Building Federated Identity Infrastructure
Posted on: 13 Dec, 2023
Aim of the workshop
This technical training event will be of interest to:
- Campus IT and Library Resource teams looking for solutions to effectively manage and scale their identity providing and consuming services;
- NRENs (National Research and Education Networks) exploring identity federation infrastructure for their country and wanting to promote identity federation to their connected campuses.
- How to safely and securely expose the identities of your user community within your organization and beyond.
- How to offer (as well as access) services and resources in a federated community.
- The implication of deploying different federation architectures at the campus and national level.
- The resources to write a federation policy to define the trust and technologies within your environment.
- How the to use metadata management tools to manage membership of your federation.
- Recognize the pros and cons of different federated infrastructure, such as mesh, hub & spoke and centralized login.
- Practical skills in deploying federated identity and service provider services using simple SAMLphp and Shibboleth.
- Understanding of the operation hub & spoke identity infrastructure at the campus level.
- Experience the benefits of federated identity infrastructure by accessing and sharing resources beyond your administrative domain.
- Knowledge to set the direction for library, campus and country identity federation activities.
- Skills to write a federation policy that will allow inter federation with the global research and education community.
Required Equipment
- Laptop
- 1GB of free RAM.
- Ethernet port.
- A Virtual Machine tool (such as VirtualBox, VMware or Parallels).
- Two (2) web browsers installed (such as Firefox, Safari, Opera or Chrome).
- Introduction to Identity Federations
- Getting Started...
- simpleSAMLphp as an Identity Provider
Second day: Service Providers
- Setting up a Shibboleth Service Provider Attributes and Access Control
- Metadata Management
- Service Discovery
- simpleSAMLphp as a Bridge
Third day: Identity Federation and Interfederation Policy
- Policy for Identity Federations
- Extending your Federation
- Concluding Federation Topics and Services
- Comodo - Endpoint Security Manager Introduction
- Comodo - Certificate Lifecycle management
- CHAIN-REDS Science Gateway
- Demonstration on ASREN's IDP
- Wrap-up & Networking
Materials
- MyFirst IdP
- Setting up your environment
- Intro to Federated Identity
- Running this Course (technically)
- Identity Federation
- Shibboleth 2 SP
Trainers
Brook Schofield, Project Development Officer, TERENA
He is responsible for a portfolio of middleware activities within TERENA, including acting as secretary for the Task Force on Mobility and Network Middleware and the Task Force on European Middleware Coordination and Collaboration (EMC2). Within the GN3 (GÉANT) Project, Brook is the task leader for the eduGAIN interfederation service and member of the operational team for eduroam.
Brook organises EuroCAMP (European Campus Architecture and Middleware Planning) which promotes the use of middleware & federated technologies and policy for the campus and organisational level.
Brook graduated from the University of Tasmania in 1998 with an honours degree in computing. He has worked for an Internet Service Provider, a variety of universities in Australia (UTAS, UQ, Griffith, UniSA) and the JISC RSC in the South West of England. As chair of the AARNet eduroam Project Group he helped in the expansion of eduroam in Australia and the Asia Pacific region. This brought him to Europe and TERENA.
Glenn holds a Bachelor of Science Degree in Computer Applications (Software Engineering) from DCU and is an ISC2 Certified Information Systems Security Professional (CISSP) and ICS Certified Data Protection Practitioner.
Comments (0)
Post Your Comment