integrating non web based services
play

Integrating non web-based services with identity federations Jens - PowerPoint PPT Presentation

Dec 27, 2022 •435 likes •560 views

bw IDM Integrating non web-based services with identity federations Jens Khler, Michael Simon, Sebastian Labitzke, Tobias Dussa, Martin Nubaumer bw IDM The bwIDM project Services of the state of Baden-Wrttemberg placed at

  1. bw IDM Integrating non web-based services with identity federations Jens Köhler, Michael Simon, Sebastian Labitzke, Tobias Dussa, Martin Nußbaumer

  2. bw IDM The bwIDM project • Services of the state of Baden-Württemberg placed at different locations Uni Mannheim • Should be useable by the affiliates of universities • Affiliates should be able to access them with their KIT familiar accounts of their home organization Uni Stuttgart bwIDM: Uni Ulm Federated Identity Management for Baden- Württemberg Uni Freiburg Uni Konstanz 17.09.2012 Integrating non web-based services with identity federations 2

  3. bw IDM The bwIDM project • SAML identity providers are already present at each university Uni Mannheim • Integrating web-based services into this infrastructure is straightforward KIT • Integrating non web-based services is a challenge Uni Stuttgart Uni Ulm FACIUS : An easy-to-deploy concept to federate non web-based Uni Freiburg services based on the SAML standard. Uni Konstanz 17.09.2012 Integrating non web-based services with identity federations 3

  4. bw IDM Non web-based services vs. SAML • Non web-based services: Authentication via the Service Provider 1. Login via credentials SSH Service 2. Access Web-based Service • Main characteristic of SAML: Authentication via the Home Organization • SAML-ECP profile can be used to „ SAMLfy “ arbitrary applications → Technical foundation to enable non web-based services to use SAML exist 17.09.2012 Integrating non web-based services with identity federations

  5. bw IDM Requirements Service Provider requirements Integration effort Legal aspects (De-)Provisioning Security Performance Maintainability Deployability Legal aspects Alternative authentication methods Transparency Necessary software adaptions Use of home credentials Home Organization User requirements requirements 17.09.2012 Integrating non web-based services with identity federations

  6. bw IDM A users perspective: Getting access to the service Registration • Via a Registration-Webapplication (Browser) • Authentication based on the account at the Home Organization Just has to be performed once. Provisioning of a local context • In the SSH case: Establishment of a UID, a home directory , … Accessing the service • Via native service client • Authorization based on assertions of the Home Organization 17.09.2012 Integrating non web-based services with identity federations

  7. bw IDM FACIUS - Overview User Service Provider Home Organization Registration- Login & Provisioning Browser Webapplication Registr. SAML-SP Login-Node Login SSH-Client SSH- PAM- Server Module Partially service-specific Generic components Existing components components Further Information : J. Köhler, S. Labitzke, M. Simon, M. Nussbaumer, H. Hartenstein: FACIUS: An Easy-to- Deploy SAML-based Approach to Federate Non Web-Based Services , Proc. of Trustcom 2012 17.09.2012 Integrating non web-based services with identity federations

  8. bw IDM Login alternatives Creden- Enhanced Service Home Creden- tials User tials Proxy Provider Organization ECP Service Home User ECP Enhanced Provider Organization Client Creden- tials Service Home Local Creden- Assertion User tials Query Authentication Provider Organization Local Enhanced Enhanced User requirements: Authentication Proxy Client Unmodified client usable Login with credentials of the Home Organization No harm by malicious Service Providers Operable in parallel to other login alternatives 17.09.2012 Integrating non web-based services with identity federations

  9. bw IDM Evaluation • Service Provider requirements: Integration of the Pluggable Authentication Integration effort : Module with the Service Access Point Based on existing frameworks Maintainability : 1.01 s vs. 0.30 s (regular login) ? Performance (SSH-Login): Integration into existing Federations : SAML-based federations Provisioning/Deprovisioning : Legal aspects : User consent to policies can be requested • Home Organization requirements: Legal aspects : User consent to policies can be requested No software adaptions : 17.09.2012 Integrating non web-based services with identity federations

