Federated Identity Graduates
-
Upload
caldwell-douglas -
Category
Documents
-
view
17 -
download
0
description
Transcript of Federated Identity Graduates
Federated Identity Graduates
Nate KlingensteinInternet2APAN 27
高雄台湾 , March 3, 2009
2
Federated Identity is Spreading
• Education• Shibboleth
• Government
• Business to Consumer
• Business to Business
3
Core Principle for Principals
• The Application is King• Supply the user data, security, and
usability they require
• More services equals more success
• Critical mass
• Especially interesting today• Applications with lower and higher
value
• Many types and qualities of user data
4
Major Shibboleth Federations
• UK Access Management Federation• 600+ Members
• InCommon• 120+ Members
• Over 2.2 million students, professors, and staff
• SWITCHaai• 90%+ of all students
• 30+ Other Countries, mostly in Europe
5
Major Educational Shibboleth
Applications• Microsoft Dreamspark
• Apple iTunesU
• Elsevier ScienceDirect
• EZProxy
• Google Apps and Gmail
• . . .lots more. . .
6
U.S. Government Deployment
• Recommendation to the Transition Team from ACT endorsing the Shibboleth model for the entire U.S.
• National Science Foundation (NSF) and National Institutes of Health (NIH) both InCommon Members
• Federal Health IT Standards
7
Business to Consumer• Facebook Connect with major
sites like CNN• Obama Inauguration, other events
• OpenID working on discovery and bilateral trust estabishment• Work to copy SAML Artifact design for
mobile device enablement
8
Business to Business• Generally SAML 2.0-based, but
not widespread
• Software as a Service (SAAS)• salesforce.com
• Google Apps• Frustration over limitations of mobile devices,
POP/IMAP and other protocols
• U.S. Real Estate using SAML 2.0• Huge return on investment from strong
authentication, reducing shared accounts
9
Other Major Federated Identity Developments• Google suggesting a
centralized discovery service (DS) for all SAML, OAuth, and OpenID federated identity• Important, because much international
collaboration between Canada, US, UK Federations; schools joining multiple federations
10
Other Major Federated Identity Developments• Internet Society (ISOC) joins the
Liberty Alliance Management Board• Identity TBD (IDtbd)
• Microsoft Geneva, part of Windows Azure cloud OS, based on SAML 2.0• Windows Cardspace still not used
• OAuth/OpenID integration efforts to supply services & user data
11
We’re Here to Help• Global deployment and
participation is critical
• APAN community can support each other in deployment