Enhancing IT Network Usage in South African Identity Federation

Enhancing IT Network Usage in South African Identity Federation
Slide Note
Embed
Share

Join the South African Identity Federation Library for an in-depth workshop on federated identity and its importance in information technology. Explore key concepts like single sign-on and federation actors to unlock seamless access to resources across multiple systems.

  • Identity Federation
  • IT Network
  • Workshop
  • South African
  • Single Sign-On
jar_hol
jar_hol Follow

Uploaded on Mar 07, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. South African Identity Federation Library IT Network Usage Enhancement Workshop 2016/08/30

  2. Identity Federations An introduction 2

  3. A federated identity in information technology is the means of linking a person's electronic identity and attributes, stored across multiple distinct identity management systems Federated Identity https://en.wikipedia.org/wiki/Federated_identity 3

  4. The problem we re trying to solve 4

  5. Federated Identity Single Sign-On Key concept to use the same set of credentials to obtain access to multiple resources Specifically tries to avoid duplication of credentials Key concept is to provide credentials once and obtain access to multiple resources Each system may maintain its own set of credentials (e.g. password synchronisation) a single technology may achieve both goals Federated Identity vs Single Sign-On Separate concepts, but 5

  6. End User The end user is typically a real person who belongs to one or more organisations, and would like access to one or more resources or services Federation Actors 6

  7. Identity Provider An Identity Provider knows the End User, and can provide information about that user with a high degree of certainty Typically an organisation to which the End User belongs or works for e.g. students at a university, staff at a research council Also known as their Home Organisation Federation Actors 7

  8. Service Provider A Service Provider operates a resource the End User wishes to gain access to, and needs/wants information about the End User Can be a third party (e.g. a publisher or research facility) Also known as the Visited Organisation Federation Actors 8

  9. Federation Operator A Federation Operator acts as a trusted intermediary between the Identity Provider and the Service Provider Provides the glue (metadata) that makes the federation work Also known as the Roaming Operator Federation Actors 9

  10. Academic Identity Federations 10

  11. All the major social network platforms provide federated identities so why don t we just use these? Why not just use Google? They all have one major drawback they are self asserted This means you cannot trust any of the attributes This is often okay, but donald.trump17@gmail.com 11

  12. Academic identity federations exist to solve the trust problem Your home organisation university, research council, etc knows a lot about you They also know stuff specific to higher education More importantly, most of this information has been checked and may be subject to audit This makes them ideal to act as identity providers Academic Identity Federations 12

  13. All federations have operators Facebook Inc operates Facebook Connect Academic federations are usually operated by the National Research and Education Network Typically only one per country 63 known academic federations worldwide International collaboration through REFEDS Academic Federation Operators 13

  14. Academic Identity Federations Around the World https://refeds.org/federations/federations-map 14

  15. Inter-federation is the linking of one (academic) federation to another Through inter-federation we can gain access to services that are not available in our own country Service providers can gain access to customers Inter- federation 15

  16. Social networks tend to favour OAuth But OAuth does not lend itself to inter- federation Academic federations tend to favour SAML2 Federation Technologies This is commonly misnamed as Shibboleth Shibboleth was an early version of the SAML protocol no longer in use Shibboleth is also the name of a software vendor who makes SAML2 software 16

  17. SAFIRE South African Identity Federation 17

  18. Project started as a pilot 2.5 years ago Joint project of ASAUDIT, SANReN Competency Area & TENET Functional pilot, but struggled to gain traction Eight universities agreed to fund SAFIRE (NWU, RU, SU, UCT, UJ, UKZN, UP, UWC) TENET nominated as juristic body of record Appointed a full time project director in April 2016 SAFIRE History 18

  19. Policy, practice statements, and other governance documentation has been developed Technology roadmap available Covers next ~ 18 months, to full production First phase of implementation underway Preparing to join eduGAIN Had some discussions with ORCID SAFIRE Status University IT departments should know all this 19

