cross-org. collaboration tools, such as mlists and similar. Expect eventual formation of Shibboleth-enabled social software based infrastructures, extending the concept of VOs, that support personal attribute requests (e.g., imagine a Shibbolized Flickr or Connotea). Meta-Fed Discussions:  Meta-Fed Discussions Meeting held at Slaughter, England, Oct 2004 U.S., UK, Netherlands, Finland, Switzerland, Australia, Spain, and others. Issues include: agreeing on policy framework, comparing policies, correlating app usage to trust level, aligning privacy needs, working with multinational service providers, scaling the WAYF function. Good meeting, not wholly conclusive. Upper Slaughter images courtesy Ken Klingenstein. Upper Slaughter:  Upper Slaughter Leading trust to Slaughter:  Leading trust to Slaughter Leading trust from Slaughter:  Leading trust from Slaughter Feds in Europe:  Feds in Europe Different authentication technologies and infrastructures exist within Europe. REFeds Effort: Research/Education Federations. EC funded GN2 project: pan-euro network access: eduroam pan-euro aai solution: eduGAIN eduGAIN supports meta-federation, via a peering model. InCommon:  InCommon InCommon is the U.S. HE federation. Defines common identity attributes and common supporting technologies. Emphasis is on a broad membership, relatively low-level requirements to start. Any regionally accredited degree-granting school is potentially eligible. InCommon is now a LLC, may turn into a non-profit. Managed by a Steering Committee (CIO level people) with a Technical Advisory Group. InCommon | ops:  InCommon | ops Members trust the operators to perform its activities well: The operator (Internet2) posts its procedures Enterprises read the procedures and decide if they want to become members Contracts address operational and legal issues Origins and targets establish trust bilaterally in out-of-band or no-band arrangements (using shared posting of practices): Origins must trust targets dispose of attributes properly Targets must trust origins to provide attributes accurately Risks and liabilities managed by enterprises InCommon | progress:  InCommon | progress The relatively straightforward: Syntax and semantics of exchanged attributes (Eduperson) Set up and operation of federation Selling the concept and value The more challenging: Having applications make intelligent use of federated identity Handling indemnification Finding scalable paths for LOA components Shib communities:  Shib communities Flexible creation of federations within federations, of varying duration, are increasingly common in the U.S.. Short term: Hurricane Katrina Evacuee Medical Database RedCross federated authorization in field offices to common evacuee database. Long term: The University of California (UC) has established its own federation within InCommon, UCTrust. UCTrust requires greater assurance in IdM practices to ensure conformance with existing UC policies. UC Background:  UC Background The University of California is: Ten campuses, three national labs, five medical centers Most operational responsibilities on campuses Payroll, Student Information, etc. Each campus does its own identity management A few services are central Employee self-service and benefits central Most licensed library materials Multi-campus collaborations UC Problem Statement:  UC Problem Statement Separate identity management in place at each UC campus. Moving toward a new business environment : UC employee self-service and benefits Access to any UC campus library system Inter-campus access to course management systems Collaboration within the Academic Senate Administrative applications How can services of one UC campus be accessed by users of another UC campus? UCTrust | scope:  UCTrust | scope UCTrust establishes UC-wide requirements to facilitate system-wide agreements. Piloting with three campuses: UC San Diego UC Los Angeles UC Irvine UC Berkeley in conversation Piloting with UCOP applications: Your Benefits Online California Digital Library UCTrust | ops:  UCTrust | ops UCTrust Task Force Composed of campus Identity Providers, Service Providers, UCTrust Administration, and UCOP Manages operational policies and procedures Oversight and conflict resolution provided by UC’s committee of university CIOs. UCTrust Federation Administration Provides operational coordination, when needed Maintains documentation repository Not a major resource drain; technology and end-user support is with the Identity and Service Providers. UCTrust | reqs:  UCTrust | reqs UCTrust extends InCommon with additional requirements: Campuses must provide authoritative and accurate attribute assertions. Campuses must have practices that meet minimum standards: establishing electronic credentials and maintaining individual identity information Providers receiving individual identity attributes must ensure their protection and respect privacy constraints as defined by the campus Shibboleth next steps:  Shibboleth next steps Developing a multi-Federation world. Enhancing support for US DoE e-authentication initiative. Support GridShib - Shibboleth in the global Grid. Encourage continued commercial and vendor uptake. Exploration of interoperability with MSFT’s ADFS. Extending Shibboleth beyond the browser; some dataflows may use existing components in different ways. Shibboleth 2.0, utilizing SAML 2.0, enhances functionality significantly. Design has been committed. What’s SAML? SAML:  SAML Security Assertion Markup Language (SAML) Codified by OASIS with participation from MACE and others Defines XML Schema for AuthN and attribute assertions, queries, responses, and use profiles such as Web SSO. Defines bindings to protocols for transport V2.0 expands SAML and includes definitions from Shibboleth and the Liberty Alliance SAML in a Nutshell:  SAML in a Nutshell An XML-based framework for exchanging security information XML-encoded security assertions XML-encoded request/response protocol Rules on using assertions with standard transport and messaging frameworks An OASIS standard (1.0, 1.1, and 2.0) Vendors and users involved OpenSAML implementation available Codifies current system outputs vs. creating new technology Shibboleth and SAML:  Shibboleth and SAML Shibboleth is a profile of SAML. Shibboleth Arch document describes how Shib uses SAML. Shibboleth extends SAML. Shibboleth includes a trust fabric implementation based on PKI. Shibboleth includes a framework and metadata for identifying IdPs and SPs. Shibboleth includes a mechanism (ARPs) to manage the release of attribute information to SPs. Privacy & User Consent:  Privacy andamp; User Consent Privacy SAML 2.0 includes recommendations for privacy preservation if and when desired Central concept is that Identity Providers need not release any personal information about users to service providers User Consent SSO protocol includes ability to query and record user-consent Identity providers and service providers can choose to provide services based on whether user-consent was obtained and recorded. Privacy in EU:  Privacy in EU EU Privacy directives are at least implicitly intended to encompass development and use of attribute release policies. Growing awareness of privacy in the U.S. so greater harmonization is possible. And (quoting Ken Klingenstein), '… then there’s the Swiss…' Well-known name:  Well-known name Where privacy is not (much) at issue - User entry at the IdP and SP(s) are keyed off name and/or attribute. SAML 2.0 supports the use of: E-Mail Address X.509 Subject Name Windows Domain Qualified Name Kerberos Principal Name Attribute (e.g., employee ID) Anonymized access:  Anonymized access Privacy is an issue - Access at SP is given against roles or attributes. User is never explicitly identified by a persistent identifier. A transient identifier is used as the 'name' of the user. One or more roles describe the user: Employment grade :: Manager AccessRights :: Silver MemberOf :: Club Privacy preserving as user identity at IdP remains unknown. Mixed Bag:  Mixed Bag Some privacy is traded for PZN - User identified by privacy preserving identifier. User is identified by a persistent randomized string (aka 'Handle'), private and unique to IdP and SP pairs. Privacy preserving since no identity information about user is available at the SP. Requires IdP =andgt; SP synchronization of user data stores. Affiliations: An important subcase where a single persistent Handle is shared among a set of SPs, through release by the user. Trade-offs:  Trade-offs Anonymous use hinders PZN; persistent anonymized identifiers permit a range of PZN options. PZN is usually less about the habits of any given individual, but more about data-mining online behavior habits of many specific users. Aggregation across users into groups removes correlations that exist between discrete resource-interaction events. It is usually the individual case - individual privacy - that is of greatest concern in the state’s protection of privacy rights. Privacy & PZN:  Privacy andamp; PZN In the non-digital world, books are checked out, divorced from any digital click-stream. In a more pervasively digital world, browsing behavior is recorded along with borrowing, purchasing. Within the attribute-based realm, a service provider can choose to offer network-based pzn services if a persistent identifier is present. The user can determine the value of the trade-off, and whether they want to present attributes which reveal an anonymized identity. Acknowledgements:  Acknowledgements Many thanks to - the Shib crew: Ken Klingenstein, Steven Carmody, RL 'Bob' Morgan, Michael Gettes, Renee Frost, Scott Cantor, Walter Hoehn, and many many others, and to Frank Siebenlist, Argonne National Laboratory, U.S., and John Paschoud, London School of Economics, U.K., and David Walker, University of California, U.S., for giving permission to liberally borrow from their past Shibboleth presentations.

