integrating non web based services
play

Integrating non web-based services with identity federations Jens - PowerPoint PPT Presentation

Dec 27, 2022 •435 likes •560 views

bw IDM Integrating non web-based services with identity federations Jens Khler, Michael Simon, Sebastian Labitzke, Tobias Dussa, Martin Nubaumer bw IDM The bwIDM project Services of the state of Baden-Wrttemberg placed at

  1. bw IDM Integrating non web-based services with identity federations Jens Köhler, Michael Simon, Sebastian Labitzke, Tobias Dussa, Martin Nußbaumer

  2. bw IDM The bwIDM project • Services of the state of Baden-Württemberg placed at different locations Uni Mannheim • Should be useable by the affiliates of universities • Affiliates should be able to access them with their KIT familiar accounts of their home organization Uni Stuttgart bwIDM: Uni Ulm Federated Identity Management for Baden- Württemberg Uni Freiburg Uni Konstanz 17.09.2012 Integrating non web-based services with identity federations 2

  3. bw IDM The bwIDM project • SAML identity providers are already present at each university Uni Mannheim • Integrating web-based services into this infrastructure is straightforward KIT • Integrating non web-based services is a challenge Uni Stuttgart Uni Ulm FACIUS : An easy-to-deploy concept to federate non web-based Uni Freiburg services based on the SAML standard. Uni Konstanz 17.09.2012 Integrating non web-based services with identity federations 3

  4. bw IDM Non web-based services vs. SAML • Non web-based services: Authentication via the Service Provider 1. Login via credentials SSH Service 2. Access Web-based Service • Main characteristic of SAML: Authentication via the Home Organization • SAML-ECP profile can be used to „ SAMLfy “ arbitrary applications → Technical foundation to enable non web-based services to use SAML exist 17.09.2012 Integrating non web-based services with identity federations

  5. bw IDM Requirements Service Provider requirements Integration effort Legal aspects (De-)Provisioning Security Performance Maintainability Deployability Legal aspects Alternative authentication methods Transparency Necessary software adaptions Use of home credentials Home Organization User requirements requirements 17.09.2012 Integrating non web-based services with identity federations

  6. bw IDM A users perspective: Getting access to the service Registration • Via a Registration-Webapplication (Browser) • Authentication based on the account at the Home Organization Just has to be performed once. Provisioning of a local context • In the SSH case: Establishment of a UID, a home directory , … Accessing the service • Via native service client • Authorization based on assertions of the Home Organization 17.09.2012 Integrating non web-based services with identity federations

  7. bw IDM FACIUS - Overview User Service Provider Home Organization Registration- Login & Provisioning Browser Webapplication Registr. SAML-SP Login-Node Login SSH-Client SSH- PAM- Server Module Partially service-specific Generic components Existing components components Further Information : J. Köhler, S. Labitzke, M. Simon, M. Nussbaumer, H. Hartenstein: FACIUS: An Easy-to- Deploy SAML-based Approach to Federate Non Web-Based Services , Proc. of Trustcom 2012 17.09.2012 Integrating non web-based services with identity federations

  8. bw IDM Login alternatives Creden- Enhanced Service Home Creden- tials User tials Proxy Provider Organization ECP Service Home User ECP Enhanced Provider Organization Client Creden- tials Service Home Local Creden- Assertion User tials Query Authentication Provider Organization Local Enhanced Enhanced User requirements: Authentication Proxy Client Unmodified client usable Login with credentials of the Home Organization No harm by malicious Service Providers Operable in parallel to other login alternatives 17.09.2012 Integrating non web-based services with identity federations

  9. bw IDM Evaluation • Service Provider requirements: Integration of the Pluggable Authentication Integration effort : Module with the Service Access Point Based on existing frameworks Maintainability : 1.01 s vs. 0.30 s (regular login) ? Performance (SSH-Login): Integration into existing Federations : SAML-based federations Provisioning/Deprovisioning : Legal aspects : User consent to policies can be requested • Home Organization requirements: Legal aspects : User consent to policies can be requested No software adaptions : 17.09.2012 Integrating non web-based services with identity federations

