SlideShare a Scribd company logo

JISC Access and Identity Management: Future Directions

Download as PPT, PDF
J
JISC.AM

The document outlines the access management transition program led by Jisc, detailing the evolution of the Athens system for authentication in higher education from 1995 to various international collaborations and developments. It highlights the aims of creating a unified access management system for both intra- and inter-institutional resources and emphasizes the importance of standards over specific technologies. Additionally, it mentions ongoing projects, federated identity management, and international partnerships to enhance collaboration in digital resource access.

TechnologyBusiness
1 of 23
Downloaded 99 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
Access Management Transition Programme Meeting Access Management Futures: JISC and International Development Strategy Nicole Harris Senior Services Transition Manager, JISC
A Little Background
Some Background 1995: Athens developed by NISS (National Information Services and Systems) at University of Bath as an in-house system. 1996: eLib Study ‘Technologies to Support Authentication in Higher Education’ identified Athens as a potential solution for all JISC Services. 1997: Athens in use in all JISC Data Centres and rolled out across HEIs / FEIs over the next two years. 1998: CNI White Paper on AAA requirements. JISC commits to using as a basis for next-generation technologies. 1997 – 2000: three year contract for Athens provision with University of Bath and then Eduserv. 2000 – 2008: two three year plus one two year contract with Eduserv for Athens provision. 2000: Alan Robiette and JCAS scope requirements for next generation access management system (ANGEL project starts testing Shibboleth and PAPI technologies). 2002 – 2004: AAA Programme – audit of next generation technologies and ratification of requirements. 2004 – 2007: Core Middleware Programmes. JISC decision to support federated access management. 2006 – 2009: Access Management: Transition Programme. Roll-out and embedding.
The Requirements A single access management system for: Intra-institutional resources. Third party digital library type resources. Inter-institutional resources for secure long-term collaboration. Inter-institutional resources for ad-hoc (virtual organisation) collaboration. Evolving strategy: Where possible, JISC should focus on fostering development and use of standards rather than specific technologies. Institutions should have the widest possible range of options, from full open source to commercial support. Solutions should be in line with international developments in the field. Solution must provide real benefits to institutions and service providers.
Not just about preventing.. Copyright: Getty Images from the Education Image Gallery
..but about collaborating and sharing Copyright: Getty Images from the Education Image Gallery
The UK Development Landscape Athens Gateways CA Bridge eduRoam Gateway Development Level of Assurance – FAME project Identity Management – inter- and intra- NHS / Government N-tier Developments – SPIE project Authorisation Tools - PERMIS, DYVOSE (Authority Delegation) Interfaces / User Tools Virtual Home for Identities Federation Tools Identity / Service Providers outreach support federation Federation Services
JISC Plans
Access Management Transition Programme!
e-Infrastructure Programme Continued support for integration of UK federation and Grid. Levels of Assurance: ES-LOA. Identity Project. Federated tools: 5 new projects. Federated Identities and virtual organisations with Grouper Virtual Organisations and management of organisations objects Integrated Authorisation for Shibboleth/Grid. Integrating VOMS and PERMIS Virtual Organisation tools Upcoming ITTs / Calls / other work in the areas of…
Orphans American evangelist Dwight Lyman Moody (1837 - 1899) with a group of orphans at one of his Chicago missions. Courtesy of the Education Image Gallery Copyright: Getty Images
Identity Management outside Institutions
Multiple Affiliations
Attributes and Personalisation Copyright: HEFCE
e-Research Access Management for complex data Flexible Service Provider models for virtual organisations Ongoing work with the National Grid Service, including the CA Copyright: Getty Images Education Image Gallery
Federated Tools such as ShARPE
Internet2 Plans
SAML 2.0 Scott Cantor: technical editor of SAML 2.0 specification and lead Shibboleth architect. SC describes it as a ‘vulcan mind-meld’ of SAML 1.1, Shibboleth and Liberty ID-FF 1.2. You can expect in the long-term: Focus on federated identity management. Single log-out. Account linking / management. More features / more complexity. Copyright: Getty Images Education Image Gallery
Shibboleth 2.0 Major changes: New and broadening concepts New configuration files Metadata updates Minor installation differences Partial SAML 2.0 support (AuthnRequest, AttributeQuery, SingleLogout). Better session management Better authentication packaged with Shib Better attribute management – particularly attribute filter policy Focus on SP side discovery service (the future?) Better audit and access logs Java Service Provider https://spaces.internet2.edu/display/SHIB/ShibTwoRoadmap .
Other Internet2 Stuff More work in collaborative scenarios: virtual organisations etc. Application integration with infrastructure: wikis, SharePoint, Sakai, mailing lists etc. Integrated application providers: yahoo, google, e-bay etc. Easier install IdPs. Information card integration including CardSpace (in place now). Open Liberty Integration
International Plans
Work with our International Partners International Vendor Liaison, with specific emphasis on work with SURF and Internet2. Directory Schema work with TERENA through TF-EMC2. Inter-federation and licensing work with Knowledge Exchange Partners in Netherlands, Germany and Denmark. Inter-federation work with TERENA, Internet2 and DEST. Contributions to the Shibboleth code-base through team at EDINA. Continued international dialogue
and developing the UK federation… (see Josh Howlett presentation)