Add a comment

Related presentations

Related pages

Brantley Gilbert – Wikipedia

Brantley Keith Gilbert (* 20. Januar 1985 in Jefferson, Georgia) ist ein US-amerikanischer Countrypopsänger. Biografie. Brantley Gilbert ... (2 Wo.) 87 (1 ...
Read more

Brantley County, Georgia - Wikipedia, the free encyclopedia

Brantley County is a county located in the U.S. state of Georgia. As of the 2010 census, the population was 18,411. [1] The county seat is Nahunta. [2]
Read more

Brantley County – Wikipedia

Das Brantley County ... Von den 5.436 Haushalten hatten 38,2 Prozent Kinder und Jugendliche unter 18 Jahren, die bei ihnen lebten. 60,9 Prozent waren ...
Read more

Brantley Gilbert - The Blackout Tour

Brantley Gilbert - The Blackout Tour on sale now. Find tickets for an upcoming concert near you. List of all Brantley Gilbert tickets and tour dates for ...
Read more

Home - Brantley Gilbert

Printed on the front is a graphic of Brantley Gilbert's arms in a flag design and Brantley Gilbert Nation. The back reads Stone Cold Country By The Grace ...
Read more

Brantley Gilbert - Wikipedia, the free encyclopedia

Background information; Birth name: Brantley Keith Gilbert [1] Born (1985-01-20) January 20, 1985 (age 31) [2] Origin: Jefferson, Georgia, U.S. [2] Genres
Read more

Brantley Gilbert 2 - YouTube

Brantley Gilbert 'You Don't Know Her Like I Do' #1 Party - Inside Music Row 1272 - Duration: 5:19. InsideMusicRow 4,916 views
Read more

Brantley Gilbert (2-3) - YouTube

Brantley Gilbert-live at the aquistic dog house in washington st
Read more

Hinkley Lighting Brantley 2 Light Bath Wall Sconce in ...

Shop for Hinkley Lighting Brantley 2 Light Bath Wall Sconce in Brushed Nickel 5362BN. On sale for $159.00. Find it at Shop.
Read more

Brantley Gilbert

Brantley Gilbert. 3,662,889 likes · 53,044 talking about this. Just As I Am available everywhere now!
Read more