  10. bw IDM Conclusion • bwIDM …. – …is a project to establish a federation of 9 universities and services of the state of Baden-Württemberg. – …has the goal to federate access to non web -based services such as grid resources. • FACIUS… – …enables non web -based services to join SAML-federations. – …aims to be easily deployable for existing service providers. – …makes active use of the SAML -ECP and AssertionQuery profile. – …offers users a high usability in trustworthy federations. – …has been successfully applied to federate SSH services. • We are planning to… – …federate an operational cluster by the end of the year. – …federate additional services based on FACIUS. 17.09.2012 Integrating non web-based services with identity federations

  11. bw IDM How does FACIUS fit into the EGI federated identity management platform? SSH-Server (SP) FACIUS 17.09.2012 Integrating non web-based services with identity federations

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Integrating Community-based Dental, Health and Wellness Services for Older Adults through Use of a

Integrating Community-based Dental, Health and Wellness Services for Older Adults through Use of a

National Oral Health Conference, April 17, 2018 Integrating Community-based Dental, Health and Wellness Services for Older Adults through Use of a Comprehensive Geriatric Assessment and Metrics-driven Referral Paddy Asgari, MPH Senior Research

449 views • 19 slides
Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services

Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services

Outline Introduction Support technologies Privacy-preserving IDaaS system Conclusions Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services David Nu nez , Isaac Agudo, and Javier Lopez Network,

422 views • 24 slides
Integrating Workload Specification and Extraction for Model- Based and Measurement-Based

Integrating Workload Specification and Extraction for Model- Based and Measurement-Based

Stuttgart, Germany, 2014-11-27 Integrating Workload Specification and Extraction for Model- Based and Measurement-Based Performance Evaluation An Approach for Session-Based Software Systems Andr van Hoorn, Christian Vgele Eike Schulz,

1.02k views • 29 slides
SURFnet6 SURFnet6 SURFnet6 Integrating the IP and Optical worlds Integrating the IP and Optical

SURFnet6 SURFnet6 SURFnet6 Integrating the IP and Optical worlds Integrating the IP and Optical

SURFnet6 SURFnet6 SURFnet6 Integrating the IP and Optical worlds Integrating the IP and Optical worlds Integrating the IP and Optical worlds Erik-Jan Bos Director of Network Services SURFnet, The Netherlands TrefPunkt Kiruna, 30-31 mars

1.2k views • 50 slides
An Integrating Fresh Water An Integrating Fresh Water VRE for LifeWatch (ongoing work)

An Integrating Fresh Water An Integrating Fresh Water VRE for LifeWatch (ongoing work)

An Integrating Fresh Water An Integrating Fresh Water VRE for LifeWatch (ongoing work) Showcasing tools and services from Research Showcasing tools and services from Research Infrastructures at EGI CF 2015 in Bari Jesus MARCO DE LUCAS .

605 views • 22 slides
CS/INFO 330: Web Driven Web Applications Web Services Definition: Web Services A

CS/INFO 330: Web Driven Web Applications Web Services Definition: Web Services A

CS/INFO 330: Web Driven Web Applications Web Services Definition: Web Services A standardized way of integrating Web- based applications, using XML to tag data SOAP to transport data Simple Object Access Protocol WSDL to

287 views • 25 slides
Hadoop on HPC: Integrating Hadoop and Pilot-based Dynamic Resource Management Andre Luckow,

Hadoop on HPC: Integrating Hadoop and Pilot-based Dynamic Resource Management Andre Luckow,

Hadoop on HPC: Integrating Hadoop and Pilot-based Dynamic Resource Management Andre Luckow, Ioannis Paraskevakos, George Chantzialexiou and Shantenu Jha Hadoop on HPC: Integrating Hadoop and Pilot- based Dynamic Resource Management Overview

