Federations in Texas Barry Ribbeck University of Texas Health Science Center at Houston.
-
Upload
ashley-oliver -
Category
Documents
-
view
214 -
download
0
Transcript of Federations in Texas Barry Ribbeck University of Texas Health Science Center at Houston.
![Page 1: Federations in Texas Barry Ribbeck University of Texas Health Science Center at Houston.](https://reader036.fdocuments.net/reader036/viewer/2022082816/56649d0a5503460f949dd7b9/html5/thumbnails/1.jpg)
Federations in Texas
Barry Ribbeck University of Texas Health Science Center at Houston
![Page 2: Federations in Texas Barry Ribbeck University of Texas Health Science Center at Houston.](https://reader036.fdocuments.net/reader036/viewer/2022082816/56649d0a5503460f949dd7b9/html5/thumbnails/2.jpg)
Context Definitions
• Target: A federation member offering resource(s)
• Origin: A federation member requesting access to resources in exchange for asserted information
• Member: An entity agreeing to abide by the policies governing the federation
![Page 3: Federations in Texas Barry Ribbeck University of Texas Health Science Center at Houston.](https://reader036.fdocuments.net/reader036/viewer/2022082816/56649d0a5503460f949dd7b9/html5/thumbnails/3.jpg)
Potential Need for Federation(s)• UT Information Security• UT Austin Define System• UTHSC-Houston Blackboard resource• UTMB Center for bio-terrorism research• Texas Medical Center – Houston collaborative efforts
(17 physical institutions, 44 external institutions with hundreds of business partner relations per institution.
• Houston Higher Ed: UT-HSCH, Rice, A&M, Baylor, U of H, Texas Southern, HCC, Houston Baptist, U of St. Thomas, UT-MDACC
![Page 4: Federations in Texas Barry Ribbeck University of Texas Health Science Center at Houston.](https://reader036.fdocuments.net/reader036/viewer/2022082816/56649d0a5503460f949dd7b9/html5/thumbnails/4.jpg)
UT Infosec• UT – A state agency with 17 component parts
geographically dispersed across the state of Texas operating independently.
• Information Security (Infosec) is a cross institutional group charged with sharing information regarding security related issues and coordinating security related communications between institutions.
• All UT components operate under a common PKI, so a trust fabric exists
• Already committed to using Shibboleth as infrastructure exists to support it
![Page 5: Federations in Texas Barry Ribbeck University of Texas Health Science Center at Houston.](https://reader036.fdocuments.net/reader036/viewer/2022082816/56649d0a5503460f949dd7b9/html5/thumbnails/5.jpg)
UT Austin Define System
• A legacy mainframe application with extensive web front end development, used by multiple UT institutions within the state. Contains financial, student and other sensitive data.
• Austin is considering re-vamping their Authentication/Authorization (AA) process for this web based application as well as for the campus in general
• Austin no longer wants to support Identification and Authorization (I&A) for external components accessing this application.
![Page 6: Federations in Texas Barry Ribbeck University of Texas Health Science Center at Houston.](https://reader036.fdocuments.net/reader036/viewer/2022082816/56649d0a5503460f949dd7b9/html5/thumbnails/6.jpg)
UTHSCH-Houston Blackboard• Houston has satellite programs dispersed around
the state.• Most of these programs involve faculty and
students at other UT institutions.• Currently, non-UTHSCH users utilizing the
Houston Blackboard Course Management System resource require a guest account.
• Once the infrastructure is in place, it will allow courses offered at Houston to scale beyond the UT virtual boundaries.
• Planned deployment in Q1 2004
![Page 7: Federations in Texas Barry Ribbeck University of Texas Health Science Center at Houston.](https://reader036.fdocuments.net/reader036/viewer/2022082816/56649d0a5503460f949dd7b9/html5/thumbnails/7.jpg)
UTMB bio-terrorism facility
• UT Medical Branch in Galveston is building a level 4 biological research lab
• They are a candidate for a federal bio-terrorism facility
• How do we ensure security and access control to information that will be made available to collaborators inside and outside of the state?
![Page 8: Federations in Texas Barry Ribbeck University of Texas Health Science Center at Houston.](https://reader036.fdocuments.net/reader036/viewer/2022082816/56649d0a5503460f949dd7b9/html5/thumbnails/8.jpg)
Texas Medical Center
• 17 institutions operating independently with a 4 square mile area
• Largest medical center in the world• Many of the faculty and providers are cross
institutional affiliates.• Hippa is forcing US to change the way we
distribute non-mainstream health information (SMIME/Web) between institutional providers
![Page 9: Federations in Texas Barry Ribbeck University of Texas Health Science Center at Houston.](https://reader036.fdocuments.net/reader036/viewer/2022082816/56649d0a5503460f949dd7b9/html5/thumbnails/9.jpg)
Houston Higher Ed
• Many Institutions of higher learning
• Many resources (library resources) shared both locally and state wide
• Programs currently exist to allow students from one institution to take for credit courses at other institutions and pay for those courses locally.
![Page 10: Federations in Texas Barry Ribbeck University of Texas Health Science Center at Houston.](https://reader036.fdocuments.net/reader036/viewer/2022082816/56649d0a5503460f949dd7b9/html5/thumbnails/10.jpg)
Why does a Federation exist?
• To provide a venue and policy structure(s) for enterprises with common needs to access or provide digital resources securely while leveraging a common trust fabric.
• To provide assurance of compliance with policy of the trust fabric to relying parties.
• To enforce the polices of the Federation
![Page 11: Federations in Texas Barry Ribbeck University of Texas Health Science Center at Houston.](https://reader036.fdocuments.net/reader036/viewer/2022082816/56649d0a5503460f949dd7b9/html5/thumbnails/11.jpg)
Why does an Origin Join a Federeration?
• To provide a mechanism for its users to access external resources offered via the Federation thereby extending the utility of its internal resources in a scalable fashion
• To leverage the scale provided by a trust fabric and reduce the number of 1 to 1 Relying Party Agreements.
![Page 12: Federations in Texas Barry Ribbeck University of Texas Health Science Center at Houston.](https://reader036.fdocuments.net/reader036/viewer/2022082816/56649d0a5503460f949dd7b9/html5/thumbnails/12.jpg)
Why does a Target join a Federation?
• To provide access to resources of interest to a larger community with some level of control and accountability.
• To leverage the scale of a shared trust fabric and reduce the number of 1 to 1 Relying Party Agreements.
![Page 13: Federations in Texas Barry Ribbeck University of Texas Health Science Center at Houston.](https://reader036.fdocuments.net/reader036/viewer/2022082816/56649d0a5503460f949dd7b9/html5/thumbnails/13.jpg)
Why a another federation?
• Federations membership is based on the needs of the constituents.
• Target requirements and Origin requirements may not match nicely with RPA in a more generalized Federation.
• Will targets that require a high LOA for I&A be satisfied with an assertion of how authenticated?
• When Target and Origin are “close” within a federation and the applications are mission critical why outsource the federation when they are already supporting the ends.
• It may be easier to establish a “local” federation as policies within a community may already exist (PKI).