More Related Content

PPT
The Repository Roadmap - are we heading in the right direction?
Eduserv Foundation
 
PPTX
EADTU Conference - UKOER Technology Challenges
Lorna Campbell
 
PPT
Karen Church - A Large-Scale Study of European Mobile Information Access
AIC_UCD
 
PPT
Metadata Working Group - Status update
EDINA, University of Edinburgh
 
PPTX
Turning FAIR data into reality
Sarah Jones
 
PPT
Educause2006 - Federated Access Management in the UK
JISC.AM
 
PPT
Some Academic Sector/NMCA outcomes from the OGC Web Service Shibboleth Intero...
EDINA, University of Edinburgh
 
PPT
Knowledge Services
Albert Simard
 
The Repository Roadmap - are we heading in the right direction?
Eduserv Foundation
 
EADTU Conference - UKOER Technology Challenges
Lorna Campbell
 
Karen Church - A Large-Scale Study of European Mobile Information Access
AIC_UCD
 
Metadata Working Group - Status update
EDINA, University of Edinburgh
 
Turning FAIR data into reality
Sarah Jones
 
Educause2006 - Federated Access Management in the UK
JISC.AM
 
Some Academic Sector/NMCA outcomes from the OGC Web Service Shibboleth Intero...
EDINA, University of Edinburgh
 
Knowledge Services
Albert Simard
 

What's hot (20)

PPT
OGC Interoperability Experiments and Authentication
EDINA, University of Edinburgh
 
PDF
Ready, Set, GO FAIR
EOSCpilot .eu
 
PDF
EOSC FAIR Data Session - EOSC Stakeholders Forum 2018
EOSCpilot .eu
 
PPTX
Trust and identity in the Géant project - Networkshop44
Jisc
 
PPTX
What it means to be FAIR
Sarah Jones
 
PPT
Jane Charlton Intro To F A M
JISC.AM
 
PDF
Results from the FAIR Expert Group Stakeholder Consultation on the FAIR Data ...
EOSCpilot .eu
 
PPT
Fitt Toolbox Tt Collaboration
FITT
 
PPTX
EOSC-MAR-update.pptx
Sarah Jones
 
PPTX
OSFair2017 Workshop | Towards a Policy Framework for the European Open Scienc...
Open Science Fair
 
PPTX
AIM Session at #DigiFest14
Christopher Brown
 
PPTX
EOSC's value proposition
Jisc
 
PPT
Berlin 6 Open Access Conference: Wolfram Horstmann
Cornelius Puschmann
 
PPTX
It takes more than a village: lessons on building global research commons
Sarah Jones
 
PDF
ELIXIR FAIR Activities - Examplars
Susanna-Assunta Sansone
 
PDF
Survey on metadata management and governance in Europe
Semic.eu
 
PPT
Shibboleth Access Management Federations as an Organisational Model for SDI
EDINA, University of Edinburgh
 