  10. bw IDM Conclusion • bwIDM …. – …is a project to establish a federation of 9 universities and services of the state of Baden-Württemberg. – …has the goal to federate access to non web -based services such as grid resources. • FACIUS… – …enables non web -based services to join SAML-federations. – …aims to be easily deployable for existing service providers. – …makes active use of the SAML -ECP and AssertionQuery profile. – …offers users a high usability in trustworthy federations. – …has been successfully applied to federate SSH services. • We are planning to… – …federate an operational cluster by the end of the year. – …federate additional services based on FACIUS. 17.09.2012 Integrating non web-based services with identity federations

  11. bw IDM How does FACIUS fit into the EGI federated identity management platform? SSH-Server (SP) FACIUS 17.09.2012 Integrating non web-based services with identity federations

Recommend

Integrating Community-based Dental, Health and Wellness Services for Older Adults through Use of a

Integrating Community-based Dental, Health and Wellness Services for Older Adults through Use of a

National Oral Health Conference, April 17, 2018 Integrating Community-based Dental, Health and Wellness Services for Older Adults through Use of a Comprehensive Geriatric Assessment and Metrics-driven Referral Paddy Asgari, MPH Senior Research

449 views • 19 slides
Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services

Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services

Outline Introduction Support technologies Privacy-preserving IDaaS system Conclusions Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services David Nu nez , Isaac Agudo, and Javier Lopez Network,

422 views • 24 slides
Integrating Workload Specification and Extraction for Model- Based and Measurement-Based

Integrating Workload Specification and Extraction for Model- Based and Measurement-Based

Stuttgart, Germany, 2014-11-27 Integrating Workload Specification and Extraction for Model- Based and Measurement-Based Performance Evaluation An Approach for Session-Based Software Systems Andr van Hoorn, Christian Vgele Eike Schulz,

1.02k views • 29 slides
SURFnet6 SURFnet6 SURFnet6 Integrating the IP and Optical worlds Integrating the IP and Optical

SURFnet6 SURFnet6 SURFnet6 Integrating the IP and Optical worlds Integrating the IP and Optical

SURFnet6 SURFnet6 SURFnet6 Integrating the IP and Optical worlds Integrating the IP and Optical worlds Integrating the IP and Optical worlds Erik-Jan Bos Director of Network Services SURFnet, The Netherlands TrefPunkt Kiruna, 30-31 mars

1.2k views • 50 slides
An Integrating Fresh Water An Integrating Fresh Water VRE for LifeWatch (ongoing work)

An Integrating Fresh Water An Integrating Fresh Water VRE for LifeWatch (ongoing work)

An Integrating Fresh Water An Integrating Fresh Water VRE for LifeWatch (ongoing work) Showcasing tools and services from Research Showcasing tools and services from Research Infrastructures at EGI CF 2015 in Bari Jesus MARCO DE LUCAS .

605 views • 22 slides
CS/INFO 330: Web Driven Web Applications Web Services Definition: Web Services A

CS/INFO 330: Web Driven Web Applications Web Services Definition: Web Services A

CS/INFO 330: Web Driven Web Applications Web Services Definition: Web Services A standardized way of integrating Web- based applications, using XML to tag data SOAP to transport data Simple Object Access Protocol WSDL to

287 views • 25 slides
Hadoop on HPC: Integrating Hadoop and Pilot-based Dynamic Resource Management Andre Luckow,

Hadoop on HPC: Integrating Hadoop and Pilot-based Dynamic Resource Management Andre Luckow,

Hadoop on HPC: Integrating Hadoop and Pilot-based Dynamic Resource Management Andre Luckow, Ioannis Paraskevakos, George Chantzialexiou and Shantenu Jha Hadoop on HPC: Integrating Hadoop and Pilot- based Dynamic Resource Management Overview

