SlideShare a Scribd company logo

Trust and identity - enabling intra- and inter-organisational authentication and authorisation

Jisc
Jisc

A presentation from Networkshop48 by Rhys Smith, chief technical architect, trust and identity, Jisc and Mark Williams, UK Access Management Federation manager, Jisc. Jisc has a range of trust and identity services that enable intra- and inter-organisational authentication and authorisation. These already play a key part in enabling on- and off- campus access to both internal resources (such as VLEs) and external resources (e-books, journals, collaboration tools). In these extraordinary times, these are more important than ever.

Technology
1 of 31
Download to read offline
Trust and identity: Enabling intra- and inter-organisational authentication and authorisation Dr Rhys Smith, chief technical architect, Trust and identity, Jisc
• Dr Rhys Smith – Chief technical architect, Trust and identity (Jisc) • Mark Williams – UK federation service manager (Jisc) Speakers Enabling intra- and inter-organisational authentication and authorisation2
• What’s the main aim of Jisc’s Trust and identity portfolio? • What are Jisc’s Trust and identity services and what do they do? • Which services can help during the Covid-19 crisis, and how? • Q&A and community discussion Agenda Enabling intra- and inter-organisational authentication and authorisation3
“Easy and secure access to anything, anywhere, anytime” All of Jisc’s Trust and identity services revolve around enabling all aspects of this proposition.
Jisc’s Trust and identity services UKfederation Assent Shibboleth Managedservices Certificateservice Studentvoter Helpdesk VerifID Consultancy Member and professional services Federation Identity and access Domainregistry Verification Enabling intra- and inter-organisational authentication and authorisation5
Federation services Enabling intra- and inter-organisational authentication and authorisation6 • These are underlying trust infrastructure to enable federated authentication / authorisation between members - Solves the problem of N2 interactions • At the business and at the technical level UKfederation Assent Federation
Identity and access Enabling intra- and inter-organisational authentication and authorisation7 • Software and services to help members make use of our services, where appropriate Shibboleth ManagedServices Identity and access
Verification Enabling intra- and inter-organisational authentication and authorisation8 • Ensures the secure validation of various aspects of our membership’s interactions with each other Certificateservice Studentvoter VerifID DomainregistryVerification
Member and professional services Enabling intra- and inter-organisational authentication and authorisation9 • Providing help, support and guidance on the use of all of our services Helpdesk Consultancy Member and professional services
Quality assurance and information security Enabling intra- and inter-organisational authentication and authorisation10 All of the T&I services are included within Jisc’s ISO 9001 and 27001 scopes
Federation services
UK Access Management Federation 12 Enabling intra- and inter-organisational authentication and authorisation Web single sign-on federation • Cross-organizational SSO to web resources • Est. 2006, part of the Jisc core subscription • Vendor-agnostic (SAML based) • ~1200 members, ~2,500 entities - 100% of HE, ~80% of FE, also schools, government, libraries, NHS, etc • Global Inter-federation with 68 other countries via eduGAIN - ~7,000 entities total
Assent 13 Enabling intra- and inter-organisational authentication and authorisation Non-web single sign-on federation • Cross-organisational access to non- web resources (eg SSH) • Est. 2015, part of the Jisc core subscription • Vendor-agnostic (ABFAB based) • Primarily aimed at research and complex virtual organisations with complex services and requirements
Identity and access
Shibboleth 15 Enabling intra- and inter-organisational authentication and authorisation Open source, standards based, software • Jisc is a board member and Principal Member of the Shibboleth Consortium on behalf of our community • The consortium ensures the development, maintenance and sustainability of the Shibboleth software • Software is free to use and open source • ~70% of entities in the UK federation use Shibboleth
Managed services 16 Enabling intra- and inter-organisational authentication and authorisation Currently in development… Watch this space
Verification services
Certificate service 18 Enabling intra- and inter-organisational authentication and authorisation Verifies: Web services • We are a registration authority for issuing SSL (TLS) and email certificates to secure web services • Provides significant discount and cost- savings for our members • Free to join, per-certificate cost at present • Issued hundreds of thousands of certs • Reprocuring this year – watch this space for exciting news!
