SlideShare a Scribd company logo

JISC Access and Identity Management: Future Directions

Download as PPT, PDF
J
JISC.AM

The document outlines the access management transition program led by Jisc, detailing the evolution of the Athens system for authentication in higher education from 1995 to various international collaborations and developments. It highlights the aims of creating a unified access management system for both intra- and inter-institutional resources and emphasizes the importance of standards over specific technologies. Additionally, it mentions ongoing projects, federated identity management, and international partnerships to enhance collaboration in digital resource access.

TechnologyBusiness
1 of 23
Downloaded 99 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
Access Management Transition Programme Meeting Access Management Futures: JISC and International Development Strategy Nicole Harris Senior Services Transition Manager, JISC
A Little Background
Some Background 1995: Athens developed by NISS (National Information Services and Systems) at University of Bath as an in-house system. 1996: eLib Study ‘Technologies to Support Authentication in Higher Education’ identified Athens as a potential solution for all JISC Services. 1997: Athens in use in all JISC Data Centres and rolled out across HEIs / FEIs over the next two years. 1998: CNI White Paper on AAA requirements. JISC commits to using as a basis for next-generation technologies. 1997 – 2000: three year contract for Athens provision with University of Bath and then Eduserv. 2000 – 2008: two three year plus one two year contract with Eduserv for Athens provision. 2000: Alan Robiette and JCAS scope requirements for next generation access management system (ANGEL project starts testing Shibboleth and PAPI technologies). 2002 – 2004: AAA Programme – audit of next generation technologies and ratification of requirements. 2004 – 2007: Core Middleware Programmes. JISC decision to support federated access management. 2006 – 2009: Access Management: Transition Programme. Roll-out and embedding.
The Requirements A single access management system for: Intra-institutional resources. Third party digital library type resources. Inter-institutional resources for secure long-term collaboration. Inter-institutional resources for ad-hoc (virtual organisation) collaboration. Evolving strategy: Where possible, JISC should focus on fostering development and use of standards rather than specific technologies. Institutions should have the widest possible range of options, from full open source to commercial support. Solutions should be in line with international developments in the field. Solution must provide real benefits to institutions and service providers.
Not just about preventing.. Copyright: Getty Images from the Education Image Gallery
..but about collaborating and sharing Copyright: Getty Images from the Education Image Gallery
The UK Development Landscape Athens Gateways CA Bridge eduRoam Gateway Development Level of Assurance – FAME project Identity Management – inter- and intra- NHS / Government N-tier Developments – SPIE project Authorisation Tools - PERMIS, DYVOSE (Authority Delegation) Interfaces / User Tools Virtual Home for Identities Federation Tools Identity / Service Providers outreach support federation Federation Services
JISC Plans
Access Management Transition Programme!
e-Infrastructure Programme Continued support for integration of UK federation and Grid. Levels of Assurance: ES-LOA. Identity Project. Federated tools: 5 new projects. Federated Identities and virtual organisations with Grouper Virtual Organisations and management of organisations objects Integrated Authorisation for Shibboleth/Grid. Integrating VOMS and PERMIS Virtual Organisation tools Upcoming ITTs / Calls / other work in the areas of…
Orphans American evangelist Dwight Lyman Moody (1837 - 1899) with a group of orphans at one of his Chicago missions. Courtesy of the Education Image Gallery Copyright: Getty Images
Identity Management outside Institutions
Multiple Affiliations
Attributes and Personalisation Copyright: HEFCE
e-Research Access Management for complex data Flexible Service Provider models for virtual organisations Ongoing work with the National Grid Service, including the CA Copyright: Getty Images Education Image Gallery
Federated Tools such as ShARPE
Internet2 Plans
SAML 2.0 Scott Cantor: technical editor of SAML 2.0 specification and lead Shibboleth architect. SC describes it as a ‘vulcan mind-meld’ of SAML 1.1, Shibboleth and Liberty ID-FF 1.2. You can expect in the long-term: Focus on federated identity management. Single log-out. Account linking / management. More features / more complexity. Copyright: Getty Images Education Image Gallery
Shibboleth 2.0 Major changes: New and broadening concepts New configuration files Metadata updates Minor installation differences Partial SAML 2.0 support (AuthnRequest, AttributeQuery, SingleLogout). Better session management Better authentication packaged with Shib Better attribute management – particularly attribute filter policy Focus on SP side discovery service (the future?) Better audit and access logs Java Service Provider https://spaces.internet2.edu/display/SHIB/ShibTwoRoadmap .
Other Internet2 Stuff More work in collaborative scenarios: virtual organisations etc. Application integration with infrastructure: wikis, SharePoint, Sakai, mailing lists etc. Integrated application providers: yahoo, google, e-bay etc. Easier install IdPs. Information card integration including CardSpace (in place now). Open Liberty Integration
International Plans
Work with our International Partners International Vendor Liaison, with specific emphasis on work with SURF and Internet2. Directory Schema work with TERENA through TF-EMC2. Inter-federation and licensing work with Knowledge Exchange Partners in Netherlands, Germany and Denmark. Inter-federation work with TERENA, Internet2 and DEST. Contributions to the Shibboleth code-base through team at EDINA. Continued international dialogue
and developing the UK federation… (see Josh Howlett presentation)