322 views • 17 slides
Integrating Healthcare and Human Services Shelly Johnson, RN, MPH, MBA, FACHE Chief Operating

Integrating Healthcare and Human Services Shelly Johnson, RN, MPH, MBA, FACHE Chief Operating

10/24/2017 Integrating Healthcare and Human Services Shelly Johnson, RN, MPH, MBA, FACHE Chief Operating Officer, Spectrum Health Gerber Memorial Dave Wingard, MSW, Ph.D. Director of Research and Strategic Development, TrueNorth Community

587 views • 10 slides
Follow @AIDSadvocacy | #2016USCA Integrating Hepatitis Services into HIV Prevention and Care

Follow @AIDSadvocacy | #2016USCA Integrating Hepatitis Services into HIV Prevention and Care

Follow @AIDSadvocacy | #2016USCA Integrating Hepatitis Services into HIV Prevention and Care Programs Setting the Federal Policy Stage Carl Schmid Deputy Executive Director, The AIDS Institute USCA 2016 Hollywood, FL September 15, 2016

688 views • 20 slides
Integrating Cross-Sectoral Health & Social Services for the Homeless Strategies to Achieve

Integrating Cross-Sectoral Health & Social Services for the Homeless Strategies to Achieve

Integrating Cross-Sectoral Health & Social Services for the Homeless Strategies to Achieve Alignment, Collaboration, and Synergy Across Delivery and Financing Systems Research-In-Progress Webinar April 29, 2020 12- 1pm ET Agenda Welcome:

586 views • 26 slides
Integrating Mental Health and Substance Abuse Services for Justice-Involved Persons with

Integrating Mental Health and Substance Abuse Services for Justice-Involved Persons with

Integrating Mental Health and Substance Abuse Services for Justice-Involved Persons with Co-Occurring Disorders April 8, 2014 Fred Osher, MD, Council of State Governments Justice Center Ann-Marie Louison, CASES (NYC)

681 views • 53 slides
Integrating Competency-based Education Into Systems for Postsecondary and Workforce Readiness

Integrating Competency-based Education Into Systems for Postsecondary and Workforce Readiness

Integrating Competency-based Education Into Systems for Postsecondary and Workforce Readiness Illinois ASCD Curriculum Leadership Development Network January 29, 2018 2 Whats a Competency Statement? Desired learning goal that illustrates

1.1k views • 61 slides
Integrating Hepatitis Services into HIV Programs : Working Together to Meet Community Needs Chris

Integrating Hepatitis Services into HIV Programs : Working Together to Meet Community Needs Chris

Integrating Hepatitis Services into HIV Programs : Working Together to Meet Community Needs Chris Taylor, Senior Director, Viral Hepatitis United States Conference on AIDS: Hepatitis Pathway September 10, 2015 Who is NASTAD? Mission NASTAD

794 views • 25 slides
Integrating Physics-based Earthquake Cycle Simulator Models and High-Resolution Ground Motion

Integrating Physics-based Earthquake Cycle Simulator Models and High-Resolution Ground Motion

Integrating Physics-based Earthquake Cycle Simulator Models and High-Resolution Ground Motion Simulations into a Physics-based Probabilistic Seismic Hazard Model PI: J. Vidale; Former PI: T. H. Jordan Co-authors: J. Bielak, S. Callaghan , Y.

399 views • 13 slides
Integrating Human and Synthetic Reasoning Via Model-Based Analysis Introduction and Explanation

Integrating Human and Synthetic Reasoning Via Model-Based Analysis Introduction and Explanation

Integrating Human and Synthetic Reasoning Via Model-Based Analysis Introduction and Explanation This is an experimental idea and very rough Glue together very tame AI and user interface through some fault trees To capture knowledge

616 views • 22 slides
Integrating Grid Services into a Cray XT4 Environment Hwa-Chun Wendy Lin and Shreyas Cholia

Integrating Grid Services into a Cray XT4 Environment Hwa-Chun Wendy Lin and Shreyas Cholia