Student voter registration 19 Enabling intra- and inter-organisational authentication and authorisation Verifies: Student voter enrolment • Promotes civic engagement and helps an organisation meet its statutory requirements from the OfS • Shared service for students to register their term-time and home-time address to government to be able to vote in local and national elections • Additional paid-for service over and above Jisc membership
Domain Registry 20 Enabling intra- and inter-organisational authentication and authorisation Verifies: DNS names • Jisc is the domain registrar for: - .ac.uk - .gov.uk (on behalf of Cabinet Office) - .gov.scot (on behalf of Scottish Government) - .gov.wales / llyw.cymru (on behalf of Welsh Government) • Free to join, per-domain cost • Tens of thousands of domains managed • We verify all requests and therefore the underlying trust framework • (Jisc also runs the DNS itself)
VerifID 21 Enabling intra- and inter-organisational authentication and authorisation Verifies: Studentness! • Commercial verification of student status • Uses UK federation as source of data • Currently mostly used by providers of student discount • Paid-for service (by providers), per verification • Helps subsidise the UK federation • To ensure optimal student experience: - Ensure you are releasing “student” affiliation value as appropriate
Member and professional services
T&I helpdesk 23 Enabling intra- and inter-organisational authentication and authorisation Free support and guidance • Provides help, support and guidance for using any of the T&I services • Email trustandidentity@jisc.ac.uk or call 0300 300 2212.
T&I consultancy 24 Enabling intra- and inter-organisational authentication and authorisation Paid-for bespoke support • For those with needs beyond our free helpdesk support • Targeted bespoke support, advice, training • Remote or in-person • One-off engagements through to retained expertise • Covers UK federation, Assent, eduroam, govroam, Identity Management, etc
Jisc trust and identity services and Covid-19
Covid-19 and Jisc’s T&I services Enabling intra- and inter-organisational authentication and authorisation26 Largely business as usual • Our trust and identity services are designed to facilitate easy and secure access to anything, anywhere, anytime • Importance of the services has increased, but general requirements are the same • All staff now working from home, of course, but hasn’t impacted any of our service or helpdesk offerings due to extensive pre-existing BCP planning
Specific changes Enabling intra- and inter-organisational authentication and authorisation27 However, some tweaking was desirable • Instituted service-wide change freeze during lockdown - Stability and reliable of services is paramount while membership adapts to new circumstances • UK federation metadata validity period temporarily increased - To ensure additional time to respond to issues in the management processes • Increased priority of support for gov.uk domain registry - Primary source of interaction between public and government • Domain suspension/expiry policy temporarily relaxed - Ensuring domains don’t “accidentally” expire (may be missed in the mayhem)
Some advice and guidance Enabling intra- and inter-organisational authentication and authorisation28 Across the services • Secure SSO to internal and external resources now of paramount importance - Ensure your UK federation IdP (whatever flavour) is up to date and configured correctly - Consider adopting R&S support in your IdP to enable your researchers to more easily collaborate on Covid-19 related research • Users are now primarily off-premise, BYOD usage increased - If you have any internally signed certificates, consider swapping for properly supported certs via our certificate service for fewer issues on non-managed devices
• Free health-check for UK federation Shibboleth IdPs - Offered on a first-come-first-served basis, Shib IdP v3+ only - Usually undertaken remotely via our consultancy service - Ensure your Shib IdP is fully functioning and safe (OS patch state and IdP version checking, attribute and attribute release configuration check, resource checking, etc) • Free three hours consultancy to help deal with any simple issues highlighted in the health-check • To register your interest, email trustandidentity@jisc.ac.uk Offerings to the membership Enabling intra- and inter-organisational authentication and authorisation29
Discussion and Q&A Facilitated by Mark Williams
Dr Rhys Smith Chief technical architect, trust and identity rhys.smith@jisc.ac.uk 4 Portwall Lane, Bristol, BS1 6NB Thankyou customerservices@jisc.ac.uk jisc.ac.uk