PPT
1345 1400 Fiona Cullock Edina Case Study
JISC.AM
 
PPTX
E Portfolio
Robin Popow
 
PDF
Repositories for long-term preservation - certification
EOSC-hub project
 
OGC Interoperability Experiments and Authentication
EDINA, University of Edinburgh
 
Ready, Set, GO FAIR
EOSCpilot .eu
 
EOSC FAIR Data Session - EOSC Stakeholders Forum 2018
EOSCpilot .eu
 
Trust and identity in the Géant project - Networkshop44
Jisc
 
What it means to be FAIR
Sarah Jones
 
Jane Charlton Intro To F A M
JISC.AM
 
Results from the FAIR Expert Group Stakeholder Consultation on the FAIR Data ...
EOSCpilot .eu
 
Fitt Toolbox Tt Collaboration
FITT
 
EOSC-MAR-update.pptx
Sarah Jones
 
OSFair2017 Workshop | Towards a Policy Framework for the European Open Scienc...
Open Science Fair
 
AIM Session at #DigiFest14
Christopher Brown
 
EOSC's value proposition
Jisc
 
Berlin 6 Open Access Conference: Wolfram Horstmann
Cornelius Puschmann
 
It takes more than a village: lessons on building global research commons
Sarah Jones
 
ELIXIR FAIR Activities - Examplars
Susanna-Assunta Sansone
 
Survey on metadata management and governance in Europe
Semic.eu
 
Shibboleth Access Management Federations as an Organisational Model for SDI
EDINA, University of Edinburgh
 
1345 1400 Fiona Cullock Edina Case Study
JISC.AM
 
E Portfolio
Robin Popow
 
Repositories for long-term preservation - certification
EOSC-hub project
 
Ad

Similar to JISC Access and Identity Management: Future Directions (20)

PPT
'Connecting poeple to resources' by Nicole Harris at UKSG 2007
JISC.AM
 
PPT
Federated Access Management (SFEU)
JISC.AM
 
PPT
JISC License Workshop
JISC.AM
 
PPTX
Advancing the JISC Access & Identity Management Programme
JISC Netskills
 
PPTX
JISC's AIM programme
Christopher Brown
 
PDF
Talis Insight Presentation
JISC.AM
 
PPT
FAM The Basics 13 Feb08
Mike Moran
 
PPT
Lessons from the UK Access Management Federation
Jisc
 
PPT
Access Management - the Issues for FE Colleges
Mike Moran
 
PPSX
Identity Management Matters
Eduserv
 
PPT
Federated Access Management, JISC Presentation
JISC RSC Southeast
 
PPT
Online Educa: JISC Access and Identity Management
JISC.AM
 
PPT
Access Management for Libraries by John Paschoud & Masha Garibyan
JISC.AM
 
PPT
Eunis federation2
HEAnet
 
PPT
Inspire2011 shibb am_fs_paper_v3
EDINA, University of Edinburgh
 
PPT
OpenAthens and the future of access and identity management
Eduserv Foundation
 
PPT
McShibboleth Presentation
JISC.AM
 
PPTX
Trust and identity
Jisc
 
PPT
Technical Requirements of the UK Access Management Federation
JISC.AM
 
PPT
UK Access Management Federation A partnership of JISC Collections & EDINA
UKSG: connecting the knowledge community
 
'Connecting poeple to resources' by Nicole Harris at UKSG 2007
JISC.AM
 
Federated Access Management (SFEU)
JISC.AM
 
JISC License Workshop
JISC.AM
 
Advancing the JISC Access & Identity Management Programme
JISC Netskills
 
JISC's AIM programme
Christopher Brown
 
Talis Insight Presentation
JISC.AM
 
FAM The Basics 13 Feb08
Mike Moran
 
Lessons from the UK Access Management Federation
Jisc
 
Access Management - the Issues for FE Colleges
Mike Moran
 
Identity Management Matters
Eduserv
 
Federated Access Management, JISC Presentation
JISC RSC Southeast
 
Online Educa: JISC Access and Identity Management
JISC.AM
 
Access Management for Libraries by John Paschoud & Masha Garibyan
JISC.AM
 
Eunis federation2
HEAnet
 
Inspire2011 shibb am_fs_paper_v3
EDINA, University of Edinburgh
 
OpenAthens and the future of access and identity management
Eduserv Foundation
 
McShibboleth Presentation
JISC.AM
 
Trust and identity
Jisc
 
Technical Requirements of the UK Access Management Federation
JISC.AM
 
UK Access Management Federation A partnership of JISC Collections & EDINA
UKSG: connecting the knowledge community
 
