Federated Identity Management Tutorial Workshop

2007-05-14 01:09 by 管理者

【関連イベント】Federated Identity Management Tutorial Workshop について

平成19年 6月1日(金)にFederated Identity Management Tutorial Workshopと題して
Nate Klingenstein 氏による1dayチュートリアルワークショップを開催します。

日 時:平成19年6月1日(金) 9:00 - 17:00

場 所:国立情報学研究所 20階講義室1
定 員:20人(定員になり次第締め切らせていただきます)
   平成19年度 6月1日(金) ワークショップ参加希望



Effective identity management saves time and money, improves the online experience for users, and helps keep important systems secure.  As projects and collaborations grow, many applications are crossing organizational and international boundaries.  Providing access control for so many people using such big systems is very hard, especially when cooperation between different companies and organizations is needed.  A few different techniques have been developed to authenticate and authorize users consistently, no matter where they are, no matter what they're accessing.

Federated identity allows a system to ask a user's home organization or campus for information about the user .  Global deployment of federated identity already covers over 20 countries and 5 million users.  It can provide access to the largest digital archives in the world, or to individual wiki and course management systems. 

Attribute-based access control provides a consistent set of vocabulary for describing users. 

This workshop will introduce attendees to the concepts of federated identity, identity management, and attribute-based access control.  Major standards such as SAML, OpenID, WS-Security, PKI, and eduPerson will be covered.  Technical details on how federated identity works will be provided, including the requirements for deploying Shibboleth, a standard open-source authentication and attribute solution.  There will also be time for discussion.


9:00 - 9:45: Introduction to Federated Identity & Global Federations 
9:45 - 10:30: Federated Identity Standards: SAML, ID-WSF, and OpenID 
10:30 - 11:00: Break 
11:00 - 11:30: Introduction to Attributes 
11:30 - 12:00: Relating Federated Identity to PKI, LDAP, WS-*, and Grid Computing 
12:00 - 13:30: Lunch 
13:30 - 14:30: All About Attributes, Roles & Groups 
14:30 - 15:15: Access control: protecting the very large applications and the very small applications 
15:15 - 15:45: Break 
15:45 - 16:30: Federation & Shibboleth Deployment 
16:30 - 17:00: Discussion: Opportunities in Japan 


Nate Klingenstein, Technical Analyst at Internet2, has worked with the Shibboleth project since 2001 as documentation and support lead and assisting with architecture, design, and development.  He also serves as outreach and technical liaison for the Shibboleth Core Team to the global community.  He is heavily involved with identity management and grid computing standards organizations as well as identity management research projects around the world.  His other duties with MACE extend into projects such as Signet, Grouper, and eduPerson.  Dynamic metadata and attribute resolution, virtual organizations, n-tier scenarios and delegation, PKI/Shibboleth integration, and modeling the ideal federated domain interface are current research interests.