Federated Identity Graduates
11
Federated Identity Graduates Nate Klingenstein Internet2 APAN 27 高高高高 , March 3, 2009
-
Upload
caldwell-douglas -
Category
Documents
-
view
17 -
download
0
description
Federated Identity Graduates. Nate Klingenstein Internet2 APAN 27 高雄台湾, March 3, 2009. Federated Identity is Spreading. Education Shibboleth Government Business to Consumer Business to Business. Core Principle for Principals. The Application is King - PowerPoint PPT Presentation
Transcript of Federated Identity Graduates
Federated Identity Graduates
Nate KlingensteinInternet2APAN 27
高雄台湾 , March 3, 2009
2
Federated Identity is Spreading
• Education• Shibboleth
• Government
• Business to Consumer
• Business to Business
3
Core Principle for Principals
• The Application is King• Supply the user data, security, and
usability they require
• More services equals more success
• Critical mass
• Especially interesting today• Applications with lower and higher
value
• Many types and qualities of user data
4
Major Shibboleth Federations
• UK Access Management Federation• 600+ Members
• InCommon• 120+ Members
• Over 2.2 million students, professors, and staff
• SWITCHaai• 90%+ of all students
• 30+ Other Countries, mostly in Europe
5
Major Educational Shibboleth
Applications• Microsoft Dreamspark
• Apple iTunesU
• Elsevier ScienceDirect
• EZProxy
• Google Apps and Gmail
• . . .lots more. . .
6
U.S. Government Deployment
• Recommendation to the Transition Team from ACT endorsing the Shibboleth model for the entire U.S.
• National Science Foundation (NSF) and National Institutes of Health (NIH) both InCommon Members
• Federal Health IT Standards
7
Business to Consumer• Facebook Connect with major
sites like CNN• Obama Inauguration, other events
• OpenID working on discovery and bilateral trust estabishment• Work to copy SAML Artifact design for
mobile device enablement
8
Business to Business• Generally SAML 2.0-based, but
not widespread
• Software as a Service (SAAS)• salesforce.com
• Google Apps• Frustration over limitations of mobile devices,
POP/IMAP and other protocols
• U.S. Real Estate using SAML 2.0• Huge return on investment from strong
authentication, reducing shared accounts
9
Other Major Federated Identity Developments• Google suggesting a
centralized discovery service (DS) for all SAML, OAuth, and OpenID federated identity• Important, because much international
collaboration between Canada, US, UK Federations; schools joining multiple federations
10
Other Major Federated Identity Developments• Internet Society (ISOC) joins the
Liberty Alliance Management Board• Identity TBD (IDtbd)
• Microsoft Geneva, part of Windows Azure cloud OS, based on SAML 2.0• Windows Cardspace still not used
• OAuth/OpenID integration efforts to supply services & user data
11
We’re Here to Help• Global deployment and
participation is critical
• APAN community can support each other in deployment