Recommended

How gbics is helping education and research organisations
How gbics is helping education and research organisationsHow gbics is helping education and research organisations
How gbics is helping education and research organisationsJisc
 
ibtekkar Company Profile-New
ibtekkar Company Profile-New ibtekkar Company Profile-New
ibtekkar Company Profile-New Manal Hammoud
 
Geant cloud peering-v2
Geant cloud peering-v2Geant cloud peering-v2
Geant cloud peering-v2Archiver
 
1-7 P2PMS P2P-Next
1-7 P2PMS P2P-Next1-7 P2PMS P2P-Next
1-7 P2PMS P2P-Nextskame
 
Session initiation protocol (sip) the force awakens in the Janet network comm...
Session initiation protocol (sip) the force awakens in the Janet network comm...Session initiation protocol (sip) the force awakens in the Janet network comm...
Session initiation protocol (sip) the force awakens in the Janet network comm...Jisc
 
Anixter
AnixterAnixter
Anixterrrakib
 
ION Malta - IPv6 Case Study: Finland
ION Malta - IPv6 Case Study: FinlandION Malta - IPv6 Case Study: Finland
ION Malta - IPv6 Case Study: FinlandDeploy360 Programme (Internet Society)
 
Jisc RSC Eastern Technical Managers forum 'Janet' presentation
Jisc RSC Eastern Technical Managers forum 'Janet' presentationJisc RSC Eastern Technical Managers forum 'Janet' presentation
Jisc RSC Eastern Technical Managers forum 'Janet' presentationJISC RSC Eastern
 

Recommended

How gbics is helping education and research organisations
How gbics is helping education and research organisationsHow gbics is helping education and research organisations
How gbics is helping education and research organisationsJisc
 
ibtekkar Company Profile-New
ibtekkar Company Profile-New ibtekkar Company Profile-New
ibtekkar Company Profile-New Manal Hammoud
 
Geant cloud peering-v2
Geant cloud peering-v2Geant cloud peering-v2
Geant cloud peering-v2Archiver
 
1-7 P2PMS P2P-Next
1-7 P2PMS P2P-Next1-7 P2PMS P2P-Next
1-7 P2PMS P2P-Nextskame
 
Session initiation protocol (sip) the force awakens in the Janet network comm...
Session initiation protocol (sip) the force awakens in the Janet network comm...Session initiation protocol (sip) the force awakens in the Janet network comm...
Session initiation protocol (sip) the force awakens in the Janet network comm...Jisc
 
Anixter
AnixterAnixter
Anixterrrakib
 
ION Malta - IPv6 Case Study: Finland
ION Malta - IPv6 Case Study: FinlandION Malta - IPv6 Case Study: Finland
ION Malta - IPv6 Case Study: FinlandDeploy360 Programme (Internet Society)
 
Jisc RSC Eastern Technical Managers forum 'Janet' presentation
Jisc RSC Eastern Technical Managers forum 'Janet' presentationJisc RSC Eastern Technical Managers forum 'Janet' presentation
Jisc RSC Eastern Technical Managers forum 'Janet' presentationJISC RSC Eastern
 
Actions against DNS security issues which .JP faced
Actions against DNS security issues which .JP facedActions against DNS security issues which .JP faced
Actions against DNS security issues which .JP facedAPNIC
 
ZyXEL Introduction
ZyXEL IntroductionZyXEL Introduction
ZyXEL IntroductionZyxel Communications Corp.
 
FTTH Demand Drivers
FTTH Demand DriversFTTH Demand Drivers
FTTH Demand DriversMartin Gutberlet
 
Servo Overview
Servo OverviewServo Overview
Servo Overviewdgarfit
 
Bcf associate member presentation
Bcf associate member presentationBcf associate member presentation
Bcf associate member presentationAnnabelleRobertson2
 
Exhibitor session: Ciena
Exhibitor session: CienaExhibitor session: Ciena
Exhibitor session: CienaJisc
 
Bcf associate member presentation
Bcf associate member presentationBcf associate member presentation
Bcf associate member presentationAnnabelleRobertson2
 