More Related Content

PPT
The Repository Roadmap - are we heading in the right direction?
Eduserv Foundation
 
PPTX
EADTU Conference - UKOER Technology Challenges
Lorna Campbell
 
PPT
Karen Church - A Large-Scale Study of European Mobile Information Access
AIC_UCD
 
PPT
Metadata Working Group - Status update
EDINA, University of Edinburgh
 
PPTX
Turning FAIR data into reality
Sarah Jones
 
PPT
Educause2006 - Federated Access Management in the UK
JISC.AM
 
PPT
Some Academic Sector/NMCA outcomes from the OGC Web Service Shibboleth Intero...
EDINA, University of Edinburgh
 
PPT
Knowledge Services
Albert Simard
 
The Repository Roadmap - are we heading in the right direction?
Eduserv Foundation
 
EADTU Conference - UKOER Technology Challenges
Lorna Campbell
 
Karen Church - A Large-Scale Study of European Mobile Information Access
AIC_UCD
 
Metadata Working Group - Status update
EDINA, University of Edinburgh
 
Turning FAIR data into reality
Sarah Jones
 
Educause2006 - Federated Access Management in the UK
JISC.AM
 
Some Academic Sector/NMCA outcomes from the OGC Web Service Shibboleth Intero...
EDINA, University of Edinburgh
 
Knowledge Services
Albert Simard
 

What's hot (20)

PPT
OGC Interoperability Experiments and Authentication
EDINA, University of Edinburgh
 
PDF
Ready, Set, GO FAIR
EOSCpilot .eu
 
PDF
EOSC FAIR Data Session - EOSC Stakeholders Forum 2018
EOSCpilot .eu
 
PPTX
Trust and identity in the Géant project - Networkshop44
Jisc
 
PPTX
What it means to be FAIR
Sarah Jones
 
PPT
Jane Charlton Intro To F A M
JISC.AM
 
PDF
Results from the FAIR Expert Group Stakeholder Consultation on the FAIR Data ...
EOSCpilot .eu
 
PPT
Fitt Toolbox Tt Collaboration
FITT
 
PPTX
EOSC-MAR-update.pptx
Sarah Jones
 
PPTX
OSFair2017 Workshop | Towards a Policy Framework for the European Open Scienc...
Open Science Fair
 
PPTX
AIM Session at #DigiFest14
Christopher Brown
 
PPTX
EOSC's value proposition
Jisc
 
PPT
Berlin 6 Open Access Conference: Wolfram Horstmann
Cornelius Puschmann
 
PPTX
It takes more than a village: lessons on building global research commons
Sarah Jones
 
PDF
ELIXIR FAIR Activities - Examplars
Susanna-Assunta Sansone
 
PDF
Survey on metadata management and governance in Europe
Semic.eu
 
PPT
Shibboleth Access Management Federations as an Organisational Model for SDI
EDINA, University of Edinburgh
 
PPT
1345 1400 Fiona Cullock Edina Case Study
JISC.AM
 
PPTX
E Portfolio
Robin Popow
 
PDF
Repositories for long-term preservation - certification
EOSC-hub project
 
OGC Interoperability Experiments and Authentication
EDINA, University of Edinburgh
 
