Shibboleth 2.0 Update - PowerPoint PPT Presentation

1 / 11
About This Presentation
Title:

Shibboleth 2.0 Update

Description:

Shibboleth 2.0 Update Nate Klingenstein Topics SAML 2.0 -- new features Shibboleth 2.0 Features Shibboleth 2.1 Features Timelines SAML 2.0 -- new features Authn ... – PowerPoint PPT presentation

Number of Views:226
Avg rating:3.0/5.0
Slides: 12
Provided by: greg454
Learn more at: http://www.ggf.org
Category:

less

Transcript and Presenter's Notes

Title: Shibboleth 2.0 Update


1
Shibboleth 2.0 Update
  • Nate Klingenstein

2
Topics
  • SAML 2.0 -- new features
  • Shibboleth 2.0 Features
  • Shibboleth 2.1 Features
  • Timelines

3
SAML 2.0 -- new features
  • Authn Request -- extended functionality
  • Single Logout
  • NameID Mapping and Management
  • IdPs can inform SPs of name changes
  • Metadata (Already used by Shib 1.3)
  • Enhanced Client or Proxy (ECP) Profile
  • Encryption
  • Improved Attribute Push

4
OpenSAML 2.0 Features
  • Nearly completely rewritten for cleaner
    interfaces
  • Supports SAML v1.0(eAuth), v1.1 and v2.0
  • 50 done

5
Shibboleth 2.0 Features
  • Shibboleth 1.3 functionality built on a SAML 2.0
    base
  • With a few urgent enhancements
  • Convergence with commercial Liberty Alliance-
    SAML-based products
  • AuthenticationRequest
  • Shib will include some Authentication processing
    "in the box
  • New interface to SSO systems needed to support
    new functionality in Authn Request

6
Shibboleth 2.0 Features
  • Java SP
  • Improved SP Clustering
  • Backend ODBC timeout/attribute sharing
  • Shibboleth is Apache 2.2 compatible, but its
    clustering is out of scope
  • Production-ready WAYF providing both standalone
    and application-integrated functionality in at
    least Java

7
Shibboleth 2.1 Features
  • Delegated Authentication
  • Support for All SAML 2.0 assertions except
    AuthnQuery and AuthzDecisionQuery
  • SAML NameID management requests account linking
  • Attribute aggregation(Steven of IEEE)?
  • At IdP?
  • At SP?

8
Shibboleth 2.1 Features
  • Enhanced Client Support
  • PAOS -- WAYF Solution?
  • Global Logout
  • Improved targetedID implementation (SAML
    persistent identifier)

9
Timelines
  • Coding underway on OpenSAML 2.0
  • Beta in March timeframe
  • Shibboleth 2.0 still being fully scoped
  • Initial beta available May/June 2006
  • Final release end of summer

10
Other Cool New Stuff of Interest
  • SHARPE (Late Beta)
  • Signet (Probably 1.0 released)
  • Grouper (v0.9)
  • Nexus (Still Memphis-specific)

11
Enterprise Infrastructure VO/Grid Integration
  • Attributes Authorization
  • User Data
  • Permissions
  • VO-Specific Information
  • Authentication Principals
  • GridShib
  • X.509
  • New Working Group?
  • ndk_at_internet2.edu
Write a Comment
User Comments (0)
About PowerShow.com