Identity Management Matters

1. eduserv - OpenAthens Seminar #oa11- 10/03/2011Presenter or main title…Access & Identity Management Programme (#jiscaim)Session Title or subtitle…Christopher Brown c.brown@jisc.ac.uk Digital Infrastructure

2. AIM – supporting InnovationHow does AIM fit in to JISC?10/03/2011 | Slide 2Innovation GroupContentDigital Infrastructure(eResearch & Information Environment)e-LearningAIMOUThttp://www.flickr.com/photos/triplemaximus/156523870/sizes/z/in/photostream/

3. AIM – supporting e-Research10/03/2011 | Slide 3e-ResearchResearch Comm EngAIMResearch Data MgmtVREResearch Infrastructure

4. AIM Programme1st Jan 2009 to 31st March 2011 (IdM Toolkit Pilots – Feb-July 2011)Focus:ProcessPolicyTechnology ObjectivesBuild foundations for production systems that universities might adopt in the futurePrepare the sector for future developmentsImprove user experienceIncrease value and make AIM relevant to wider community Enable integrated systems architectureDevelop practical tools to enable AIM10/03/2011 | Slide 4Exploring Innovative new areas

5. AIM ProgrammeUK Access Management Federation SupportExpandImproveIncrease uptakeFundingShibboleth Consortium (JISC, Internet2, SWITCH)Technical roadmapGovernance mechanismsOperate open source project => Shibboleth Foundation?Extending Access Mgmt into BCEPublisher SupportWAYFless URLs10/03/2010 | Slide 5

6. AIM Projects – IdM ToolkitJohn PaschoudLSECompleted June 2010Online and PDF versionsAimed at executive and technical staff in HE & FEReview, assess and improve performance of IdMRaise and maintain awareness, importance and key issues of IdMLaunched UCISA/JISC conferences Spring 2010Website:http://www.identity-project.orgSupport:jisc-identity-management@jiscmail.ac.uk10/03/2011 | Slide 6http://www.flickr.com/photos/ugardener/2499663609/sizes/z/

7. AIM Projects – IdM Toolkit PilotsTwo Pilots (Feb – July 2011)UK Data Archive / University of EssexImperial CollegeInstitutional BenefitsInstitutions assess and review their IdM processes and policiesCost savings from using and acting on advice in the ToolkitToolkit BenefitsTests the Toolkit through implementationIncrease the uptake of the ToolkitNot a static ToolkitFurther develop its usefulness10/03/2011 | Slide 7http://www.flickr.com/photos/redune/4226064/sizes/o/in/photostream/

8. Previous projectsGFIVO – common tools, set up wikis and blogs. Easy to set up groupsCUCKOO – institutional level: roll it out and use itGRAND (Granularity, Audit, N-tier and Delegation)1) Granularity and DelegationHow to most effectively structure Grouper2) Audit and accountingHow to process Shib and Grouper logs3) N-tierHow to do integrated auto login for ShibHow to exploit Kerberos N-tier support in Shibhttp://research.ncl.ac.uk/grand Benefits expected: Greater uptake of access control

9. Scalable service

10. Useful audit records

11. Accounting ability

12. Improved Login experience

13. Practical n-tier integration

14. Systems integrationAIM Projects - Grouper10/03/2011 | Slide 8Cal RaceyUniversity of Newcastle 15 monthshttp://www.flickr.com/photos/gregloby/3515990945/sizes/m/in/photostream/

15. AIM Projects – Usage StatisticsGraham MasonCardiff Univ/Kidderminster 15 monthsRAPTOR (Retrieval, Analysis, and Presentation Toolkit for usage of Online Resource)Software toolkit that will allow visualisation of e-resource usage to non-technical peopleAlso allow for publishing aggregated usage information to a federation operatorOpen source / open standardsFully documented and easy to set up/customiseAggregation – aimed at installing at the institutional level, but can aggregate upwardsCollaborating with SWITCH and MIMAS10/03/2011 | Slide 99http://www.flickr.com/photos/eschipul/167852691/sizes/m/in/photostream/