  20. Why does all of this matter? AKA What is in it for us? 20

  21. Many libraries are providing access to electronic resources Often there s a demand for off campus access to these Current mechanisms for doing so are dated and problematic Use cases Access to electronic resources There may be benefit from supporting more granular licensing structures What if only academic staff could access it? 21

  22. Use cases Access to electronic resources Rhodes University Library & eduGAIN MET 22

  23. Many universities are making use of shared systems Libraries have OPACs, repository systems, etc. But also research management, funding, etc. Typically these have their own credentials, which leads to confusion for end users And those identities need to be maintained Use cases Shared systems 23

  24. Libraries who publish (e.g. journals) may want to become service providers Get reliable data about end users and affiliations Makes access control simpler one mechanism for all participants Simplify login / sign-up mechanisms Through eduGAIN you can gain access to international markets Use cases Library publishers 24

  25. Reduced integration costs / economies of scale Easier access to resources Fewer data inconsistencies No / less end user identity management Benefits of federating Improved user experiences e.g. off campus users 25

  26. Questions? safire@tenet.ac.za 26

Related


Gymnastics Federation Overview and Support Insights

Gymnastics Federation Overview and Support Insights

amadeus
Overview of Athletics South Africa Federation and Financial Support

Overview of Athletics South Africa Federation and Financial Support

haroon
Zora Neale Hurston: African-American Writer of the Harlem Renaissance

Zora Neale Hurston: African-American Writer of the Harlem Renaissance

kacper
Unforgettable African Safari Holiday Adventures

Unforgettable African Safari Holiday Adventures

Godfrey1
Global Talent: How Overseas Recruitment Agencies in South Africa Are Bridging th

Global Talent: How Overseas Recruitment Agencies in South Africa Are Bridging th

Kelvin1
Cloud Federation and Identity Management

Cloud Federation and Identity Management

islarose
Presentation of South African Reserve Bank Amendment Bill to Joint Committee

Presentation of South African Reserve Bank Amendment Bill to Joint Committee

aisha
Challenges in Developing Indigenous African Psychology

Challenges in Developing Indigenous African Psychology

auryn
Overview of South African Bureau of Standards (SABS)

Overview of South African Bureau of Standards (SABS)

pacey
The Importance of Digital Identity in Modern Society

The Importance of Digital Identity in Modern Society

cormac
OpenID Federation for Trust Establishment

OpenID Federation for Trust Establishment

willem
Transformation of South African Electricity Market: Towards Sustainability

Transformation of South African Electricity Market: Towards Sustainability

sway_912
Enhancing Collaboration in African Statistical Reporting

Enhancing Collaboration in African Statistical Reporting

neer215
European Federation of Foundation Contractors (EFFC): Promoting Excellence in Special Foundations Across Europe

European Federation of Foundation Contractors (EFFC): Promoting Excellence in Special Foundations Across Europe

wild_81
Deep South Wealth Creation Network Overview

Deep South Wealth Creation Network Overview

ebraa
Intersectionality in the South African Context

Intersectionality in the South African Context

alai_4
Determinants of Liquidity in the South African Bond Market

Determinants of Liquidity in the South African Bond Market

lahr_mon
Activities Organized by Polish Federation of Asthma, Allergy, and COPD Patients Associations

Activities Organized by Polish Federation of Asthma, Allergy, and COPD Patients Associations

homr
African Folklore Influence in America: Retaining Cultural Identity and Resistance

African Folklore Influence in America: Retaining Cultural Identity and Resistance

rik_rei
Compliance Requirements for OEMs in South African Mining Industry

Compliance Requirements for OEMs in South African Mining Industry

brainard_e
Enhancing African Higher Education Quality through HAQAA Initiative

Enhancing African Higher Education Quality through HAQAA Initiative

bana
Quantec - South African Consultancy Providing Economic and Financial Data

Quantec - South African Consultancy Providing Economic and Financial Data

jen_pin

More Related Content