1 / 6

Securing geodata services Pilot study: SAML via Shibboleth

Implementing a cost-effective open-source SAML solution for secure distributed user management and federation. Utilizing Shibboleth for authentication and fine-grained authorization control. Expected completion by December 2011.

moline
Download Presentation

Securing geodata services Pilot study: SAML via Shibboleth

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Securing geodata servicesPilot study: SAML via Shibboleth

  2. Objectives • Replace commercial AuthN system with open-source SAML solution – lower cost • Distributed user management – lower cost, increased security • Technical implementation of existing federation - ”The Geodata Cooperation Agreement” • Prepare support of upcoming national (and european) eId, using SAML technique • Possible re-use of existing federations (SWAMID, Swedish Academic Identity)

  3. Current infrastructure • Commercial Authentication system • Centralized user storage • Con terra securityManager for fine-grained Authorization control, using centralized user storage • Distributed service providers

  4. Pilot infrastructure • SAML Authentication via Shibboleth • Shibboleth WAYF (Discovery service) • Federation of distributed user storages (Identity providers) • Con terra securityManager for fine-grained authorization control, using SAML assertions • Distributed service providers

  5. Pilot estimated timing End of October 2011 • SAML Authentication via Shibboleth • Shibboleth WAYF (Discovery service) End of December 2011 • Federation of distributed user storages (Identity providers) • Con terra securityManager for fine-grained authorization control, using SAML assertions Already in place • Distributed service providers

  6. Contact • Questions • Comments • Feedback • More information • …share your own Shibboleth experiences • …participate in pilot Mats Isaksson mats.k.isaksson@lm.se Enjoy Edinburgh!

More Related