This link has been bookmarked by 1 people . It was first bookmarked on 12 May 2008, by Philip Guth.
-
12 May 08
-
"Shibboleth aims to help our community meet the increasing demand for access to protected online applications and resources as well as to support the growing need for campus-based researchers to use online collaboration tools to support work with peers at other institutions. Shibboleth 2.0 provides an improved platform for exchanging information in a secure and privacy-preserving manner while at the same time reducing the administrative burdens for institutions and their service provider partners,"
-
Shibboleth 2.0 adds an open source implementation of the OASIS SAML 2.0 standard to the suite of protocol implementations available in previous releases. The software provides a secure, single-sign on mechanism for institutions to enable their users to access protected online resources within their campuses and from their external service provider partners while at the same time protecting individual user privacy.
-
Shibboleth leverages an institution's login and directory systems to authenticate users at their home institution (or "identity provider") and then passes only the relevant information, or "attributes," to the service provider to enable the user access to its online resources. Attributes can include a wide range of information that characterize the user, e.g. identity, permissions at the service provider, employee or student status at the university, class enrollment, age, graduating class, etc. The service provider and institution make agreements on which attributes are needed to make that user eligible to access specific resources.
-
Shibboleth 2.0 enhances the ability for identity providers to use and manage "anonymous identifiers" to protect user privacy but still allow for personalization. The identity provider assigns a persistent unique identifier to a specific user which allows service providers to tailor and improve services based on the needs of that user without knowing their specific identity.
-
Shibboleth's unique anonymous identifier gives the user control over what additional identifiable information (if any) they choose to provide to a vendor, and assures the user's privacy across services," said Holly Eggleston, Assistant Department Head, UC San Diego Library Acquisitions.
-
Shibboleth 2.0 also adds new security features to ensure additional protection of user information. It includes encryption technology specified in the SAML 2.0 standard and provides an improved method for usage logging at the home institution to better track abuse or inappropriate use of the system.
-
rom an operational perspective, the new version of Shibboleth makes it easier for IT staff both at the identity provider institution and service provider to install, operate and manage the software. For instance, to participate in a federation, institutions typically are required to implement a directory schema which provides a consistent set of user attributes among the federating organizations. Shibboleth 2.0 allows institutions to utilize their legacy directory schema by translating the data into the federation- specific attributes as needed in real time. In doing so, Shibboleth 2.0 greatly decreases the resources needed to implement the solution.
-
Would you like to comment?
Join Diigo for a free account, or sign in if you are already a member.