bandeau haut JRES 2009

Identity Federation
Starting small and reaching way beyond

Thomas Lenggenhager

SWITCH, Switzerland



Mots clefs

AAI, Federated Identity, inter-federation, SAML, Shibboleth, WebSSO

Résumé

How to extend Web Single Sign-On beyond the security domain of a single university? This well-known problem initiated the implementation of the Swiss identity federation (SWITCHaai).

Universities issue digital identities to registered students and their staff by providing them their user account. If the university participates in an identity federation, such digital identities can also provide access to web based applications run by other institutions.

In Switzerland, the primary use case to establish the Authentication & Authorization Infrastructure (AAI) was to enable access for students to courses on learning management systems (LMS) hosted by third party universities. After five years of operational experience, SWITCHaai is well established and has become 'the key' for authenticated access to web servers in higher education.

The first part of the talk tells the story of SWITCHaai and lessons learned.


Today's federations are limited to their national scope, as they are mostly operated by a national research & education network (NREN). The time has come to reach beyond national borders by building the technical and trust framework on which national federations shall be able to inter-federate.

Once inter-federation is a reality, a professor of a French university could direct her students to a course hosted on the LMS of e.g. Université de Genève. Today, unless the course is accessible for any Internet user, it would require a huge overhead to bilaterally enable authenticated access.

Ideas and activities towards a scalable inter-federation future are in the focus of the second half of the talk.

Evaluer cet article
Evaluation à destination du comité de programme et des auteurs, soyez constructifs :-)
Vous avez trouvé l'article : Mauvais Médiocre Bon Excellent
Vous avez trouvé la présentation : Mauvaise Médiocre Bonne Excellente
Remarques :

Retour

Identity Federation
Starting small and reaching way beyond

Thomas Lenggenhager

SWITCH, Switzerland



Mots clefs

AAI, Federated Identity, inter-federation, SAML, Shibboleth, WebSSO

Résumé

How to extend Web Single Sign-On beyond the security domain of a single university? This well-known problem initiated the implementation of the Swiss identity federation (SWITCHaai).

Universities issue digital identities to registered students and their staff by providing them their user account. If the university participates in an identity federation, such digital identities can also provide access to web based applications run by other institutions.

In Switzerland, the primary use case to establish the Authentication & Authorization Infrastructure (AAI) was to enable access for students to courses on learning management systems (LMS) hosted by third party universities. After five years of operational experience, SWITCHaai is well established and has become 'the key' for authenticated access to web servers in higher education.

The first part of the talk tells the story of SWITCHaai and lessons learned.


Today's federations are limited to their national scope, as they are mostly operated by a national research & education network (NREN). The time has come to reach beyond national borders by building the technical and trust framework on which national federations shall be able to inter-federate.

Once inter-federation is a reality, a professor of a French university could direct her students to a course hosted on the LMS of e.g. Université de Genève. Today, unless the course is accessible for any Internet user, it would require a huge overhead to bilaterally enable authenticated access.

Ideas and activities towards a scalable inter-federation future are in the focus of the second half of the talk.

Evaluer cet article
Evaluation à destination du comité de programme et des auteurs, soyez constructifs :-)
Vous avez trouvé l'article : Mauvais Médiocre Bon Excellent
Vous avez trouvé la présentation : Mauvaise Médiocre Bonne Excellente
Remarques :

Retour
planning.txt · Dernière modification: 2009/11/23 15:25 par etienne.meleard@cru.fr
8ème Journées Réseaux à Nantes: JRES 2009
Logo du CNRS - UREC
Logo de RENATER
Logo du CRU
Logo de l'INRIA
Logo de l'Université de Nantes
Logo de l'Université de Rennes1
Logo de l'Université de Rennes2