OCRE Project overview by David Heyns, GÉANT
OCRE Project overview by David Heyns, GÉANTOCRE Project overview by David Heyns, GÉANT
OCRE Project overview by David Heyns, GÉANTOCRE | Open Clouds for Research Environments
 
ZyXEL Profile
ZyXEL ProfileZyXEL Profile
ZyXEL Profilezyxelamerica
 
LightowerCorporateOverview April 2016
LightowerCorporateOverview April 2016LightowerCorporateOverview April 2016
LightowerCorporateOverview April 2016Mandy Lintz
 
Microsoft PowerPoint - Desktop Video Conferencing 2009
Microsoft PowerPoint - Desktop Video Conferencing 2009Microsoft PowerPoint - Desktop Video Conferencing 2009
Microsoft PowerPoint - Desktop Video Conferencing 2009Videoguy
 
Trust and identity
Trust and identityTrust and identity
Trust and identityJisc
 
eduTEAMS
eduTEAMSeduTEAMS
eduTEAMSJisc
 
US Digital Immigration Credentials Overview
US Digital Immigration Credentials OverviewUS Digital Immigration Credentials Overview
US Digital Immigration Credentials OverviewAnil John
 
Jisc trust and identity update
Jisc trust and identity updateJisc trust and identity update
Jisc trust and identity updateJisc
 
HSCIC: NHS Pathways - Intelligent Data Toolkit
HSCIC: NHS Pathways - Intelligent Data ToolkitHSCIC: NHS Pathways - Intelligent Data Toolkit
HSCIC: NHS Pathways - Intelligent Data ToolkitThe Health and Social Care Information Centre
 
IT4 Foundation vir kahoot v22.3.pptx
IT4 Foundation vir kahoot v22.3.pptxIT4 Foundation vir kahoot v22.3.pptx
IT4 Foundation vir kahoot v22.3.pptxScottDickenson2
 
IT Manager, Leader, Excellent Communicator, and negotiator
IT Manager, Leader, Excellent Communicator, and negotiatorIT Manager, Leader, Excellent Communicator, and negotiator
IT Manager, Leader, Excellent Communicator, and negotiatorGrigory Vainberg
 
Shaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital IdentityShaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital IdentityNoreen Whysel
 
Intranet Case Studies
Intranet Case StudiesIntranet Case Studies
Intranet Case StudiesPrescient Digital Media
 
Intranet Case Studies
Intranet Case StudiesIntranet Case Studies
Intranet Case StudiesToby Ward
 
HE archives and accreditation
HE archives and accreditationHE archives and accreditation
HE archives and accreditationMelinda Haunton
 

More Related Content

What's hot

Actions against DNS security issues which .JP faced
Actions against DNS security issues which .JP facedActions against DNS security issues which .JP faced
Actions against DNS security issues which .JP facedAPNIC
 
Servo Overview
Servo OverviewServo Overview
Servo Overviewdgarfit
 
Bcf associate member presentation
Bcf associate member presentationBcf associate member presentation
Bcf associate member presentationAnnabelleRobertson2
 
Exhibitor session: Ciena
Exhibitor session: CienaExhibitor session: Ciena
Exhibitor session: CienaJisc
 
Bcf associate member presentation
Bcf associate member presentationBcf associate member presentation
Bcf associate member presentationAnnabelleRobertson2
 
LightowerCorporateOverview April 2016
LightowerCorporateOverview April 2016LightowerCorporateOverview April 2016
LightowerCorporateOverview April 2016Mandy Lintz
 
Microsoft PowerPoint - Desktop Video Conferencing 2009
Microsoft PowerPoint - Desktop Video Conferencing 2009Microsoft PowerPoint - Desktop Video Conferencing 2009
Microsoft PowerPoint - Desktop Video Conferencing 2009Videoguy
 

What's hot (11)

Actions against DNS security issues which .JP faced
Actions against DNS security issues which .JP facedActions against DNS security issues which .JP faced
Actions against DNS security issues which .JP faced
 
