|Session||Middleware: Extending Campus Identity & Security|
|Chair(s)||Yasuo OkabeNate, Klingenstein|
|Target Audience||Deployers and maintainers of campus identity management systems, applications that use that identity information, and other organizations involved with running national identity systems.|
1. [VTC] Shibboleth Implementation for the Australian Access Federation (AAF)
Speaker: James Dalziel / Macquarie University Sydney, Australia
Abstract: This presentation provides an overview of Shibboleth implementation for the Australian Access Federation (the national Shibboleth and PKI rollout for the Australian higher education and research sector). The AAF Shibboleth rollout builds on the lessons of the MAMS (Meta Access Management System) project at Macquarie University, which has implemented a testbed Shibboleth federation with 27 IdPs and 28 SPs, covering approximately 1 million identities. The presentation will discuss the Operational Requirements recommended for the Shibboleth rollout, together with related technologies such as ShARPE and Autograph for institutional and personal privacy management. The presentation will also discuss the use of a Federation Manager system (including customised metadata) and Federation Services, and conclude with discussion of implementation timelines.
Biography: James Dalziel is Professor of Learning Technology and Director of the Macquarie E-Learning Centre Of Excellence (MELCOE) at Macquarie University in Sydney, Australia. James leads a number of projects including: LAMS (Learning Activity Management System), including roles as a Director of the LAMS Foundation and LAMS International Pty Ltd; MAMS (Meta Access Management System), a national identity and access infrastructure project for the Australian higher education sector; RAMP (Research Activityflow and Middleware Priorities), a project investigating open standards authorisation and e-Research workflows, and ASK-OSS (the Australian Service for Knowledge of Open Source Software), a national advisory service on open source issues for the Australia higher education and research sector. Prior to his current roles, James helped lead the COLIS (Collaborative Online Learning and Information Services) project, was a Director of WebMCQ Pty Ltd, an e-learning and assessment company, and was a Lecturer in Psychology at the University of Sydney.
2. Application Resources Integration to CARSI Federation
Speaker: Hao Ma / Computer Center, Peking University
Abstract: CARSI (CERNET Authentication and Resource Sharing Infrastructure) project aims to provide a resource sharing platform for CERNET (China Education and Research NETwork) universities and users through cross-domain identity management. Among those internet web applications which intend to be integrated with CARSI, different authentication and access control mechanisms are required. The diversity and complexity of the application local user management policy increases the difficulty of integrating applications to the CARSI federation. Therefore, it hindered federation extension and application resource abundance. The presentation will introduce related research in CARSI and mainly focuses on the problem of how to easily integrate various internet applications into the cross-domain resource sharing platform. Based on the web application inherent user management policies and requirements, when it comes the problem to upgrade them to CARSI resources, the legacy applications are classified to three that is 1) the authentication only resources, 2) the authentication and authorization independent resources, 3) the authentication and authorization embedded resources. The presentation will analyze the three resource categories in detail and introduce the CARSI resource integration model that uniformly supports the three categories with little modification to application codes and big enhancement to federation sharing.
Biography: Hao Ma is a Associate Professor of Computer Center at Peking University. His research interests are in computer networks. In particalar, his current projects span serveral areas, such as P2P streaming, P2P security, network management and Internet measurement.
3a. Identity and Access Management Development in New Zealand
Presenter biography: Dr Robert Gibb is the Geospatial Informatics Research Leader at Landcare Research and PI for the SCENZ-Grid REANNZ Capability Build Fund project. He has over 25 years experience in geospatial research in New Zealand and pioneered GIS metadata catalogues in the late 80s and web-based GIS in the mid 90s. He was closely involved in the development of NZ's Geospatial Strategy, and continues to be closely involved with its implementation.
4. (Tentative )Policy-based access control for secure and user-friendly WLAN roaming systems
Speakers: Hisaya Wakayama (speaker), Junichi Yamato, Hideaki Goto, Hideaki Sone(Tohoku University, Japan)
Abstract: Security and usability are both very important in campus WLAN roaming systems. We have developed two functions to improve eduroam-based WLAN systems. One of them is a policy-based access control function that grants roaming users' accesses to the local resources at the visited institution. The function uses access level assigned to the user at the home institution and access policy at the visited institution. The other one is a proxy VPN function which automatically establishes VPN connections for roaming users' terminals. Throughout evaluations using our prototype system, we have confirmed that the system can provide transparent accesses to home institutions' resources with easier operations for users and appropriate access controls to the local resources.
Biography: Hisaya Wakayama, received his B.E. and M.E. degrees from Waseda University, Japan, in 2004 and 2006, respectively. In 2006, he joined NEC Corporation, Japan, and is also a researcher for the collaboration with industry, academia and government, at Tohoku University, Japan. His current research interests are wireless communication systems, especially multi-layered mobility systems
|Remark||Room setup: Class Room Shape|