Ad

More from JISC.AM (20)

PPT
Identity Assurance Profiles
JISC.AM
 
PPT
Assurance
JISC.AM
 
PPT
I2 Fedsoup
JISC.AM
 
PPT
Cuckoo (Graham Mason, Ed Beddows)
JISC.AM
 
PPT
Federated Futures (Nicole Harris)
JISC.AM
 
PPT
Introduction to Shib 2.0 (Chad La Joie)
JISC.AM
 
PPT
The Identity Project (Rhys Smith)
JISC.AM
 
PPT
Shibboleth 2.0 IdP slides - Installfest (Edited)
JISC.AM
 
PPT
Shibboleth 2.0 SP slides - Installfest
JISC.AM
 
PPT
SARoNGS project (Jens Jensen)
JISC.AM
 
PPT
Names project (Amanda Hill)
JISC.AM
 
PPT
Studies in advanced access mgmt: GFIVO project (Cal Racey)
JISC.AM
 
PDF
Identity: Future directions (David Orrell, Eduserv Foundation)
JISC.AM
 
PDF
Shintau And VPMan proejcts (David Chadwick)
JISC.AM
 
PPT
Identity: Future directions (David Orrell, Eduserv Foundation)
JISC.AM
 
PPT
Internet2 Fall MM 2007 - Jane Charlton
JISC.AM
 
PPT
Openid
JISC.AM
 
PPT
Federated Access Management 102
JISC.AM
 
PPT
Federated Access Management (Sconul Access Conference)
JISC.AM
 
PDF
OpenID and Usercentric Identity: It's All About Me
JISC.AM
 
Identity Assurance Profiles
JISC.AM
 
Assurance
JISC.AM
 
I2 Fedsoup
JISC.AM
 
Cuckoo (Graham Mason, Ed Beddows)
JISC.AM
 
Federated Futures (Nicole Harris)
JISC.AM
 
Introduction to Shib 2.0 (Chad La Joie)
JISC.AM
 
The Identity Project (Rhys Smith)
JISC.AM
 
Shibboleth 2.0 IdP slides - Installfest (Edited)
JISC.AM
 
Shibboleth 2.0 SP slides - Installfest
JISC.AM
 
SARoNGS project (Jens Jensen)
JISC.AM
 
Names project (Amanda Hill)
JISC.AM
 
Studies in advanced access mgmt: GFIVO project (Cal Racey)
JISC.AM
 
Identity: Future directions (David Orrell, Eduserv Foundation)
JISC.AM
 
Shintau And VPMan proejcts (David Chadwick)
JISC.AM
 
Identity: Future directions (David Orrell, Eduserv Foundation)
JISC.AM
 
Internet2 Fall MM 2007 - Jane Charlton
JISC.AM
 
Openid
JISC.AM
 
Federated Access Management 102
JISC.AM
 
Federated Access Management (Sconul Access Conference)
JISC.AM
 
OpenID and Usercentric Identity: It's All About Me
JISC.AM
 

Recently uploaded (20)

PPTX
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
PDF
Trying to figure out MCP by actually building an app from scratch with open s...
Julien SIMON
 
PPTX
Dev Dives: Automate, test, and deploy in one place—with Unified Developer Exp...
AndreeaTom
 
PDF
AI-Cloud-Business-Management-Platforms-The-Key-to-Efficiency-Growth.pdf
Artjoker Software Development Company
 
PPTX
What-is-the-World-Wide-Web -- Introduction
tonifi9488
 
PDF
Doc9.....................................
SofiaCollazos
 
PDF
Data_Analytics_vs_Data_Science_vs_BI_by_CA_Suvidha_Chaplot.pdf
CA Suvidha Chaplot
 