Ready, Set, GO FAIR
EOSCpilot .eu
 
EOSC FAIR Data Session - EOSC Stakeholders Forum 2018
EOSCpilot .eu
 
Trust and identity in the Géant project - Networkshop44
Jisc
 
What it means to be FAIR
Sarah Jones
 
Jane Charlton Intro To F A M
JISC.AM
 
Results from the FAIR Expert Group Stakeholder Consultation on the FAIR Data ...
EOSCpilot .eu
 
Fitt Toolbox Tt Collaboration
FITT
 
EOSC-MAR-update.pptx
Sarah Jones
 
OSFair2017 Workshop | Towards a Policy Framework for the European Open Scienc...
Open Science Fair
 
AIM Session at #DigiFest14
Christopher Brown
 
EOSC's value proposition
Jisc
 
Berlin 6 Open Access Conference: Wolfram Horstmann
Cornelius Puschmann
 
It takes more than a village: lessons on building global research commons
Sarah Jones
 
ELIXIR FAIR Activities - Examplars
Susanna-Assunta Sansone
 
Survey on metadata management and governance in Europe
Semic.eu
 
Shibboleth Access Management Federations as an Organisational Model for SDI
EDINA, University of Edinburgh
 
1345 1400 Fiona Cullock Edina Case Study
JISC.AM
 
E Portfolio
Robin Popow
 
Repositories for long-term preservation - certification
EOSC-hub project
 
Ad

Similar to JISC Access and Identity Management: Future Directions (20)

PPT
'Connecting poeple to resources' by Nicole Harris at UKSG 2007
JISC.AM
 
PPT
Federated Access Management (SFEU)
JISC.AM
 
PPT
JISC License Workshop
JISC.AM
 
PPTX
Advancing the JISC Access & Identity Management Programme
JISC Netskills
 
PPTX
JISC's AIM programme
Christopher Brown
 
PDF
Talis Insight Presentation
JISC.AM
 
PPT
FAM The Basics 13 Feb08
Mike Moran
 
PPT
Lessons from the UK Access Management Federation
Jisc
 
PPT
Access Management - the Issues for FE Colleges
Mike Moran
 
PPSX
Identity Management Matters
Eduserv
 
PPT
Federated Access Management, JISC Presentation
JISC RSC Southeast
 
PPT
Online Educa: JISC Access and Identity Management
JISC.AM
 
PPT
Access Management for Libraries by John Paschoud & Masha Garibyan
JISC.AM
 
PPT
Eunis federation2
HEAnet
 
PPT
Inspire2011 shibb am_fs_paper_v3
EDINA, University of Edinburgh
 
PPT
OpenAthens and the future of access and identity management
Eduserv Foundation
 
PPT
McShibboleth Presentation
JISC.AM
 
PPTX
Trust and identity
Jisc
 
PPT
Technical Requirements of the UK Access Management Federation
JISC.AM
 
PPT
UK Access Management Federation A partnership of JISC Collections & EDINA
UKSG: connecting the knowledge community
 
'Connecting poeple to resources' by Nicole Harris at UKSG 2007
JISC.AM
 
Federated Access Management (SFEU)
JISC.AM
 
JISC License Workshop
JISC.AM
 
Advancing the JISC Access & Identity Management Programme
JISC Netskills
 
JISC's AIM programme
Christopher Brown
 
Talis Insight Presentation
JISC.AM
 
FAM The Basics 13 Feb08
Mike Moran
 
Lessons from the UK Access Management Federation
Jisc
 
Access Management - the Issues for FE Colleges
Mike Moran
 
Identity Management Matters
Eduserv
 
Federated Access Management, JISC Presentation
JISC RSC Southeast
 
Online Educa: JISC Access and Identity Management
JISC.AM
 
Access Management for Libraries by John Paschoud & Masha Garibyan
JISC.AM
 
Eunis federation2
HEAnet
 
Inspire2011 shibb am_fs_paper_v3
EDINA, University of Edinburgh
 
OpenAthens and the future of access and identity management
Eduserv Foundation
 
McShibboleth Presentation
JISC.AM
 
Trust and identity
Jisc
 
Technical Requirements of the UK Access Management Federation
JISC.AM
 
UK Access Management Federation A partnership of JISC Collections & EDINA
UKSG: connecting the knowledge community
 
Ad

More from JISC.AM (20)