ZyXEL Introduction
ZyXEL IntroductionZyXEL Introduction
ZyXEL Introduction
 
FTTH Demand Drivers
FTTH Demand DriversFTTH Demand Drivers
FTTH Demand Drivers
 
Servo Overview
Servo OverviewServo Overview
Servo Overview
 
Bcf associate member presentation
Bcf associate member presentationBcf associate member presentation
Bcf associate member presentation
 
Exhibitor session: Ciena
Exhibitor session: CienaExhibitor session: Ciena
Exhibitor session: Ciena
 
Bcf associate member presentation
Bcf associate member presentationBcf associate member presentation
Bcf associate member presentation
 
OCRE Project overview by David Heyns, GÉANT
OCRE Project overview by David Heyns, GÉANTOCRE Project overview by David Heyns, GÉANT
OCRE Project overview by David Heyns, GÉANT
 
ZyXEL Profile
ZyXEL ProfileZyXEL Profile
ZyXEL Profile
 
LightowerCorporateOverview April 2016
LightowerCorporateOverview April 2016LightowerCorporateOverview April 2016
LightowerCorporateOverview April 2016
 
Microsoft PowerPoint - Desktop Video Conferencing 2009
Microsoft PowerPoint - Desktop Video Conferencing 2009Microsoft PowerPoint - Desktop Video Conferencing 2009
Microsoft PowerPoint - Desktop Video Conferencing 2009
 

Similar to Trust and identity - enabling intra- and inter-organisational authentication and authorisation

Trust and identity
Trust and identityTrust and identity
Trust and identityJisc
 
eduTEAMS
eduTEAMSeduTEAMS
eduTEAMSJisc
 
US Digital Immigration Credentials Overview
US Digital Immigration Credentials OverviewUS Digital Immigration Credentials Overview
US Digital Immigration Credentials OverviewAnil John
 
Jisc trust and identity update
Jisc trust and identity updateJisc trust and identity update
Jisc trust and identity updateJisc
 
IT4 Foundation vir kahoot v22.3.pptx
IT4 Foundation vir kahoot v22.3.pptxIT4 Foundation vir kahoot v22.3.pptx
IT4 Foundation vir kahoot v22.3.pptxScottDickenson2
 
IT Manager, Leader, Excellent Communicator, and negotiator
IT Manager, Leader, Excellent Communicator, and negotiatorIT Manager, Leader, Excellent Communicator, and negotiator
IT Manager, Leader, Excellent Communicator, and negotiatorGrigory Vainberg
 
Shaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital IdentityShaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital IdentityNoreen Whysel
 
Intranet Case Studies
Intranet Case StudiesIntranet Case Studies
Intranet Case StudiesToby Ward
 
HE archives and accreditation
HE archives and accreditationHE archives and accreditation
HE archives and accreditationMelinda Haunton
 
'Change the game' conference june 2015 nick eatock
'Change the game' conference june 2015 nick eatock'Change the game' conference june 2015 nick eatock
'Change the game' conference june 2015 nick eatockVictor Oppong
 
Digital Transformation Business Evolution
Digital Transformation Business Evolution Digital Transformation Business Evolution
Digital Transformation Business Evolution Digital Catapult
 
UNICOM Conference on Digital Transformation - The Trust Framework Initiative ...
UNICOM Conference on Digital Transformation - The Trust Framework Initiative ...UNICOM Conference on Digital Transformation - The Trust Framework Initiative ...
UNICOM Conference on Digital Transformation - The Trust Framework Initiative ...MicheleNati
 
dkNET Webinar - Vivli: A Global Clinical Trials Data Sharing Platform 12/11/2020
dkNET Webinar - Vivli: A Global Clinical Trials Data Sharing Platform 12/11/2020dkNET Webinar - Vivli: A Global Clinical Trials Data Sharing Platform 12/11/2020
dkNET Webinar - Vivli: A Global Clinical Trials Data Sharing Platform 12/11/2020dkNET
 
Business archives and accreditation
Business archives and accreditation Business archives and accreditation
Business archives and accreditation Melinda Haunton
 