Integrating Grid Services into a Cray XT4 Environment Hwa-Chun Wendy Lin and Shreyas Cholia National Energy Research Scientific Computing Center (NERSC/LBL) CUG 2009, Atlanta, GA What Is a Grid? A grid is a system that coordinates

565 views • 18 slides
XT9? XT9? Integrating Integrating and and Operating Operating a a Conjoined XT4 Conjoined X

XT9? XT9? Integrating Integrating and and Operating Operating a a Conjoined XT4 Conjoined X

XT9? XT9? Integrating Integrating and and Operating Operating a a Conjoined XT4 Conjoined X T4+XT5 +XT5 Sy System stem presented by Don Maxwell HPC Systems ORNL Managed by UT-Battelle for the Department of Energy What is a

368 views • 19 slides
Follow @AIDSadvocacy | #2015USCA Integrating Hepatitis Services into HIV Programs Setting the

Follow @AIDSadvocacy | #2015USCA Integrating Hepatitis Services into HIV Programs Setting the

Follow @AIDSadvocacy | #2015USCA Integrating Hepatitis Services into HIV Programs Setting the Federal Policy Stage Lisa Stand Senior Policy Associate The AIDS Institute USCA 2015 Washington, DC September 10, 2015 Agenda Setting the

503 views • 23 slides
Advancing Philippine Competitiveness (COMPETE) Integrating Land Titling into Banks Services

Advancing Philippine Competitiveness (COMPETE) Integrating Land Titling into Banks Services

Advancing Philippine Competitiveness (COMPETE) Integrating Land Titling into Banks Services Calixto V. Chikiamco President, Foundation for Economic Freedom Competitive Environment for Banks More competition with more banks in the

348 views • 10 slides
Resilience in Homeless Youth Integrating Substance Use, Mental Health, and Primary Care Services

Resilience in Homeless Youth Integrating Substance Use, Mental Health, and Primary Care Services

Recognizing and Promoting Resilience in Homeless Youth Integrating Substance Use, Mental Health, and Primary Care Services in Our Communities Statewide Conference Carrie Mounier, LCSW and Irene Lim, LCSW October 25, 2017 Goals for

809 views • 34 slides
Integrating Decision Procedures in Reflective Rewriting-Based Theorem Provers Manuel Clavel,

Integrating Decision Procedures in Reflective Rewriting-Based Theorem Provers Manuel Clavel,

Integrating Decision Procedures in Reflective Rewriting-Based Theorem Provers Manuel Clavel, Miguel Palomino, and Juan Santa-Cruz Departamento de Sistemas Inform aticos y Programaci on Universidad Complutense de Madrid, Spain

632 views • 19 slides
Performance-based railway timetabling Integrating timetable construction and evaluation 3 May

Performance-based railway timetabling Integrating timetable construction and evaluation 3 May

Railway Operations Research Seminar Put Passengers First May 3, 2016, Leuven Performance-based railway timetabling Integrating timetable construction and evaluation 3 May 2016 Rob M.P. Goverde Department of Transport and Planning Delft

548 views • 27 slides
Integrating container-based virtualization technologies into ARC-powered grid infrastructure

Integrating container-based virtualization technologies into ARC-powered grid infrastructure

Integrating container-based virtualization technologies into ARC-powered grid infrastructure Oleksandr Boretskyi, Oleksandr Bohomaz, Andrii Salnikov Taras Schevchenko National University of Kyiv e-mail: grid@grid.org.ua Koice 2016 Software

518 views • 15 slides
Integrating Logic and Constraint Reasoning in a Timeline-based Planner Riccardo De Benedictis and

Integrating Logic and Constraint Reasoning in a Timeline-based Planner Riccardo De Benedictis and

Planning Integrating Logic and Constraint Reasoning in a Timeline-based Planner Riccardo De Benedictis and Amedeo Cesta Institute of Cognitive Science and Technology National Research Council Rome Italy 25/09/2015 Planning The

510 views • 13 slides

More recommend