1 / 25

Maarten Koopmans SURFnet, maarten.koopmans@surfnet.nl OASIS Adoption forum 2006

Real Life Solution, Real Life Problems: A-Select, An Open Source Federated Identity Management Solution An Identity 1.0 story. Maarten Koopmans SURFnet, maarten.koopmans@surfnet.nl OASIS Adoption forum 2006. In the beginning…. Well, the 90’s: a chip card for higher education.

sela
Download Presentation

Maarten Koopmans SURFnet, maarten.koopmans@surfnet.nl OASIS Adoption forum 2006

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Real Life Solution, Real Life Problems: A-Select, An Open Source Federated Identity Management SolutionAn Identity 1.0 story Maarten Koopmans SURFnet, maarten.koopmans@surfnet.nl OASIS Adoption forum 2006

  2. In the beginning… • Well, the 90’s: a chip card for higher education. • It failed miserably.

  3. … (2) • Tests with mobile phones and e-banking (token based in NL). • Piggybacking in 2001-2.

  4. Authentication middleware, 2002 • Authentication middleware that could act as a switch between multiple authentication methods and added SSO as a bonus.

  5. A-Select 1.0 Q4-2002 • First lesson: choose your project name carefully! Authentication selection. • We’ll just call it A-Select “for now”.

  6. 1.0 features • SSO • Multiple authentication methods • Simple “Cross” mode, full identity shared between domains • 3 universities, 30.000 users. • They liked it. We invested.

  7. A-Select in 2002

  8. A-Select in 2002 (2)

  9. The marketing dilemma • How do you get the other universities to use this? • Encourage usage outside and within higher-ed

  10. The question then becomes: • Why don’t you use it?

  11. 2002-3: versions 1.1 – 1.3 • Logging • APIs and protocol improvements • Better user database support • More AuthSPs

  12. A-Select in 2003

  13. 2003: Build a community • E-government chose A-Select, as did the public libraries • System integrators • More universities. • Some 100.000 users in NL

  14. 2004: Strengthen the community • e-government becomes DigiD, keep them on board • Work together with libraries • Add features: • fail over • more application integration components • Open standards are becoming very important with Shibboleth and SAML, especially for higher education

  15. 2004: A-Select diffusion • Encourage usage via diffusion program: target 100,000 users by the end of 2006. • Result: >> 200,000 users in higher ed and more are coming! • Activities: • Documentation • Integration components • On site support • Project consultancy

  16. 2005: Towards a Federation • Release 1.4.1: integrating a lot of contributions from the community, massive clean-up of the codebase • Release 1.4.2: Adding a simple yet flexible authorization engine and attribute acquisition (using, CGI, SOAP, LDAP)

  17. A-Select in 2005

  18. A-Select in 2005

  19. 2005: Digid more and more visible • First cities are using Digid as an A-Select based IdP • First tests with online tax forms with Digid as IdP

  20. 2006: Federation for real • Release 1.5: adds SAML 1.1 with Shibboleth profiles. A-Select can act as IdP for Shib-protected resources. • From 2007 onwards Digid mandatory for online tax forms • Millions of users.

  21. Federation in 2006 SAML (SAML) users identities central federation components resources

  22. Winding down • Apache style licensed • 98% Java based code • > 5 authN Methods • Healthy market and community • millions of users • Incremental growth has paid of: from authN to federation middleware • Open source is a viable model for “NL as a company”

  23. What’s next • 1.6 • WS-* support • SAML 2.0 support • A-Select starter kit (with Linux, reverse proxy, ...)

  24. Expanding internationally • Open standards important for collaboration! • Thank you, OASIS!

  25. Questions / discussion Maarten.Koopmans@surfnet.nl

More Related