ORCID and Federated Identity and Access Management

Post on 08-May-2015

350 views 1 download

Preview:

Click to see full reader
Report this document
SHARE

description

From the ORCID Outreach Meeting, May 21-22, 2014, Chicago, Illinois, USA, https://orcid.org/content/orcid-outreach-meeting-and-codefest-may-2014 ORCID identifiers in access management Universities and other research organizations have begun utilizing the ORCID identifier to manage access to repositories and research information systems. This session will feature a discussion of integration opportunities, policy and privacy issues, and demonstrations by research organizations. Moderator: Ed Pentz, Executive Director, CrossRef Presenters: Keith Hazelton, Senior IT Architect the University of Wisconsin-Madison/Chair of Internet2 MACE-Dir working group Jared Lyle, Director of Curation Services, Inter-university Consortium for Political and Social Research (ICPSR), University of Michigan Ken Okaya, Product Manager, Rightsholder Services, Copyright Clearance Center / slides Doug Hahn, Senior Information Technology Manager, Texas A&M University Elaine Westbrooks, Associate University Librarian for Research, University of Michigan

Transcript of ORCID and Federated Identity and Access Management

ORCID and Federated Identity and Access Management

ORCID Outreach, Chicago, May 21, 2014Keith Hazelton, Internet2, Univ. of Wisconsin-Madison

• ORCID iDs can be passed as part of the attribute payload when a user accesses a federated service

• Raises a question that doesn’t yet have a definitive answer:

• Are there valid usage scenarios for this possibility?

• First: What is federated use of ORCID iDs and what value might it have?

ORCID in Identity Federation Scenarios

Attribute Schema for Federated Access• Whenever an organization wants its members to get access to

third party digital resources and services • In federated scenarios, the organization offers an Identity

Provider (IdP) serving its members/users while third party resources and services are represented as Service Providers (SPs)

Federated Flows

Deliver Content

Assert Attributes

Authenticate

Federated Flows

Deliver Content

Assert Attributes

Authenticate

eduPersonOrcid:http://orcid.org/0000-0102-9134-699X

There is now a defined way to do this

• What is the risk to SP of accepting IdPs assertion?• Could standardized verification methods at IdP institution

mitigate the risk?• How would the SP know if a particular ORCID iD had been

verified?• Is SP-side verification always the better alternative?– Since the user is “present”, ORCID APIs could be

leveraged– But that adds a computational step to the SP processing

Federated exchange of ORCID iDs -- good practice?

Top related

FIM- ig Federated Identity Management Interest Group
 Documents
Federated Identity Management · • “Federated identity management builds on a trust relationship established between an organization and a person. A federated identity makes it
 Documents
ORCID Update CNI Scholarly Identity Workshop Baltimore, Apr 4 2012 Chris Shillum, ORCID
 Documents
From Campus Identity Management to a Federated Solution ......2 From campus identity management to a federated solution Case: FEIDE Campus Identity Management Authoritative Quality
 Documents
Web Services and Identity 2.2 Federated Identity Technologies
 Documents
Federated Identity - Opportunities & Risks
 Documents
Attribute Aggregation in Federated Identity
 Documents
ORCID participant meeting May 2011: The digital scholar, identity on the Web and ORCID
 Education
Identity Workshop: Introduction to Federated Identity€¦ · Identity Workshop: Introduction to Federated Identity Brook Schofield, TERENA Digital Inclusion Task Leader, GN3plus
 Documents
The Basics of Federated Identity
 Documents
Federated Identity API User Guide
 Documents
Presentation on Federated identity and Access Management
 Education
Towards Federated Service Discovery and Identity ...
 Documents
Federated Identity & SSO Using Layer 7
 Documents
Web Services and Federated Identity Management
 Documents
CIS14: Why Federated Access Needs a Federated Identity
 Technology
Federated Identity Management452
 Documents
TrustedNational Identity SchemesSingapore Norway Sweden Nigeria Model 2 -Hybrid models based on multi-identity federated frameworks across identity providers Federated Identity 2 3
 Documents
Federated e-Identity Management across GCC Countries
 Technology
SOA Federated Identity Management
 Documents

Copyright © 2022 FDOCUMENTS