SlideShare una empresa de Scribd logo

Location Assertion - Nicole Harris, JISC Advance

Eduserv
Eduserv
Tecnología
1 de 9
Location Assertion Nicole Harris FAM12 6th November 2012
From Where Are You From to Where Are You Now?
Problem Statement • Original requirement from the Schools Sector; • SP Business Case: – Primary market is individual home users; – Secondary sales to schools for pupils ‘on network’; • Need to distinguish these cases; • Desire to move from SP recognising IP to IdP asserting location.
Why not IP authentication? • Often not granular enough; • Easy to ‘fake’; • Difficult to maintain accurately; • Prone to keying errors; • Low tech implementations.
Location Assertion Extension • Extension to Shibboleth; • Downloadable and implementable now;(https://github.com/ukf/ua-attribute-idp- ext); • Creates attributes at the time of authentication based on IP address of the user agent; • SP can make decisions based on known location as well as other assertions.
What Does it Look Like? New Subsidiary attribute and use of eduPersonEntitlement resolver:DataConnector id=”userAgentAttributes” xsi:type=”uadc:UserAgentMappedAttributes” uadc:Mapping cidrBlock=”217.155.0.0/16″ attributeId=”userAgent” attributeValue=”http://iay.org.uk/networks/zenInternet”/ uadc:Mapping cidrBlock=”82.68.0.0/14″ attributeId=”userAgent” attributeValue=”http://iay.org.uk/networks/zenInternet”/ uadc:Mapping cidrBlock=”192.168.117.19/32″ attributeId=”eduPersonEntitlement” attributeValue=”http://iay.org.uk/entitlements/kestrel”/
Solving Walk-in? • Allows Walk-in with BYOD; • Easy to provision guest accounts that don’t work outside the institutional boundary; • Able to configure walk-in at a granular level for SPs that don’t allow. BUT…
Service Provider Implementation Publishers have to actually consume and react to the attributes being passed.
More information Blog post: • http://access.jiscinvolve.org/wp/wayrn2/ The code: • https://github.com/ukf/ua-attribute-idp-ext

Recomendados

eduGain - Brook Schofield, TERENA
eduGain - Brook Schofield, TERENAeduGain - Brook Schofield, TERENA
eduGain - Brook Schofield, TERENA
Eduserv
 
Update on Raptor - understanding usage information for e-resources - Dr Rhys ...
Update on Raptor - understanding usage information for e-resources - Dr Rhys ...Update on Raptor - understanding usage information for e-resources - Dr Rhys ...
Update on Raptor - understanding usage information for e-resources - Dr Rhys ...
Eduserv
 
Making federations work together more effectively - Nicole Harris, JISC Adva...
Making federations work together more effectively - Nicole Harris, JISC Adva...Making federations work together more effectively - Nicole Harris, JISC Adva...
Making federations work together more effectively - Nicole Harris, JISC Adva...
Eduserv
 
Phase two of OpenAthens SP evolution including OpenID connect option
Phase two of OpenAthens SP evolution including OpenID connect optionPhase two of OpenAthens SP evolution including OpenID connect option
Phase two of OpenAthens SP evolution including OpenID connect option
Eduserv
 
Partnership Licensing - allowing access to licensed resources
Partnership Licensing - allowing access to licensed resources Partnership Licensing - allowing access to licensed resources
Partnership Licensing - allowing access to licensed resources
Eduserv
 
Lightning talk - EBSCO
Lightning talk - EBSCOLightning talk - EBSCO
Lightning talk - EBSCO
Eduserv
 
Lightning talk - Boopsie
Lightning talk - BoopsieLightning talk - Boopsie
Lightning talk - Boopsie
Eduserv
 
Lightning talk - Softlink
Lightning talk - SoftlinkLightning talk - Softlink
Lightning talk - Softlink
Eduserv
 

Recomendados

eduGain - Brook Schofield, TERENA
eduGain - Brook Schofield, TERENAeduGain - Brook Schofield, TERENA
eduGain - Brook Schofield, TERENA
Eduserv
 
Update on Raptor - understanding usage information for e-resources - Dr Rhys ...
Update on Raptor - understanding usage information for e-resources - Dr Rhys ...Update on Raptor - understanding usage information for e-resources - Dr Rhys ...
Update on Raptor - understanding usage information for e-resources - Dr Rhys ...
Eduserv
 
Making federations work together more effectively - Nicole Harris, JISC Adva...
Making federations work together more effectively - Nicole Harris, JISC Adva...Making federations work together more effectively - Nicole Harris, JISC Adva...
Making federations work together more effectively - Nicole Harris, JISC Adva...
Eduserv
 
Phase two of OpenAthens SP evolution including OpenID connect option
Phase two of OpenAthens SP evolution including OpenID connect optionPhase two of OpenAthens SP evolution including OpenID connect option
Phase two of OpenAthens SP evolution including OpenID connect option
Eduserv
 
Partnership Licensing - allowing access to licensed resources
Partnership Licensing - allowing access to licensed resources Partnership Licensing - allowing access to licensed resources
Partnership Licensing - allowing access to licensed resources
Eduserv
 