PDF
GDG Cloud Munich - Intro - Luiz Carneiro - #BuildWithAI - July - Abdel.pdf
Luiz Carneiro
 
PDF
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
PDF
How Open Source Changed My Career by abdelrahman ismail
a0m0rajab1
 
PDF
Oracle AI Vector Search- Getting Started and what's new in 2025- AIOUG Yatra ...
Sandesh Rao
 
PDF
Get More from Fiori Automation - What’s New, What Works, and What’s Next.pdf
Precisely
 
PDF
Unlocking the Future- AI Agents Meet Oracle Database 23ai - AIOUG Yatra 2025.pdf
Sandesh Rao
 
PPTX
Introduction to Flutter by Ayush Desai.pptx
ayushdesai204
 
PDF
MASTERDECK GRAPHSUMMIT SYDNEY (Public).pdf
Neo4j
 
PPTX
AI in Daily Life: How Artificial Intelligence Helps Us Every Day
vanshrpatil7
 
PPTX
Agile Chennai 18-19 July 2025 | Emerging patterns in Agentic AI by Bharani Su...
AgileNetwork
 
PPTX
IT Runs Better with ThousandEyes AI-driven Assurance
ThousandEyes
 
PPTX
The-Ethical-Hackers-Imperative-Safeguarding-the-Digital-Frontier.pptx
sujalchauhan1305
 
PDF
Economic Impact of Data Centres to the Malaysian Economy
flintglobalapac
 
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
Trying to figure out MCP by actually building an app from scratch with open s...
Julien SIMON
 
Dev Dives: Automate, test, and deploy in one place—with Unified Developer Exp...
AndreeaTom
 
AI-Cloud-Business-Management-Platforms-The-Key-to-Efficiency-Growth.pdf
Artjoker Software Development Company
 
What-is-the-World-Wide-Web -- Introduction
tonifi9488
 
Doc9.....................................
SofiaCollazos
 
Data_Analytics_vs_Data_Science_vs_BI_by_CA_Suvidha_Chaplot.pdf
CA Suvidha Chaplot
 
GDG Cloud Munich - Intro - Luiz Carneiro - #BuildWithAI - July - Abdel.pdf
Luiz Carneiro
 
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
How Open Source Changed My Career by abdelrahman ismail
a0m0rajab1
 
Oracle AI Vector Search- Getting Started and what's new in 2025- AIOUG Yatra ...
Sandesh Rao
 
Get More from Fiori Automation - What’s New, What Works, and What’s Next.pdf
Precisely
 
Unlocking the Future- AI Agents Meet Oracle Database 23ai - AIOUG Yatra 2025.pdf
Sandesh Rao
 
Introduction to Flutter by Ayush Desai.pptx
ayushdesai204
 
MASTERDECK GRAPHSUMMIT SYDNEY (Public).pdf
Neo4j
 
AI in Daily Life: How Artificial Intelligence Helps Us Every Day
vanshrpatil7
 
Agile Chennai 18-19 July 2025 | Emerging patterns in Agentic AI by Bharani Su...
AgileNetwork
 
IT Runs Better with ThousandEyes AI-driven Assurance
ThousandEyes
 
The-Ethical-Hackers-Imperative-Safeguarding-the-Digital-Frontier.pptx
sujalchauhan1305
 
