1 / 14

UK Access Management Federation

UK Access Management Federation. Joining the federation 5 December 2006 Mark Tysom, UKERNA. Overview. Eligibility Steps to membership Options and considerations Outsourced identity management Application process. Who is eligible to join? All UK education and research

priscilla-boyd
Download Presentation

UK Access Management Federation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. UK Access Management Federation Joining the federation 5 December 2006 Mark Tysom, UKERNA

  2. Overview • Eligibility • Steps to membership • Options and considerations • Outsourced identity management • Application process

  3. Who is eligible to join? All UK education and research institutions and commercial organisations providing services to those sectors.

  4. Steps to membership • Review ID management strategy 2. Develop user directories: to hold user’s status/entitlements/etc 3. Authentication development: implement an institutional authentication system

  5. Steps to membership 4. Implement compatible Identity provider software linked to organisational directory and authentication systems 5. Join the federation: apply for membership and sign up to federation rules. 6. Deployment and roll out: staff training, user guides, etc.

  6. Participation • How? • In-house • Deploy own IdP infrastructure • Out-source • Purchase IdP service from a third party

  7. Participation • In-house: • Benefits • Retain strategic control over ID management • Convergence of internal/external ID management • Gain flexibility of AuthN info • Considerations • May require significant effort to consolidate authentication and authorisation infrastructure • New technology to learn and deploy

  8. Participation • Out-source: • Benefits • Enables participation in the Federation with less effort than taking the In-house route. • Considerations • Effort required to manage user information • User experience may be impaired • Diminution of strategic control

  9. Outsourced Identity Provision • Both organisation and outsourcing third party must be federation members • Organisation must provide: - contact details of outsourcing body - the entity name to be used - security domain(s) the outsourcer can assert on its’ behalf.

  10. Applying for membership Two stage process: 1. Apply for membership online - ukfederation.org.uk/content/Documents/JoinFederation • A written request on the organisation’s headed paper signed by a senior officer of the organisation. • Authorised to bind the organisation to the federation Rules of Membership.

  11. Applying for membership 2. Register IdP and/or SP entities • Each of which will need an X.509 certificate • Organisational details added to the metadata

  12. Current Membership • Approximately 20 IdPs and 10 SPs: from SDSS • 3 new applications since 30th November: 2 SPs, 1 IdP

  13. Questions?

More Related