110 likes | 152 Views
Federated Identity Graduates. Nate Klingenstein Internet2 APAN 27 高雄台湾, March 3, 2009. Federated Identity is Spreading. Education Shibboleth Government Business to Consumer Business to Business. Core Principle for Principals. The Application is King
E N D
Federated Identity Graduates • Nate Klingenstein • Internet2 • APAN 27 • 高雄台湾, March 3, 2009
Federated Identity is Spreading • Education • Shibboleth • Government • Business to Consumer • Business to Business
Core Principle for Principals • The Application is King • Supply the user data, security, and usability they require • More services equals more success • Critical mass • Especially interesting today • Applications with lower and higher value • Many types and qualities of user data
Major Shibboleth Federations • UK Access Management Federation • 600+ Members • InCommon • 120+ Members • Over 2.2 million students, professors, and staff • SWITCHaai • 90%+ of all students • 30+ Other Countries, mostly in Europe
Major Educational Shibboleth Applications • Microsoft Dreamspark • Apple iTunesU • Elsevier ScienceDirect • EZProxy • Google Apps and Gmail • . . .lots more. . .
U.S. Government Deployment • Recommendation to the Transition Team from ACT endorsing the Shibboleth model for the entire U.S. • National Science Foundation (NSF) and National Institutes of Health (NIH) both InCommon Members • Federal Health IT Standards
Business to Consumer • Facebook Connect with major sites like CNN • Obama Inauguration, other events • OpenID working on discovery and bilateral trust estabishment • Work to copy SAML Artifact design for mobile device enablement
Business to Business • Generally SAML 2.0-based, but not widespread • Software as a Service (SAAS) • salesforce.com • Google Apps • Frustration over limitations of mobile devices, POP/IMAP and other protocols • U.S. Real Estate using SAML 2.0 • Huge return on investment from strong authentication, reducing shared accounts
Other Major Federated Identity Developments • Google suggesting a centralized discovery service (DS) for all SAML, OAuth, and OpenID federated identity • Important, because much international collaboration between Canada, US, UK Federations; schools joining multiple federations
Other Major Federated Identity Developments • Internet Society (ISOC) joins the Liberty Alliance Management Board • Identity TBD (IDtbd) • Microsoft Geneva, part of Windows Azure cloud OS, based on SAML 2.0 • Windows Cardspace still not used • OAuth/OpenID integration efforts to supply services & user data
We’re Here to Help • Global deployment and participation is critical • APAN community can support each other in deploymentshibboleth-announce@internet2.edu middleware@apan.net ndk@internet2.edu