Economic Impact of Data Centres to the Malaysian Economy
flintglobalapac
 

JISC Access and Identity Management: Future Directions

  • 1. Access Management Transition Programme Meeting Access Management Futures: JISC and International Development Strategy Nicole Harris Senior Services Transition Manager, JISC
  • 3. Some Background 1995: Athens developed by NISS (National Information Services and Systems) at University of Bath as an in-house system. 1996: eLib Study ‘Technologies to Support Authentication in Higher Education’ identified Athens as a potential solution for all JISC Services. 1997: Athens in use in all JISC Data Centres and rolled out across HEIs / FEIs over the next two years. 1998: CNI White Paper on AAA requirements. JISC commits to using as a basis for next-generation technologies. 1997 – 2000: three year contract for Athens provision with University of Bath and then Eduserv. 2000 – 2008: two three year plus one two year contract with Eduserv for Athens provision. 2000: Alan Robiette and JCAS scope requirements for next generation access management system (ANGEL project starts testing Shibboleth and PAPI technologies). 2002 – 2004: AAA Programme – audit of next generation technologies and ratification of requirements. 2004 – 2007: Core Middleware Programmes. JISC decision to support federated access management. 2006 – 2009: Access Management: Transition Programme. Roll-out and embedding.
  • 4. The Requirements A single access management system for: Intra-institutional resources. Third party digital library type resources. Inter-institutional resources for secure long-term collaboration. Inter-institutional resources for ad-hoc (virtual organisation) collaboration. Evolving strategy: Where possible, JISC should focus on fostering development and use of standards rather than specific technologies. Institutions should have the widest possible range of options, from full open source to commercial support. Solutions should be in line with international developments in the field. Solution must provide real benefits to institutions and service providers.
  • 5. Not just about preventing.. Copyright: Getty Images from the Education Image Gallery
  • 6. ..but about collaborating and sharing Copyright: Getty Images from the Education Image Gallery
  • 7. The UK Development Landscape Athens Gateways CA Bridge eduRoam Gateway Development Level of Assurance – FAME project Identity Management – inter- and intra- NHS / Government N-tier Developments – SPIE project Authorisation Tools - PERMIS, DYVOSE (Authority Delegation) Interfaces / User Tools Virtual Home for Identities Federation Tools Identity / Service Providers outreach support federation Federation Services
  • 10. e-Infrastructure Programme Continued support for integration of UK federation and Grid. Levels of Assurance: ES-LOA. Identity Project. Federated tools: 5 new projects. Federated Identities and virtual organisations with Grouper Virtual Organisations and management of organisations objects Integrated Authorisation for Shibboleth/Grid. Integrating VOMS and PERMIS Virtual Organisation tools Upcoming ITTs / Calls / other work in the areas of…
  • 11. Orphans American evangelist Dwight Lyman Moody (1837 - 1899) with a group of orphans at one of his Chicago missions. Courtesy of the Education Image Gallery Copyright: Getty Images
  • 14. Attributes and Personalisation Copyright: HEFCE
  • 15. e-Research Access Management for complex data Flexible Service Provider models for virtual organisations Ongoing work with the National Grid Service, including the CA Copyright: Getty Images Education Image Gallery
  • 16. Federated Tools such as ShARPE
  • 18. SAML 2.0 Scott Cantor: technical editor of SAML 2.0 specification and lead Shibboleth architect. SC describes it as a ‘vulcan mind-meld’ of SAML 1.1, Shibboleth and Liberty ID-FF 1.2. You can expect in the long-term: Focus on federated identity management. Single log-out. Account linking / management. More features / more complexity. Copyright: Getty Images Education Image Gallery
  • 19. Shibboleth 2.0 Major changes: New and broadening concepts New configuration files Metadata updates Minor installation differences Partial SAML 2.0 support (AuthnRequest, AttributeQuery, SingleLogout). Better session management Better authentication packaged with Shib Better attribute management – particularly attribute filter policy Focus on SP side discovery service (the future?) Better audit and access logs Java Service Provider https://spaces.internet2.edu/display/SHIB/ShibTwoRoadmap .
  • 20. Other Internet2 Stuff More work in collaborative scenarios: virtual organisations etc. Application integration with infrastructure: wikis, SharePoint, Sakai, mailing lists etc. Integrated application providers: yahoo, google, e-bay etc. Easier install IdPs. Information card integration including CardSpace (in place now). Open Liberty Integration
  • 22. Work with our International Partners International Vendor Liaison, with specific emphasis on work with SURF and Internet2. Directory Schema work with TERENA through TF-EMC2. Inter-federation and licensing work with Knowledge Exchange Partners in Netherlands, Germany and Denmark. Inter-federation work with TERENA, Internet2 and DEST. Contributions to the Shibboleth code-base through team at EDINA. Continued international dialogue
  • 23. and developing the UK federation… (see Josh Howlett presentation)