Academic affiliate overview - higher education
Academic affiliate overview - higher education Academic affiliate overview - higher education
Academic affiliate overview - higher education NidhiShuklaMCMI
 
CIRAS @ icce conference
CIRAS @ icce conferenceCIRAS @ icce conference
CIRAS @ icce conferenceJeff Zahn
 
Knowledge Management
Knowledge ManagementKnowledge Management
Knowledge ManagementKaran Abrol
 

Similar to Trust and identity - enabling intra- and inter-organisational authentication and authorisation (20)

Trust and identity
Trust and identityTrust and identity
Trust and identity
 
eduTEAMS
eduTEAMSeduTEAMS
eduTEAMS
 
US Digital Immigration Credentials Overview
US Digital Immigration Credentials OverviewUS Digital Immigration Credentials Overview
US Digital Immigration Credentials Overview
 
Jisc trust and identity update
Jisc trust and identity updateJisc trust and identity update
Jisc trust and identity update
 
HSCIC: NHS Pathways - Intelligent Data Toolkit
HSCIC: NHS Pathways - Intelligent Data ToolkitHSCIC: NHS Pathways - Intelligent Data Toolkit
HSCIC: NHS Pathways - Intelligent Data Toolkit
 
IT4 Foundation vir kahoot v22.3.pptx
IT4 Foundation vir kahoot v22.3.pptxIT4 Foundation vir kahoot v22.3.pptx
IT4 Foundation vir kahoot v22.3.pptx
 
IT Manager, Leader, Excellent Communicator, and negotiator
IT Manager, Leader, Excellent Communicator, and negotiatorIT Manager, Leader, Excellent Communicator, and negotiator
IT Manager, Leader, Excellent Communicator, and negotiator
 
Shaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital IdentityShaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital Identity
 
Intranet Case Studies
Intranet Case StudiesIntranet Case Studies
Intranet Case Studies
 
Intranet Case Studies
Intranet Case StudiesIntranet Case Studies
Intranet Case Studies
 
HE archives and accreditation
HE archives and accreditationHE archives and accreditation
HE archives and accreditation
 
NWCSC March 2022 event.pptx
NWCSC March 2022 event.pptxNWCSC March 2022 event.pptx
NWCSC March 2022 event.pptx
 
'Change the game' conference june 2015 nick eatock
'Change the game' conference june 2015 nick eatock'Change the game' conference june 2015 nick eatock
'Change the game' conference june 2015 nick eatock
 
Digital Transformation Business Evolution
Digital Transformation Business Evolution Digital Transformation Business Evolution
Digital Transformation Business Evolution
 
UNICOM Conference on Digital Transformation - The Trust Framework Initiative ...
UNICOM Conference on Digital Transformation - The Trust Framework Initiative ...UNICOM Conference on Digital Transformation - The Trust Framework Initiative ...
UNICOM Conference on Digital Transformation - The Trust Framework Initiative ...
 
dkNET Webinar - Vivli: A Global Clinical Trials Data Sharing Platform 12/11/2020
dkNET Webinar - Vivli: A Global Clinical Trials Data Sharing Platform 12/11/2020dkNET Webinar - Vivli: A Global Clinical Trials Data Sharing Platform 12/11/2020
dkNET Webinar - Vivli: A Global Clinical Trials Data Sharing Platform 12/11/2020
 
Business archives and accreditation
Business archives and accreditation Business archives and accreditation
Business archives and accreditation
 
Academic affiliate overview - higher education
Academic affiliate overview - higher education Academic affiliate overview - higher education
Academic affiliate overview - higher education
 
CIRAS @ icce conference
CIRAS @ icce conferenceCIRAS @ icce conference
CIRAS @ icce conference
 
Knowledge Management
Knowledge ManagementKnowledge Management
Knowledge Management
 

More from Jisc

Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxJisc
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jisc
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxJisc
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Jisc
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...Jisc
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxJisc
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxJisc
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Jisc
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...Jisc
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptxJisc
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxJisc
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxJisc
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxJisc
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJisc
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxJisc
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber EssentialsJisc
 