Lightning talk - EBSCO
Lightning talk - EBSCOLightning talk - EBSCO
Lightning talk - EBSCO
Eduserv
 
Lightning talk - Boopsie
Lightning talk - BoopsieLightning talk - Boopsie
Lightning talk - Boopsie
Eduserv
 
Lightning talk - Softlink
Lightning talk - SoftlinkLightning talk - Softlink
Lightning talk - Softlink
Eduserv
 
Lightning talk - Third Iron BrowZine
Lightning talk - Third Iron BrowZineLightning talk - Third Iron BrowZine
Lightning talk - Third Iron BrowZine
Eduserv
 
Lightning talk - Eduserv Chest Agreements
Lightning talk - Eduserv Chest AgreementsLightning talk - Eduserv Chest Agreements
Lightning talk - Eduserv Chest Agreements
Eduserv
 
Phase one of OpenAthens SP evolution
Phase one of OpenAthens SP evolutionPhase one of OpenAthens SP evolution
Phase one of OpenAthens SP evolution
Eduserv
 
Key considerations when mapping your end user experience
Key considerations when mapping your end user experienceKey considerations when mapping your end user experience
Key considerations when mapping your end user experience
Eduserv
 
Our product development methodology
Our product development methodologyOur product development methodology
Our product development methodology
Eduserv
 
How Readers Discover Content
How Readers Discover ContentHow Readers Discover Content
How Readers Discover Content
Eduserv
 
OpenAthens product update
OpenAthens product updateOpenAthens product update
OpenAthens product update
Eduserv
 
OpenAthens Customer Conference - Welcome address
OpenAthens Customer Conference - Welcome addressOpenAthens Customer Conference - Welcome address
OpenAthens Customer Conference - Welcome address
Eduserv
 
Generating leads with content marketing
Generating leads with content marketingGenerating leads with content marketing
Generating leads with content marketing
Eduserv
 
Pre-launch introduction to the new OpenAthens SP dashboard - 13/09/2016
Pre-launch introduction to the new OpenAthens SP dashboard - 13/09/2016Pre-launch introduction to the new OpenAthens SP dashboard - 13/09/2016
Pre-launch introduction to the new OpenAthens SP dashboard - 13/09/2016
Eduserv
 
Mobius from Maplesoft
Mobius from MaplesoftMobius from Maplesoft
Mobius from Maplesoft
Eduserv
 
QSR NVivo
QSR NVivo QSR NVivo
QSR NVivo
Eduserv
 
How Eduserv are helping local government organisations
How Eduserv are helping local government organisationsHow Eduserv are helping local government organisations
How Eduserv are helping local government organisations
Eduserv
 
Is cloud the right fit for your needs?
Is cloud the right fit for your needs?Is cloud the right fit for your needs?
Is cloud the right fit for your needs?
Eduserv
 
Planning your cloud strategy: Adur and Worthing Councils
Planning your cloud strategy: Adur and Worthing CouncilsPlanning your cloud strategy: Adur and Worthing Councils
Planning your cloud strategy: Adur and Worthing Councils
Eduserv
 
Software Asset Management and Education
Software Asset Management and EducationSoftware Asset Management and Education
Software Asset Management and Education
Eduserv
 
OpenAthens Service Provider in the cloud: development update
OpenAthens Service Provider in the cloud: development update OpenAthens Service Provider in the cloud: development update
OpenAthens Service Provider in the cloud: development update
Eduserv
 
Putting public cloud in your government ICT strategy
Putting public cloud in your government ICT strategyPutting public cloud in your government ICT strategy
Putting public cloud in your government ICT strategy
Eduserv
 
AWS overview - Steve Bryen, AWS
AWS overview - Steve Bryen, AWSAWS overview - Steve Bryen, AWS
AWS overview - Steve Bryen, AWS
Eduserv
 
Adur and Worthing Case Study - Paul Brewer
Adur and Worthing Case Study - Paul BrewerAdur and Worthing Case Study - Paul Brewer
Adur and Worthing Case Study - Paul Brewer
Eduserv
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
Radu Cotescu
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 

Más contenido relacionado

Más de Eduserv

Is cloud the right fit for your needs?
Is cloud the right fit for your needs?Is cloud the right fit for your needs?
Is cloud the right fit for your needs?
Eduserv
 
OpenAthens Service Provider in the cloud: development update
OpenAthens Service Provider in the cloud: development update OpenAthens Service Provider in the cloud: development update
OpenAthens Service Provider in the cloud: development update
Eduserv
 

Más de Eduserv (20)

Lightning talk - Third Iron BrowZine
Lightning talk - Third Iron BrowZineLightning talk - Third Iron BrowZine
Lightning talk - Third Iron BrowZine
 
Lightning talk - Eduserv Chest Agreements
Lightning talk - Eduserv Chest AgreementsLightning talk - Eduserv Chest Agreements
Lightning talk - Eduserv Chest Agreements
 