16. AIM Projects – Web ServicesFiona CullochEDINA 12 monthsWSTIERIA (Web Services Tiered Internet Authorization )Make web services work with UK federation Investigating two approaches:using “façade” to handle authenticationnew Shib features to invoke web service between SPsTested on two application domains:Geospatial web service (SEE-GEO)WebDAV (widely deployed remote file-access protocol layered on HTTP)Community BenefitWeb services interoperate with FAMImprove end-user experience by application componentizationReal components need authorizationAccess presently hidden web servicesDiscussing with MIMAS, SDSS, Shibboleth10/03/2011 Slide 10http://www.flickr.com/photos/aqua-marina/840167789/sizes/m/in/photostream/

17. AIM Projects – Data setsAndrew SimpsonUniversity of Oxford 12 monthsSOFA (Service-Oriented Federated Authorization)Two broad goals:The facilitation of data aggregation across distributed, heterogeneous data sourcesThe provision of secure, assured data sharingValue:Low costLimited impactData ownership remains unchangedsif: middleware framework that facilitates the secure sharing and aggregation of data from disparate, heterogeneous data storesSOFA: an extension of sif that allows data owners to leverage their access control paradigm of choice Applications: student administration; heart modelling; research into Bipolar disorder10/03/2011 | Slide 11

18. AIM Projects – UMASMART(Student-Managed Access to online Resources)There is a need for efficient, secure and usable access management system that:supports data owners with sharing their datasupports data consumers with accessing this dataDevelop online data management system based on User-Managed Access (UMA) protocolDeploy at Newcastle to allow data to be shared more efficiently and securely.Evaluate UMA at NewcastleContribute to standardisation effort of UMA protocol by actively participating in the UMA WG10/03/2011 | Slide 12Maciej MachulakUniversity of Newcastle 15 monthsBenefits: Participation in the UMA WG ensures that HE requirements for access management are taken into consideration. It also ensures that JISC and UK HE remains at the forefront of developments in Web authorisation solutions

19. Scenario for UMA use case shows applicability of the new technology to HE environments

20. Conducted research, experience and developed software for UMA to be reused by AIM community within and outside UKAIM Projects – Logins4LifeMatthew SloweKent University 15 monthsLogins for LifeAddresses the needs of a University to engage with users throughout their lives. Create use cases, policies and recommendations for dealing with user accounts throughout their changing roles while catering for existing digital identities. Create a test environment which will demonstrate how these policies can be delivered using open source tools. http://sec.cs.kent.ac.uk/demos10/03/2011 | Slide 13http://www.flickr.com/photos/smilygrl/4667529998/sizes/m/in/photostream/

21. AIM – International Links10/03/2011 | Slide 14EUROPE

22. TERENA (TNC2010, TF-EMC2, REFEDS) - NRENS

23. Knowledge Exchange (JISC, SURFfoundation, DFG, DEF)

24. USA

25. Internet2

26. Kantara

27. Australasia

28. AAF (Australian Access Federation)

29. CAUDIT (The Council of Australian University Directors of Information Technology)

30. eWorks – Technical and Further Education (TAFE) sector

31. MoRST (Ministry of Research, Science and Technology)http://www.flickr.com/photos/caveman_92223/3185534518/sizes/m/in/photostream/

32. AIM – The road aheadThe new JISC:HEFCE reviewReduced fundingConcentrate on key areas of AIMMake a business case for fundingWhat should the AIM programme fund?Follow-on funding for projectsBuild a communityBenefit realisation10/03/2011 | Slide 15http://www.flickr.com/photos/iguanajo/2838705163/sizes/m/in/photostream/

33. AIM – InformationBlog: http://aimprog.jiscinvolve.org/ Netvibes (#jiscaim): http://www.netvibes.com/jiscaim JISC AIM queries: c.brown@jisc.ac.uk Toolkit queries: jisc-identity-management@jiscmail.ac.uk Programme tag #jiscaim10/03/2011 | Slide 16http://www.flickr.com/photos/dm-set/3435818474/sizes/z/in/photostream/

34. Questions10/03/2011 | Slide 17http://www.flickr.com/photos/mic_n_2_sugars/564570276/sizes/o/

Identity Management Matters

More Related Content

What's hot (8)

Viewers also liked (6)

Similar to Identity Management Matters (20)

More from Eduserv (20)

Identity Management Matters