• Home

  • Documents

  • A case study of Shibboleth deployment within the U.T. System June 26, 2006 Paul Caskey University of...
9
A case study of Shibboleth deployment within the U.T. System June 26, 2006 Paul Caskey University of Texas System Copyright Paul Caskey 2006 Not Your Father’s SSO!

A case study of Shibboleth deployment within the U.T. System June 26, 2006 Paul Caskey University of Texas System Copyright Paul Caskey 2006 Not Your Father’s

Embed Size (px)

Citation preview

Page 1: A case study of Shibboleth deployment within the U.T. System June 26, 2006 Paul Caskey University of Texas System Copyright Paul Caskey 2006 Not Your Father’s

A case study of Shibboleth deployment within the U.T. System

June 26, 2006

Paul CaskeyUniversity of Texas System

Copyright Paul Caskey 2006

Not Your Father’s SSO!

Page 2: A case study of Shibboleth deployment within the U.T. System June 26, 2006 Paul Caskey University of Texas System Copyright Paul Caskey 2006 Not Your Father’s

2

Agenda

• Background• The Problems• The Vision• Current Status• Lessons Learned• Future Work

Page 3: A case study of Shibboleth deployment within the U.T. System June 26, 2006 Paul Caskey University of Texas System Copyright Paul Caskey 2006 Not Your Father’s

3

Background

• 16 institutions• 9 general academic

• 6 health

• 1 system administration

• 16 unique organizations, budgets, problems, ideas

Page 4: A case study of Shibboleth deployment within the U.T. System June 26, 2006 Paul Caskey University of Texas System Copyright Paul Caskey 2006 Not Your Father’s

4

The Problems

• Small campuses tend to get left behind• Little interoperability between

infrastructures – makes collaboration difficult

• Security concerns from the scattered “islands” of identity information

• Regulations, threat of increased oversight• User complaints about numerous logins and

credentials• No process for authorization

Page 5: A case study of Shibboleth deployment within the U.T. System June 26, 2006 Paul Caskey University of Texas System Copyright Paul Caskey 2006 Not Your Father’s

5

The Vision

• Reduce sign-ons, number of credentials

• Improve security • islands of ID info

• improved authorization

• Establish plug n' play infrastructure for collaboration

• Implement consistent IdM standards

Page 6: A case study of Shibboleth deployment within the U.T. System June 26, 2006 Paul Caskey University of Texas System Copyright Paul Caskey 2006 Not Your Father’s

6

Current Status• SLC Statement of Direction• ETR Grant• Shibboleth install fest 9/04 - 7 institutions initially• Began policy work• Began deploying apps• Shibboleth SP fest 5/05• 5 production applications shared between institutions

1. Guest Wireless at System2. Financial Reporting3. Blackboard4. Employee Training5. Research Tracking

• 11 other applications shibb'd intra-institutionally• MobileCampus, Chancellor's Project Tracking, etc.

• 16 IdPs operational 4/06• Policy docs approved 6/06• Moving federation to production on 9/1• Authorization processes still very immature

Page 7: A case study of Shibboleth deployment within the U.T. System June 26, 2006 Paul Caskey University of Texas System Copyright Paul Caskey 2006 Not Your Father’s

7

Lessons Learned

• Educate developers on technology, trust, authorization

• Pursue low hanging fruit early

• Communicate, communicate, communicate• promote consistent understanding of technology• set expectations

• Identifiers• Namespace• Lifetime/re-use

• Support models• Who/where• Skills• Tools

Page 8: A case study of Shibboleth deployment within the U.T. System June 26, 2006 Paul Caskey University of Texas System Copyright Paul Caskey 2006 Not Your Father’s

8

Future Work

• Bring federation to production status

• Considerable work to do with authorization

• Work on application auto-provisioning/de-provisioning/updating

• Many more apps coming

• Interfederation

Page 9: A case study of Shibboleth deployment within the U.T. System June 26, 2006 Paul Caskey University of Texas System Copyright Paul Caskey 2006 Not Your Father’s

9

Questions

Thank You

[email protected]