More from Jisc (20)

Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptx
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptx
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptx
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptx
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptx
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptx
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptx
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptx
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber Essentials
 

Recently uploaded

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...apidays
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 

Recently uploaded (20)

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 

Trust and identity - enabling intra- and inter-organisational authentication and authorisation

  • 1. Trust and identity: Enabling intra- and inter-organisational authentication and authorisation Dr Rhys Smith, chief technical architect, Trust and identity, Jisc
  • 2. • Dr Rhys Smith – Chief technical architect, Trust and identity (Jisc) • Mark Williams – UK federation service manager (Jisc) Speakers Enabling intra- and inter-organisational authentication and authorisation2
  • 3. • What’s the main aim of Jisc’s Trust and identity portfolio? • What are Jisc’s Trust and identity services and what do they do? • Which services can help during the Covid-19 crisis, and how? • Q&A and community discussion Agenda Enabling intra- and inter-organisational authentication and authorisation3
  • 4. “Easy and secure access to anything, anywhere, anytime” All of Jisc’s Trust and identity services revolve around enabling all aspects of this proposition.
  • 5. Jisc’s Trust and identity services UKfederation Assent Shibboleth Managedservices Certificateservice Studentvoter Helpdesk VerifID Consultancy Member and professional services Federation Identity and access Domainregistry Verification Enabling intra- and inter-organisational authentication and authorisation5
  • 6. Federation services Enabling intra- and inter-organisational authentication and authorisation6 • These are underlying trust infrastructure to enable federated authentication / authorisation between members - Solves the problem of N2 interactions • At the business and at the technical level UKfederation Assent Federation
  • 7. Identity and access Enabling intra- and inter-organisational authentication and authorisation7 • Software and services to help members make use of our services, where appropriate Shibboleth ManagedServices Identity and access
  • 8. Verification Enabling intra- and inter-organisational authentication and authorisation8 • Ensures the secure validation of various aspects of our membership’s interactions with each other Certificateservice Studentvoter VerifID DomainregistryVerification
  • 9. Member and professional services Enabling intra- and inter-organisational authentication and authorisation9 • Providing help, support and guidance on the use of all of our services Helpdesk Consultancy Member and professional services
  • 10. Quality assurance and information security Enabling intra- and inter-organisational authentication and authorisation10 All of the T&I services are included within Jisc’s ISO 9001 and 27001 scopes
  • 12. UK Access Management Federation 12 Enabling intra- and inter-organisational authentication and authorisation Web single sign-on federation • Cross-organizational SSO to web resources • Est. 2006, part of the Jisc core subscription • Vendor-agnostic (SAML based) • ~1200 members, ~2,500 entities - 100% of HE, ~80% of FE, also schools, government, libraries, NHS, etc • Global Inter-federation with 68 other countries via eduGAIN - ~7,000 entities total
  • 13. Assent 13 Enabling intra- and inter-organisational authentication and authorisation Non-web single sign-on federation • Cross-organisational access to non- web resources (eg SSH) • Est. 2015, part of the Jisc core subscription • Vendor-agnostic (ABFAB based) • Primarily aimed at research and complex virtual organisations with complex services and requirements
  • 15. Shibboleth 15 Enabling intra- and inter-organisational authentication and authorisation Open source, standards based, software • Jisc is a board member and Principal Member of the Shibboleth Consortium on behalf of our community • The consortium ensures the development, maintenance and sustainability of the Shibboleth software • Software is free to use and open source • ~70% of entities in the UK federation use Shibboleth
  • 16. Managed services 16 Enabling intra- and inter-organisational authentication and authorisation Currently in development… Watch this space
  • 18. Certificate service 18 Enabling intra- and inter-organisational authentication and authorisation Verifies: Web services • We are a registration authority for issuing SSL (TLS) and email certificates to secure web services • Provides significant discount and cost- savings for our members • Free to join, per-certificate cost at present • Issued hundreds of thousands of certs • Reprocuring this year – watch this space for exciting news!
