Upload File

orcid and federated identity and access management

7
ORCID and Federated Identity and Access Management ORCID Outreach, Chicago, May 21, 2014 Keith Hazelton, Internet2, Univ. of Wisconsin-Madison

Upload: orcid-inc

Post on 08-May-2015

350 views

Category:

Technology


1 download

Report

DESCRIPTION

From the ORCID Outreach Meeting, May 21-22, 2014, Chicago, Illinois, USA, https://orcid.org/content/orcid-outreach-meeting-and-codefest-may-2014 ORCID identifiers in access management Universities and other research organizations have begun utilizing the ORCID identifier to manage access to repositories and research information systems. This session will feature a discussion of integration opportunities, policy and privacy issues, and demonstrations by research organizations. Moderator: Ed Pentz, Executive Director, CrossRef Presenters: Keith Hazelton, Senior IT Architect the University of Wisconsin-Madison/Chair of Internet2 MACE-Dir working group Jared Lyle, Director of Curation Services, Inter-university Consortium for Political and Social Research (ICPSR), University of Michigan Ken Okaya, Product Manager, Rightsholder Services, Copyright Clearance Center / slides Doug Hahn, Senior Information Technology Manager, Texas A&M University Elaine Westbrooks, Associate University Librarian for Research, University of Michigan

TRANSCRIPT

Page 1: ORCID and Federated Identity and Access Management

ORCID and Federated Identity and Access Management

ORCID Outreach, Chicago, May 21, 2014Keith Hazelton, Internet2, Univ. of Wisconsin-Madison

Page 2: ORCID and Federated Identity and Access Management

• ORCID iDs can be passed as part of the attribute payload when a user accesses a federated service

• Raises a question that doesn’t yet have a definitive answer:

• Are there valid usage scenarios for this possibility?

• First: What is federated use of ORCID iDs and what value might it have?

ORCID in Identity Federation Scenarios

Page 3: ORCID and Federated Identity and Access Management

Attribute Schema for Federated Access• Whenever an organization wants its members to get access to

third party digital resources and services • In federated scenarios, the organization offers an Identity

Provider (IdP) serving its members/users while third party resources and services are represented as Service Providers (SPs)

Page 4: ORCID and Federated Identity and Access Management

Federated Flows

Deliver Content

Assert Attributes

Authenticate

Page 5: ORCID and Federated Identity and Access Management

Federated Flows

Deliver Content

Assert Attributes

Authenticate

eduPersonOrcid:http://orcid.org/0000-0102-9134-699X

Page 6: ORCID and Federated Identity and Access Management

There is now a defined way to do this

Page 7: ORCID and Federated Identity and Access Management

• What is the risk to SP of accepting IdPs assertion?• Could standardized verification methods at IdP institution

mitigate the risk?• How would the SP know if a particular ORCID iD had been

verified?• Is SP-side verification always the better alternative?– Since the user is “present”, ORCID APIs could be

leveraged– But that adds a computational step to the SP processing

Federated exchange of ORCID iDs -- good practice?


From Campus Identity Management to a Federated Solution ......2 From campus identity management to a federated solution Case: FEIDE Campus Identity Management Authoritative Quality

Federated Identity for Scientific Collaborations: Policy Issues

Issues in federated identity management

IBM. Tivoli. Federated Identity Manager Version 6.2.2 ... · IBM ®Tivoli Federated Identity Manager Version 6.2.2 Installation Guide GC27-2718-01

Federated Identity for Scientific Collaborations: Policy Issues Jim Basney [email protected] 2 nd Workshop on Federated Identity Systems for Scientific

Practical Federated Identity

ORCID Update CNI Scholarly Identity Workshop Baltimore, Apr 4 2012 Chris Shillum, ORCID

Research Bites | Your identity as a researcher - ORCID

Smart Contract Federated Identity Management

Federated Identity - Opportunities & Risks - TROOPERS18 · – CA SiteMinder – Novell Access Manager • ... • Federated identity has benefits – reduction of (potentially poor)

Federated Identity Management (FIM) or Identity as a Service ( IDaaS )

Federated Identity, Strong Authentication, NSTIC and the ...d3nrwezfchbhhm.cloudfront.net/media/scag13_preconference/08.pdf · Federated Identity, Strong Authentication, NSTIC and

Federated Identity Management, the Real Story

Federated identity and trust management redp3678

Federated Identity & SSO Using Layer 7

Federated Identity Managementeudat.eu/sites/default/files/Federated Identity... · 2019-04-01 · Federated Identity Management • “Federated Identity Management (FIM) is about

Borderless Federated-Identity

ESA EO Federated Identity Management Initiatives

Federated Identity Management for the EUDAT Data e-Infrastructure · – Must work with Invenio (ORCID) 14 Attributes • Shibboleth uses eduPerson – E.g., CN, email, telephonenumber,

CIS14: Why Federated Access Needs a Federated Identity

Federated Identity Management452

Federated Identity and Shibboleth Concepts

Federated Identity for IoT with OAuth2

Federated Identity Management for HEP

IBM Tivoli Federated Identity Manager Version 6.2.1 ... · About this publication IBM ®Tivoli Federated Identity Manager Version 6.2.1 implements solutions for federated single sign-on,

Web Services and Federated Identity Management

Federated Identity Management

Federated Identity API User Guide

Contrail and Federated Identity Management

SOA Federated Identity Management

Federated Identity Concept - Virginia Techpeople.cs.vt.edu/.../cs6204/Presentations/FederatedIdentityConcept.pdf · Federated Identity Concept Muhammad Abu-Saqer ... link their value-chin

The Basics of Federated Identity

Identity Workshop: Introduction to Federated Identity€¦ · Identity Workshop: Introduction to Federated Identity Brook Schofield, TERENA Digital Inclusion Task Leader, GN3plus

Attribute Aggregation in Federated Identity

Federated e-Identity Management across GCC Countries