THE UNIVERSITY OF TEXAS SYSTEM


U.T.1 NOMENCLATURA NAUTICA

U.T.1 NOMENCLATURA NAUTICA

Documents
u.t. 6. Pigmentos y Cargas

u.t. 6. Pigmentos y Cargas

Documents
Doug Caskey Executive Director CWIDB Colorado State · PDF fileDoug Caskey Executive Director CWIDB ... (Entomology/Agronomy) ... Food Systems Extension Economist Colorado State University

Doug Caskey Executive Director CWIDB Colorado State · PDF fileDoug Caskey Executive Director CWIDB ... (Entomology/Agronomy) ... Food Systems Extension Economist Colorado State University

Documents
An Admin's Guide to Data Visualization - USENIX · An Admin's Guide to Data Visualization Caskey L. Dickson caskey@{microsoft,gmail,twitter,github,...}.com. @caskey [citation needed]

An Admin's Guide to Data Visualization - USENIX · An Admin's Guide to Data Visualization Caskey L. Dickson caskey@{microsoft,gmail,twitter,github,...}.com. @caskey [citation needed]

Documents
U.T. 2 (2.5.) Composición

U.T. 2 (2.5.) Composición

Documents
H. Bessière (Doc) U.T. – IMFT H. Roux (MdC) U.T. – IMFT D. Dartus (Pr) U.T. IMFT

H. Bessière (Doc) U.T. – IMFT H. Roux (MdC) U.T. – IMFT D. Dartus (Pr) U.T. IMFT

Documents
U.T. Pan Am PMU

U.T. Pan Am PMU

Documents
Pippias, M., Jager, K. J. , Caskey, F., Casula, A

Pippias, M., Jager, K. J. , Caskey, F., Casula, A

Documents
U.t.2 ejercicios

U.t.2 ejercicios

Education
Allis caskey presentation

Allis caskey presentation

Documents
Federated Identity Management: Is The State of Texas Ready? Paul Caskey The University of Texas System System-wide Information Services TASSCC 2008 August

Federated Identity Management: Is The State of Texas Ready? Paul Caskey The University of Texas System System-wide Information Services TASSCC 2008 August

Documents
Enfermagem em u.t

Enfermagem em u.t

Documents
u.t. Intamplari Cu Furnici

u.t. Intamplari Cu Furnici

Documents
U.T.1Asc- Intervención Socioeducativa

U.T.1Asc- Intervención Socioeducativa

Documents
u.t 2 Seguridad Física

u.t 2 Seguridad Física

Documents
7/8/2009 Paul Caskey, U.T. System - IAM

7/8/2009 Paul Caskey, U.T. System - IAM

Documents
Daniel Caskey - Best Travel Locations For Photographers

Daniel Caskey - Best Travel Locations For Photographers

Travel
Daniel Caskey - Learn More About Cristiano Ronaldo

Daniel Caskey - Learn More About Cristiano Ronaldo

Sports
Mac on Track Owned and Operated by: Lillie Caskey

Mac on Track Owned and Operated by: Lillie Caskey

Documents
AA1 Owen Caskey

AA1 Owen Caskey

Documents
Unidad1_act2ejercicios de La U.T.1

Unidad1_act2ejercicios de La U.T.1

Documents
GOVERNMENT of U.T. of PUDUCHERRY

GOVERNMENT of U.T. of PUDUCHERRY

Documents
U.T. - 1 La Tierra

U.T. - 1 La Tierra

Documents
Soluciones Mc Graw U.T.2

Soluciones Mc Graw U.T.2

Documents
Caskey 1968 Lerna Bronze

Caskey 1968 Lerna Bronze

Documents
관광홈페이지 U.T 자료

관광홈페이지 U.T 자료

Technology
CA Options: Buy or Build, and Signed by Whom? Paul Caskey PKI Deployment Forum 2008

CA Options: Buy or Build, and Signed by Whom? Paul Caskey PKI Deployment Forum 2008

Documents
Capstone Final Presentation Shelly Caskey ISSUU

Capstone Final Presentation Shelly Caskey ISSUU

Documents
Diapositivas exposicion u.t

Diapositivas exposicion u.t

Education
U.t. 1 organ empresa

U.t. 1 organ empresa

Documents