  • 19. Student voter registration 19 Enabling intra- and inter-organisational authentication and authorisation Verifies: Student voter enrolment • Promotes civic engagement and helps an organisation meet its statutory requirements from the OfS • Shared service for students to register their term-time and home-time address to government to be able to vote in local and national elections • Additional paid-for service over and above Jisc membership
  • 20. Domain Registry 20 Enabling intra- and inter-organisational authentication and authorisation Verifies: DNS names • Jisc is the domain registrar for: - .ac.uk - .gov.uk (on behalf of Cabinet Office) - .gov.scot (on behalf of Scottish Government) - .gov.wales / llyw.cymru (on behalf of Welsh Government) • Free to join, per-domain cost • Tens of thousands of domains managed • We verify all requests and therefore the underlying trust framework • (Jisc also runs the DNS itself)
  • 21. VerifID 21 Enabling intra- and inter-organisational authentication and authorisation Verifies: Studentness! • Commercial verification of student status • Uses UK federation as source of data • Currently mostly used by providers of student discount • Paid-for service (by providers), per verification • Helps subsidise the UK federation • To ensure optimal student experience: - Ensure you are releasing “student” affiliation value as appropriate
  • 23. T&I helpdesk 23 Enabling intra- and inter-organisational authentication and authorisation Free support and guidance • Provides help, support and guidance for using any of the T&I services • Email trustandidentity@jisc.ac.uk or call 0300 300 2212.
  • 24. T&I consultancy 24 Enabling intra- and inter-organisational authentication and authorisation Paid-for bespoke support • For those with needs beyond our free helpdesk support • Targeted bespoke support, advice, training • Remote or in-person • One-off engagements through to retained expertise • Covers UK federation, Assent, eduroam, govroam, Identity Management, etc
  • 25. Jisc trust and identity services and Covid-19
  • 26. Covid-19 and Jisc’s T&I services Enabling intra- and inter-organisational authentication and authorisation26 Largely business as usual • Our trust and identity services are designed to facilitate easy and secure access to anything, anywhere, anytime • Importance of the services has increased, but general requirements are the same • All staff now working from home, of course, but hasn’t impacted any of our service or helpdesk offerings due to extensive pre-existing BCP planning
  • 27. Specific changes Enabling intra- and inter-organisational authentication and authorisation27 However, some tweaking was desirable • Instituted service-wide change freeze during lockdown - Stability and reliable of services is paramount while membership adapts to new circumstances • UK federation metadata validity period temporarily increased - To ensure additional time to respond to issues in the management processes • Increased priority of support for gov.uk domain registry - Primary source of interaction between public and government • Domain suspension/expiry policy temporarily relaxed - Ensuring domains don’t “accidentally” expire (may be missed in the mayhem)
  • 28. Some advice and guidance Enabling intra- and inter-organisational authentication and authorisation28 Across the services • Secure SSO to internal and external resources now of paramount importance - Ensure your UK federation IdP (whatever flavour) is up to date and configured correctly - Consider adopting R&S support in your IdP to enable your researchers to more easily collaborate on Covid-19 related research • Users are now primarily off-premise, BYOD usage increased - If you have any internally signed certificates, consider swapping for properly supported certs via our certificate service for fewer issues on non-managed devices
  • 29. • Free health-check for UK federation Shibboleth IdPs - Offered on a first-come-first-served basis, Shib IdP v3+ only - Usually undertaken remotely via our consultancy service - Ensure your Shib IdP is fully functioning and safe (OS patch state and IdP version checking, attribute and attribute release configuration check, resource checking, etc) • Free three hours consultancy to help deal with any simple issues highlighted in the health-check • To register your interest, email trustandidentity@jisc.ac.uk Offerings to the membership Enabling intra- and inter-organisational authentication and authorisation29
  • 30. Discussion and Q&A Facilitated by Mark Williams
  • 31. Dr Rhys Smith Chief technical architect, trust and identity rhys.smith@jisc.ac.uk 4 Portwall Lane, Bristol, BS1 6NB Thankyou customerservices@jisc.ac.uk jisc.ac.uk