Identity and Access Management IAM suite for Shibboleth systems - PowerPoint PPT Presentation

1 / 19
About This Presentation
Title:

Identity and Access Management IAM suite for Shibboleth systems

Description:

Autograph. Identity Provider. If user logs in first time. Redirect to http://...autograph/Login?ServiceProviderId=x&ServiceProviderLocation=y ... – PowerPoint PPT presentation

Number of Views:110
Avg rating:3.0/5.0
Slides: 20
Provided by: mor89
Category:

less

Transcript and Presenter's Notes

Title: Identity and Access Management IAM suite for Shibboleth systems


1
Identity and Access Management (IAM) suite for
Shibboleth systems
  • I2MM April 2006
  • Moritz Theile

2
Issues addressed by our work
  • Simple creation of Attribute Release Policies
  • User configurable privacy
  • Flexible handling of directory schemas

3
Identity and Access Management (IAM ) suite
Autograph
ShARPE
IdP
ARP Manage- ment
Privacy Manage- ment
IdP admin
IdP member
Attribute mapping
4
ShARPE - ARP management
SP
attributes
IdP
SP
ARP files
site ARP
group ARPs
5
Service Provider Description
A Service Provider can have multiple Services
e.g. email notification
6
ShARPE - ARP management
7
Identity and Access Management (IAM ) suite
8
Autograph privacy management
IdP members
I want to control the release of my attributes!
SP
attributes
IdP
SP
ARP files
user ARP
site ARP
group ARPs
9
Autograph privacy management
IdP members
SP
Autograph
attributes
IdP
SP
ARP files
user ARPs
site ARP
group ARPs
10
Autograph privacy management
11
Autograph privacy management
12
Autograph privacy management
13
Autograph in SSO sequence
Login
If user logs in first time.
Click on ServiceProviderLocationy
Redirect to http//...autograph/Login?ServiceProvi
derIdxServiceProviderLocationy
optional Autograph scene
Shib Login
14
Identity and Access Management (IAM ) suite
15
ShARPE attribute mapping
IdP knows attribute with name eduPersonAffiliatio
n
SP needs attribute community
M A P P E R
R E S O L V E R
attributes
SP
IdP
16
ShARPE attribute mapping
Service Provider
Identity Provider
AttributeAuthority
AttributeMapper
Resolver
LDAP
1. What can you tell me about user X?
3. Look up the local value for eduPersonAffiliati
on.
2. Get value for attribute community from
Mapper.
4. The Resolver knows where to ask for attribute
values.
staff
staff
communitystaff
17
ShARPE attribute mapping
18
Summary
  • Simple creation of Attribute Release Policies
  • User configurable privacy
  • Flexible handling of directory schemas

19
work to-do
  • Evaluating Testing
  • Considering feedback in development
  • Creating version for production use

20
Questions?
21
Thank you very much for the attention!
Contact me theile_at_melcoe.mq.edu.au
http//www.melcoe.mq.edu.au/projects/MAMS/
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Identity and Access Management IAM suite for Shibboleth systems" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!