PPT
Identity Assurance Profiles
JISC.AM
 
PPT
Assurance
JISC.AM
 
PPT
I2 Fedsoup
JISC.AM
 
PPT
Cuckoo (Graham Mason, Ed Beddows)
JISC.AM
 
PPT
Federated Futures (Nicole Harris)
JISC.AM
 
PPT
Introduction to Shib 2.0 (Chad La Joie)
JISC.AM
 
PPT
The Identity Project (Rhys Smith)
JISC.AM
 
PPT
Shibboleth 2.0 IdP slides - Installfest (Edited)
JISC.AM
 
PPT
Shibboleth 2.0 SP slides - Installfest
JISC.AM
 
PPT
SARoNGS project (Jens Jensen)
JISC.AM
 
PPT
Names project (Amanda Hill)
JISC.AM
 
PPT
Studies in advanced access mgmt: GFIVO project (Cal Racey)
JISC.AM
 
PDF
Identity: Future directions (David Orrell, Eduserv Foundation)
JISC.AM
 
PDF
Shintau And VPMan proejcts (David Chadwick)
JISC.AM
 
PPT
Identity: Future directions (David Orrell, Eduserv Foundation)
JISC.AM
 
PPT
Internet2 Fall MM 2007 - Jane Charlton
JISC.AM
 
PPT
Openid
JISC.AM
 
PPT
Federated Access Management 102
JISC.AM
 
PPT
Federated Access Management (Sconul Access Conference)
JISC.AM
 
PDF
OpenID and Usercentric Identity: It's All About Me
JISC.AM
 
Identity Assurance Profiles
JISC.AM
 
Assurance
JISC.AM
 
I2 Fedsoup
JISC.AM
 
Cuckoo (Graham Mason, Ed Beddows)
JISC.AM
 
Federated Futures (Nicole Harris)
JISC.AM
 
Introduction to Shib 2.0 (Chad La Joie)
JISC.AM
 
The Identity Project (Rhys Smith)
JISC.AM
 
Shibboleth 2.0 IdP slides - Installfest (Edited)
JISC.AM
 
Shibboleth 2.0 SP slides - Installfest
JISC.AM
 
SARoNGS project (Jens Jensen)
JISC.AM
 
Names project (Amanda Hill)
JISC.AM
 
Studies in advanced access mgmt: GFIVO project (Cal Racey)
JISC.AM
 
Identity: Future directions (David Orrell, Eduserv Foundation)
JISC.AM
 
Shintau And VPMan proejcts (David Chadwick)
JISC.AM
 
Identity: Future directions (David Orrell, Eduserv Foundation)
JISC.AM
 
Internet2 Fall MM 2007 - Jane Charlton
JISC.AM
 
Openid
JISC.AM
 
Federated Access Management 102
JISC.AM
 
Federated Access Management (Sconul Access Conference)
JISC.AM
 
OpenID and Usercentric Identity: It's All About Me
JISC.AM
 

Recently uploaded (20)

PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PDF
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PDF
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PDF
[발표본] 너의 과제는 클라우드에 있어_KTDS_김동현_20250524.pdf
ssuserf8b8bd1
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PDF
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
PDF
GDG Cloud Iasi [PUBLIC] Florian Blaga - Unveiling the Evolution of Cybersecur...
athlonica
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
Modernizing your data center with Dell and AMD
Principled Technologies
 
PDF
solutions_manual_-_materials___processing_in_manufacturing__demargo_.pdf
AbdullahSani29
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Cloud computing and distributed systems.
kkkkkhan
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
[발표본] 너의 과제는 클라우드에 있어_KTDS_김동현_20250524.pdf
ssuserf8b8bd1
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
GDG Cloud Iasi [PUBLIC] Florian Blaga - Unveiling the Evolution of Cybersecur...
athlonica
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Modernizing your data center with Dell and AMD
Principled Technologies
 
solutions_manual_-_materials___processing_in_manufacturing__demargo_.pdf
AbdullahSani29
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 

