60 likes | 187 Views
Developments and challenges in authentication and authorisation. Klaas Wierenga klaas.wierenga@surfnet.nl Amsterdam, October 2 2006. Organisational Challenges. Local identity management Provisioning must be understood both on campus and in applications Managing roles and attributes
E N D
Developments and challenges in authentication and authorisation Klaas Wierenga klaas.wierenga@surfnet.nl Amsterdam, October 2 2006
Organisational Challenges • Local identity management • Provisioning • must be understood both on campus and in applications • Managing roles and attributes • Harmonisation • OSI-layer crossing • Scalability problems (many sources of authority)
Technical Challenges (1) • Horizontal integration • Government federations • Commercial federations (Liberty Alliance, WS-* based) • Across national boundaries • Vertical integration • Web SSO, eduroam, grids • Lightpath provisioning (GLIF), measurement and monitoring (PerfSonar) • E-mail, IM, SIP, SSH
Technical Challenges (2) • External IdP’s • Different levels of authentication • Different levels of authorisation • From authentication to authorisation • Do those enterprise directories really contain authoritative authorisation information? • Security constraints • Policy and technology • N-tier problems • Where are the attributes?
Political and Societal challenges • Privacy • Locally • Within federations • Across Europe • World-wide • Interconnection policies • building federations • bridging federations • Integration of enterprise and federated identity with personal identity • Agreement on consistent approaches to authentication
Players • Cisco • Nortel • Juniper • Sun • M$ • Liberty Alliance • Amazon • OGF • GLIF