322 views • 17 slides
Integrating Healthcare and Human Services Shelly Johnson, RN, MPH, MBA, FACHE Chief Operating

Integrating Healthcare and Human Services Shelly Johnson, RN, MPH, MBA, FACHE Chief Operating

10/24/2017 Integrating Healthcare and Human Services Shelly Johnson, RN, MPH, MBA, FACHE Chief Operating Officer, Spectrum Health Gerber Memorial Dave Wingard, MSW, Ph.D. Director of Research and Strategic Development, TrueNorth Community

587 views • 10 slides
Follow @AIDSadvocacy | #2016USCA Integrating Hepatitis Services into HIV Prevention and Care

Follow @AIDSadvocacy | #2016USCA Integrating Hepatitis Services into HIV Prevention and Care

Follow @AIDSadvocacy | #2016USCA Integrating Hepatitis Services into HIV Prevention and Care Programs Setting the Federal Policy Stage Carl Schmid Deputy Executive Director, The AIDS Institute USCA 2016 Hollywood, FL September 15, 2016

688 views • 20 slides
Integrating Cross-Sectoral Health & Social Services for the Homeless Strategies to Achieve

Integrating Cross-Sectoral Health & Social Services for the Homeless Strategies to Achieve

Integrating Cross-Sectoral Health & Social Services for the Homeless Strategies to Achieve Alignment, Collaboration, and Synergy Across Delivery and Financing Systems Research-In-Progress Webinar April 29, 2020 12- 1pm ET Agenda Welcome:

586 views • 26 slides
Integrating Mental Health and Substance Abuse Services for Justice-Involved Persons with

Integrating Mental Health and Substance Abuse Services for Justice-Involved Persons with

Integrating Mental Health and Substance Abuse Services for Justice-Involved Persons with Co-Occurring Disorders April 8, 2014 Fred Osher, MD, Council of State Governments Justice Center Ann-Marie Louison, CASES (NYC)

681 views • 53 slides
Integrating Competency-based Education Into Systems for Postsecondary and Workforce Readiness

Integrating Competency-based Education Into Systems for Postsecondary and Workforce Readiness

Integrating Competency-based Education Into Systems for Postsecondary and Workforce Readiness Illinois ASCD Curriculum Leadership Development Network January 29, 2018 2 Whats a Competency Statement? Desired learning goal that illustrates

1.1k views • 61 slides
Integrating Hepatitis Services into HIV Programs : Working Together to Meet Community Needs Chris

Integrating Hepatitis Services into HIV Programs : Working Together to Meet Community Needs Chris

Integrating Hepatitis Services into HIV Programs : Working Together to Meet Community Needs Chris Taylor, Senior Director, Viral Hepatitis United States Conference on AIDS: Hepatitis Pathway September 10, 2015 Who is NASTAD? Mission NASTAD

794 views • 25 slides
Integrating Physics-based Earthquake Cycle Simulator Models and High-Resolution Ground Motion

Integrating Physics-based Earthquake Cycle Simulator Models and High-Resolution Ground Motion

Integrating Physics-based Earthquake Cycle Simulator Models and High-Resolution Ground Motion Simulations into a Physics-based Probabilistic Seismic Hazard Model PI: J. Vidale; Former PI: T. H. Jordan Co-authors: J. Bielak, S. Callaghan , Y.