Phase one of OpenAthens SP evolution
Phase one of OpenAthens SP evolutionPhase one of OpenAthens SP evolution
Phase one of OpenAthens SP evolution
 
Key considerations when mapping your end user experience
Key considerations when mapping your end user experienceKey considerations when mapping your end user experience
Key considerations when mapping your end user experience
 
Our product development methodology
Our product development methodologyOur product development methodology
Our product development methodology
 
How Readers Discover Content
How Readers Discover ContentHow Readers Discover Content
How Readers Discover Content
 
OpenAthens product update
OpenAthens product updateOpenAthens product update
OpenAthens product update
 
OpenAthens Customer Conference - Welcome address
OpenAthens Customer Conference - Welcome addressOpenAthens Customer Conference - Welcome address
OpenAthens Customer Conference - Welcome address
 
Generating leads with content marketing
Generating leads with content marketingGenerating leads with content marketing
Generating leads with content marketing
 
Pre-launch introduction to the new OpenAthens SP dashboard - 13/09/2016
Pre-launch introduction to the new OpenAthens SP dashboard - 13/09/2016Pre-launch introduction to the new OpenAthens SP dashboard - 13/09/2016
Pre-launch introduction to the new OpenAthens SP dashboard - 13/09/2016
 
Mobius from Maplesoft
Mobius from MaplesoftMobius from Maplesoft
Mobius from Maplesoft
 
QSR NVivo
QSR NVivo QSR NVivo
QSR NVivo
 
How Eduserv are helping local government organisations
How Eduserv are helping local government organisationsHow Eduserv are helping local government organisations
How Eduserv are helping local government organisations
 
Is cloud the right fit for your needs?
Is cloud the right fit for your needs?Is cloud the right fit for your needs?
Is cloud the right fit for your needs?
 
Planning your cloud strategy: Adur and Worthing Councils
Planning your cloud strategy: Adur and Worthing CouncilsPlanning your cloud strategy: Adur and Worthing Councils
Planning your cloud strategy: Adur and Worthing Councils
 
Software Asset Management and Education
Software Asset Management and EducationSoftware Asset Management and Education
Software Asset Management and Education
 
OpenAthens Service Provider in the cloud: development update
OpenAthens Service Provider in the cloud: development update OpenAthens Service Provider in the cloud: development update
OpenAthens Service Provider in the cloud: development update
 
Putting public cloud in your government ICT strategy
Putting public cloud in your government ICT strategyPutting public cloud in your government ICT strategy
Putting public cloud in your government ICT strategy
 
AWS overview - Steve Bryen, AWS
AWS overview - Steve Bryen, AWSAWS overview - Steve Bryen, AWS
AWS overview - Steve Bryen, AWS
 
Adur and Worthing Case Study - Paul Brewer
Adur and Worthing Case Study - Paul BrewerAdur and Worthing Case Study - Paul Brewer
Adur and Worthing Case Study - Paul Brewer
 

Último

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 

Último (20)

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 

Location Assertion - Nicole Harris, JISC Advance

  • 1. Location Assertion Nicole Harris FAM12 6th November 2012
  • 2. From Where Are You From to Where Are You Now?
  • 3. Problem Statement • Original requirement from the Schools Sector; • SP Business Case: – Primary market is individual home users; – Secondary sales to schools for pupils ‘on network’; • Need to distinguish these cases; • Desire to move from SP recognising IP to IdP asserting location.
  • 4. Why not IP authentication? • Often not granular enough; • Easy to ‘fake’; • Difficult to maintain accurately; • Prone to keying errors; • Low tech implementations.
  • 5. Location Assertion Extension • Extension to Shibboleth; • Downloadable and implementable now;(https://github.com/ukf/ua-attribute-idp- ext); • Creates attributes at the time of authentication based on IP address of the user agent; • SP can make decisions based on known location as well as other assertions.
  • 6. What Does it Look Like? New Subsidiary attribute and use of eduPersonEntitlement resolver:DataConnector id=”userAgentAttributes” xsi:type=”uadc:UserAgentMappedAttributes” uadc:Mapping cidrBlock=”217.155.0.0/16″ attributeId=”userAgent” attributeValue=”http://iay.org.uk/networks/zenInternet”/ uadc:Mapping cidrBlock=”82.68.0.0/14″ attributeId=”userAgent” attributeValue=”http://iay.org.uk/networks/zenInternet”/ uadc:Mapping cidrBlock=”192.168.117.19/32″ attributeId=”eduPersonEntitlement” attributeValue=”http://iay.org.uk/entitlements/kestrel”/
  • 7. Solving Walk-in? • Allows Walk-in with BYOD; • Easy to provision guest accounts that don’t work outside the institutional boundary; • Able to configure walk-in at a granular level for SPs that don’t allow. BUT…
  • 8. Service Provider Implementation Publishers have to actually consume and react to the attributes being passed.
  • 9. More information Blog post: • http://access.jiscinvolve.org/wp/wayrn2/ The code: • https://github.com/ukf/ua-attribute-idp-ext