Upload File

federated authentication - roleplay - aarc · pdf filefederated authentication - roleplay what...

  • Home
  • Documents
  • Federated authentication - roleplay - AARC · PDF fileFederated authentication - roleplay What happens in the federated authentication workflow? At the 2016 LIBER conference we held
5
Federated authentication - roleplay What happens in the federated authentication workflow? At the 2016 LIBER conference we held a workshop: Federate to Win! Part of this workshop was a roleplay game, which illustrates the workflow in a fun way. Dare to play it yourself? The workflow The workflow we played was from a schema from the SWITCH AAI demo. Study the image carefully, take your time. Do you understand what’s going on?

Upload: dotuong

Post on 24-Mar-2018

219 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Federated authentication - roleplay - AARC · PDF fileFederated authentication - roleplay What happens in the federated authentication workflow? At the 2016 LIBER conference we held

Federatedauthentication-roleplayWhathappensinthefederatedauthenticationworkflow?Atthe2016LIBERconferenceweheldaworkshop:FederatetoWin!Partofthisworkshopwasaroleplaygame,whichillustratestheworkflowinafunway.Daretoplayityourself?TheworkflowTheworkflowweplayedwasfromaschemafromtheSWITCHAAIdemo.Studytheimagecarefully,takeyourtime.Doyouunderstandwhat’sgoingon?

Page 2: Federated authentication - roleplay - AARC · PDF fileFederated authentication - roleplay What happens in the federated authentication workflow? At the 2016 LIBER conference we held

TheplayersIntheroleplaythereareseveral‘characters’tobeplayed:

● User● LibraryPortal(aserviceprovider)● IdentityProvider(attheuser’shomeorganisation)● WhereAreYouFrom/DiscoveryService● Guide● SAMLProtocol

Attachedyoucanfindsignsfortheusergroups.Youcanprintthem(ormakethemyourself),anddistributethemamongtheplayers.Startplaying!Theroleplayisbothfunanduseful,hereishowyoucanplaythefederatedauthenticationworkflow:

1. TheLibraryPortalanswers:“Hallo,welcome!Whereareyoufrom?”.2. TheUsergoestoWhereAreYouFrom/DiscoveryServiceandchooseshis/herhome

organisation,andcomesbacktotheLibraryPortal.3. NowtheLibraryPortalaskstheUser:“Couldyouloginatyourhomeorganisation

now,please,soIknowdetailsaboutyousoIcanprovideyoutheserviceyouareaskingfor?”

4. TheUsergoestohis/herHomeOrganisation/IdentityProviderandtheIdentityProvideraskstheUser:“Hithere,couldyouenteryourcredentialshereinmysecureform,please?”.

5. TheUserentersthecredentials,theIdentityProviderrecognisestheUserandtellstheUser:“Thankyou,Iknowyou,IamsecurelypassingallnecessarydetailsaboutyoutotheLibraryPortal”.

6. TheUsergoesbacktotheLibraryPortal.MeanwhileSAMLProtocolpasseshis/heruserattributessecurelyinanenvelopefromtheIdentityProvidertotheServiceProvider/LibraryPortal.

7. TheLibraryPortalcheerstheUser:“NowIknowallthedetailsaboutyouIneedtoprovideyouwiththeserviceyouareaskingfor.Hereyougo!”.TheUserishappynowwithaserviceheneedsfromtheLibraryPortal.

ToillustrateSingle-Sign-On,tryaddinganotherServiceProvider.WhentheUserapproachesanotherServiceProvider,theServiceProvideragainsendstheUsertotheDiscoveryService.TheUserchooseshisHomeOrganisationagain,butnowtheIdentityProviderdoesn’taskfortheUsercredentialsashecanremembertheUserandsecurelypassesallnecessarydetailsabouttheUsertotheotherServiceProviderandtheUserisallowedbytheServiceProvidertoaccessrequestedservice.