JISC Access and Identity Management: Future Directions

  • 1. Access Management Transition Programme Meeting Access Management Futures: JISC and International Development Strategy Nicole Harris Senior Services Transition Manager, JISC
  • 3. Some Background 1995: Athens developed by NISS (National Information Services and Systems) at University of Bath as an in-house system. 1996: eLib Study ‘Technologies to Support Authentication in Higher Education’ identified Athens as a potential solution for all JISC Services. 1997: Athens in use in all JISC Data Centres and rolled out across HEIs / FEIs over the next two years. 1998: CNI White Paper on AAA requirements. JISC commits to using as a basis for next-generation technologies. 1997 – 2000: three year contract for Athens provision with University of Bath and then Eduserv. 2000 – 2008: two three year plus one two year contract with Eduserv for Athens provision. 2000: Alan Robiette and JCAS scope requirements for next generation access management system (ANGEL project starts testing Shibboleth and PAPI technologies). 2002 – 2004: AAA Programme – audit of next generation technologies and ratification of requirements. 2004 – 2007: Core Middleware Programmes. JISC decision to support federated access management. 2006 – 2009: Access Management: Transition Programme. Roll-out and embedding.
  • 4. The Requirements A single access management system for: Intra-institutional resources. Third party digital library type resources. Inter-institutional resources for secure long-term collaboration. Inter-institutional resources for ad-hoc (virtual organisation) collaboration. Evolving strategy: Where possible, JISC should focus on fostering development and use of standards rather than specific technologies. Institutions should have the widest possible range of options, from full open source to commercial support. Solutions should be in line with international developments in the field. Solution must provide real benefits to institutions and service providers.
  • 5. Not just about preventing.. Copyright: Getty Images from the Education Image Gallery
  • 6. ..but about collaborating and sharing Copyright: Getty Images from the Education Image Gallery
  • 7. The UK Development Landscape Athens Gateways CA Bridge eduRoam Gateway Development Level of Assurance – FAME project Identity Management – inter- and intra- NHS / Government N-tier Developments – SPIE project Authorisation Tools - PERMIS, DYVOSE (Authority Delegation) Interfaces / User Tools Virtual Home for Identities Federation Tools Identity / Service Providers outreach support federation Federation Services
  • 10. e-Infrastructure Programme Continued support for integration of UK federation and Grid. Levels of Assurance: ES-LOA. Identity Project. Federated tools: 5 new projects. Federated Identities and virtual organisations with Grouper Virtual Organisations and management of organisations objects Integrated Authorisation for Shibboleth/Grid. Integrating VOMS and PERMIS Virtual Organisation tools Upcoming ITTs / Calls / other work in the areas of…
  • 11. Orphans American evangelist Dwight Lyman Moody (1837 - 1899) with a group of orphans at one of his Chicago missions. Courtesy of the Education Image Gallery Copyright: Getty Images
  • 14. Attributes and Personalisation Copyright: HEFCE
  • 15. e-Research Access Management for complex data Flexible Service Provider models for virtual organisations Ongoing work with the National Grid Service, including the CA Copyright: Getty Images Education Image Gallery
  • 16. Federated Tools such as ShARPE
  • 18. SAML 2.0 Scott Cantor: technical editor of SAML 2.0 specification and lead Shibboleth architect. SC describes it as a ‘vulcan mind-meld’ of SAML 1.1, Shibboleth and Liberty ID-FF 1.2. You can expect in the long-term: Focus on federated identity management. Single log-out. Account linking / management. More features / more complexity. Copyright: Getty Images Education Image Gallery
  • 19. Shibboleth 2.0 Major changes: New and broadening concepts New configuration files Metadata updates Minor installation differences Partial SAML 2.0 support (AuthnRequest, AttributeQuery, SingleLogout). Better session management Better authentication packaged with Shib Better attribute management – particularly attribute filter policy Focus on SP side discovery service (the future?) Better audit and access logs Java Service Provider https://spaces.internet2.edu/display/SHIB/ShibTwoRoadmap .
  • 20. Other Internet2 Stuff More work in collaborative scenarios: virtual organisations etc. Application integration with infrastructure: wikis, SharePoint, Sakai, mailing lists etc. Integrated application providers: yahoo, google, e-bay etc. Easier install IdPs. Information card integration including CardSpace (in place now). Open Liberty Integration
  • 22. Work with our International Partners International Vendor Liaison, with specific emphasis on work with SURF and Internet2. Directory Schema work with TERENA through TF-EMC2. Inter-federation and licensing work with Knowledge Exchange Partners in Netherlands, Germany and Denmark. Inter-federation work with TERENA, Internet2 and DEST. Contributions to the Shibboleth code-base through team at EDINA. Continued international dialogue
  • 23. and developing the UK federation… (see Josh Howlett presentation)