399 views • 13 slides
Integrating Human and Synthetic Reasoning Via Model-Based Analysis Introduction and Explanation

Integrating Human and Synthetic Reasoning Via Model-Based Analysis Introduction and Explanation

Integrating Human and Synthetic Reasoning Via Model-Based Analysis Introduction and Explanation This is an experimental idea and very rough Glue together very tame AI and user interface through some fault trees To capture knowledge

616 views • 22 slides
Integrating Grid Services into a Cray XT4 Environment Hwa-Chun Wendy Lin and Shreyas Cholia

Integrating Grid Services into a Cray XT4 Environment Hwa-Chun Wendy Lin and Shreyas Cholia

Integrating Grid Services into a Cray XT4 Environment Hwa-Chun Wendy Lin and Shreyas Cholia National Energy Research Scientific Computing Center (NERSC/LBL) CUG 2009, Atlanta, GA What Is a Grid? A grid is a system that coordinates

565 views • 18 slides
Design Tradeoffs in Query Processing and Online Architectures T. Yang 293S 2017 Content

Design Tradeoffs in Query Processing and Online Architectures T. Yang 293S 2017 Content

Design Tradeoffs in Query Processing and Online Architectures T. Yang 293S 2017 Content Example of design tradeoffs in query processing optimization Experience with Ask.com online architecture Service programming with Neptune.

564 views • 28 slides
Performance of Real-Time Wireless Communication for Railway Environments with IEEE 802.11p

Performance of Real-Time Wireless Communication for Railway Environments with IEEE 802.11p

Performance of Real-Time Wireless Communication for Railway Environments with IEEE 802.11p Daniel Richter, Jossekin Beilharz, Lukas Pirl, Christian Werling, and Andreas Polze Operating Systems & Middleware Group Hasso Plattner Institute at

709 views • 35 slides
GN2 JRA5: eduroam transition to service TtS meeting, 3rd technical workshop in Cambridge J.

GN2 JRA5: eduroam transition to service TtS meeting, 3rd technical workshop in Cambridge J.

Connect. Communicate. Collaborate GN2 JRA5: eduroam transition to service TtS meeting, 3rd technical workshop in Cambridge J. Rauschenbach, DFN JRA5 Team JRA5 eduroam service Connect. Communicate. Collaborate The first JRA5 service will

981 views • 21 slides
Enabling a robust VOSpace based on iRODS Andr Schaaff, Cyril Pestel Observatoire astronomique

Enabling a robust VOSpace based on iRODS Andr Schaaff, Cyril Pestel Observatoire astronomique

1 Enabling a robust VOSpace based on iRODS Andr Schaaff, Cyril Pestel Observatoire astronomique de Strasbourg CDS iRODS workshop in Lyon 2-5 February 2009 2 2 Plan 2 Context The CDS Data and data centres in the astronomical

688 views • 33 slides
Web Services and Service Oriented Architecture CS 4720 Mobile Application Development CS

Web Services and Service Oriented Architecture CS 4720 Mobile Application Development CS

Web Services and Service Oriented Architecture CS 4720 Mobile Application Development CS 4720 The traditional software model Organizations build it all from scratch We can't trust anyone! Our competitors will sabotage us!

999 views • 32 slides
02267: Software Development of Web Services Introduction Hubert Baumeister huba@dtu.dk

02267: Software Development of Web Services Introduction Hubert Baumeister huba@dtu.dk

02267: Software Development of Web Services Introduction Hubert Baumeister huba@dtu.dk Department of Applied Mathematics and Computer Science Technical University of Denmark January 2019 1 Contents Why Services? Why Web Services? Demo

448 views • 31 slides
INF 5890 IT og Ledelse Service Oriented Architecture

INF 5890 IT og Ledelse Service Oriented Architecture

INF 5890 IT og Ledelse Service Oriented Architecture Bendik Bygstad IFI March 2016 Learning outcomes Can define Service Oriented Architecture

460 views • 30 slides
Reference Architecture for SOA OASIS Service Oriented Architecture Reference Model TC 1

Reference Architecture for SOA OASIS Service Oriented Architecture Reference Model TC 1

Reference Architecture for SOA OASIS Service Oriented Architecture Reference Model TC 1 Systems and eco- systems Multiple ownership domains No one entity controls everything Parallel development, deployment and usage of services A medium

564 views • 43 slides

More recommend