Page 3: Federated authentication - roleplay - AARC · PDF fileFederated authentication - roleplay What happens in the federated authentication workflow? At the 2016 LIBER conference we held

Figuresforposters

Page 4: Federated authentication - roleplay - AARC · PDF fileFederated authentication - roleplay What happens in the federated authentication workflow? At the 2016 LIBER conference we held
Page 5: Federated authentication - roleplay - AARC · PDF fileFederated authentication - roleplay What happens in the federated authentication workflow? At the 2016 LIBER conference we held

FurtherReading

● LIBER2016workshopreport:FederatetoWin!AnAARCWorkshopattheLIBER● SWITCHAAIDemo


Single Sign-On, Federated Authentication and Beyond at NIH

BI Office - Pyramid Analytics...BI Office 5 Pyramid Analytics BI Office | Version 6.5 Web Authentication Model Guide 2. How Federated Forms Work Use the BI Office federated forms authentication

Shibboleth A Federated Approach to Authentication and Authorization Fed/Ed PKI Meeting June 16, 2004

Secure Authentication and Attribute Sharing in Federated Identity Scenarios

RolePlay PirateMap

PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies

Implementation of Federated Authentication Polito

Stronger Authentication in a Federated World

© 2015 albert-learning.com Roleplay – University Life Roleplay UNIVERSITY LIFE

Single Sign-On and Federated Authentication for …...2011/11/02  · Single Sign-On and Federated Authentication for Research and Collaboration Debbie Bucci National Institutes of

Naskah Roleplay Ethum

Single Sign-On, Federated Authentication and Beyond at NIH Dr. Peter Alterman National Institutes of Health

Federated Authentication with Web Services Clients

© 2014 wheresjenny.com Roleplay – University life Roleplay UNIVERSITY LIFE

Roleplay Komunikasi

Heru Subagiyo, S.Sn ROLEPLAY - ftp.unpad.ac.id · SEMESTER 1 Heru Subagiyo, S.Sn Heru Subagiyo, S.Sn ROLEPLAY. i Roleplay . ROLEPLAY . Heru Subagiyo, S.Sn . Untuk Sekolah Menengah

Prototyping a new open education platform offering e-book based courses linked to Moodle with federated authentication

Deploying BiobankCloud with Karamel/Chef and Federated Authentication in BiobankCloud Jim Dowling, KTH Royal Institute of Technology

Single Sign-On and Federated Authentication at NIH and Beyond Debbie Bucci National Institutes of Health

Globus Security Deep Dive · 2018. 9. 2. · Globus Security Deep Dive GlobusWorld 2014 Steve Tuecke . Globus Federated Identity Authentication and Linking . Linking a Federated Identity

halusinasi +roleplay

Naskah Roleplay

Roleplay Exercise

Authentication and Authorization in a federated environment Jules Wolfrat (SARA)

Module 5 Configuring Authentication. Module Overview Lesson 1: Understanding Classic SharePoint Authentication Providers Lesson 2: Understanding Federated

Federated Identity, Strong Authentication, NSTIC and the ...d3nrwezfchbhhm.cloudfront.net/media/scag13_preconference/08.pdf · Federated Identity, Strong Authentication, NSTIC and

A Federated Single Sign-On architecture with multi factor authentication A high level yet somewhat technical presentation

IRODS AND FEDERATED IDENTITY AUTHENTICATION · iRODS behind a Web application: token based protocols It is possible to use OpenID Connect authentication or SAML: passing the token

Federated Authentication Utilizing Apache & SSSD · 2015-03-06 · Federated Authentication Utilizing Apache & SSSD 1 Introduction 4 ... Configuration Guide 9 ... How Apache Identity

Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication

Group1 recruiting roleplay

E-Authentication: A Federated Approach to Identity Management December 2004

Siegfried Roleplay

Strong Authentication without Tamper-Resistant Hardware ... · Strong Authentication without Tamper-Resistant Hardware and Application to Federated Identities Zhenfeng Zhang1;2;3;Yuchen

Federated Authentication mechanism for mobile services Dasun Weerasinghe, Saritha Arunkumar, M Rajarajan, Veselin Rakocevic Mobile Networks Research Group