Shibboleth (Shibboleth Consortium)
   HOME
*





Shibboleth (Shibboleth Consortium)
Shibboleth is a single sign-on log-in system for computer networks and the Internet. It allows people to sign in using just one identity to various systems run by federations of different organizations or institutions. The federations are often universities or public service organizations. The Shibboleth Internet2 middleware initiative created an architecture and open-source implementation for identity management and federated identity-based authentication and authorization (or access control) infrastructure based on Security Assertion Markup Language (SAML). Federated identity allows the sharing of information about users from one security domain to the other organizations in a federation. This allows for cross-domain single sign-on and removes the need for content providers to maintain user names and passwords. Identity providers (IdPs) supply user information, while service providers (SPs) consume this information and give access to secure content. History The Shibboleth proj ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


Single Sign-on
Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single ID to any of several related, yet independent, software systems. True single sign-on allows the user to log in once and access services without re-entering authentication factors. It should not be confused with same-sign on (Directory Server Authentication), often accomplished by using the Lightweight Directory Access Protocol (LDAP) and stored LDAP databases on (directory) servers. A simple version of single sign-on can be achieved over IP networks using cookies but only if the sites share a common DNS parent domain. For clarity, a distinction is made between Directory Server Authentication (same-sign on) and single sign-on: Directory Server Authentication refers to systems requiring authentication for each application but using the same credentials from a directory server, whereas single sign-on refers to systems where a single authentication provides access to multiple applications by ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

Book Of Judges
The Book of Judges (, ') is the seventh book of the Hebrew Bible and the Christian Old Testament. In the narrative of the Hebrew Bible, it covers the time between the conquest described in the Book of Joshua and the establishment of a kingdom in the Books of Samuel, during which biblical judges served as temporary leaders. The stories follow a consistent pattern: the people are unfaithful to Yahweh; he therefore delivers them into the hands of their enemies; the people repent and entreat Yahweh for mercy, which he sends in the form of a leader or champion (a "judge"; see ''shophet''); the judge delivers the Israelites from oppression and they prosper, but soon they fall again into unfaithfulness and the cycle is repeated. Scholars consider many of the stories in Judges to be the oldest in the Deuteronomistic history, with their major redaction dated to the 8th century BCE and with materials such as the Deborah#The Song of Deborah, Song of Deborah dating from much earlier. Conte ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


Internet Standards
In computer network engineering, an Internet Standard is a normative specification of a technology or methodology applicable to the Internet. Internet Standards are created and published by the Internet Engineering Task Force (IETF). They allow interoperation of hardware and software from different sources which allows internets to function. As the Internet became global, Internet Standards became the lingua franca of worldwide communications. Engineering contributions to the IETF start as an Internet Draft, may be promoted to a Request for Comments, and may eventually become an Internet Standard. An Internet Standard is characterized by technical maturity and usefulness. The IETF also defines a Proposed Standard as a less mature but stable and well-reviewed specification. A Draft Standard was an intermediate level, discontinued in 2011. A Draft Standard was an intermediary step that occurred after a Proposed Standard but prior to an Internet Standard. As put in RFC 2026: In ge ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


OpenAthens
OpenAthens is an identity and access management service, supplied by Jisc, a British not-for-profit information technology services company. Identity provider (IdP) organisations can keep usernames in the cloud, locally or both. Integration with ADFS, LDAP or SAML is supported. ''OpenAthens for Publishers (SP)'' software for service providers supports multiple platforms and federations. Technically the service provides deep packet inspection proxying (in a similar manner to EZproxy) and SAML-based federation, as well as various on-boarding services for institutions, consortia and vendors. History With its origins in a University of Bath initiative to reduce IT procurement costs for itself and other universities, the Athens project was conceived in 1996. Spun off from Bath University through the vehicle of charitable status, Eduserv was established as a not-for-profit organisation in 1999. The service was originally named ''Athena'' after the Greek goddess of knowledge and ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  




Athens (access And Identity Management Service)
OpenAthens is an identity and access management service, supplied by Jisc, a British not-for-profit information technology services company. Identity provider (IdP) organisations can keep usernames in the cloud, locally or both. Integration with ADFS, LDAP or SAML is supported. ''OpenAthens for Publishers (SP)'' software for service providers supports multiple platforms and federations. Technically the service provides deep packet inspection proxying (in a similar manner to EZproxy) and SAML-based federation, as well as various on-boarding services for institutions, consortia and vendors. History With its origins in a University of Bath initiative to reduce IT procurement costs for itself and other universities, the Athens project was conceived in 1996. Spun off from Bath University through the vehicle of charitable status, Eduserv was established as a not-for-profit organisation in 1999. The service was originally named ''Athena'' after the Greek goddess of knowledge and ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


Joint Information Systems Committee
Jisc is a United Kingdom not-for-profit company that provides network and IT services and digital resources in support of further and higher education institutions and research as well as not-for-profits and the public sector. History The Joint Information Systems Committee (JISC) was established on 1 April 1993 under the terms of letters of guidance from the Secretaries of State to the newly established Higher Education Funding Councils for England, Scotland and Wales, inviting them to establish a Joint Committee to deal with networking and specialist information services. JISC was to provide national vision and leadership for the benefit of the entire Higher Education sector. The organisation inherited the functions of the Information Systems Committee (ISC) and the Computer Board, both of which had served universities. An initial challenge was to support a much larger community of institutions, including ex-polytechnics and higher education colleges. The new committe ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

Transport Layer Security
Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible. The TLS protocol aims primarily to provide security, including privacy (confidentiality), integrity, and authenticity through the use of cryptography, such as the use of certificates, between two or more communicating computer applications. It runs in the presentation layer and is itself composed of two layers: the TLS record and the TLS handshake protocols. The closely related Datagram Transport Layer Security (DTLS) is a communications protocol providing security to datagram-based applications. In technical writing you often you will see references to (D)TLS when it applies to both versions. TLS is a proposed Internet Engineering Task Force (IETF) standard, first defined in 1999, and the c ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


Central Authentication Service
The Central Authentication Service (CAS) is a single sign-on protocol for the web. Its purpose is to permit a user to access multiple applications while providing their credentials (such as user ID and password) only once. It also allows web applications to authenticate users without gaining access to a user's security credentials, such as a password. The name ''CAS'' also refers to a software package that implements this protocol. Description The CAS protocol involves at least three parties: a ''client'' web browser, the web ''application'' requesting authentication, and the ''CAS server''. It may also involve a ''back-end service'', such as a database server, that does not have its own HTTP interface but communicates with a web application. When the client visits an application requiring authentication, the application redirects it to CAS. CAS validates the client's authenticity, usually by checking a username and password against a database (such as Kerberos, LDAP or Active ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  




Liberty Alliance
The Liberty Alliance Project was an organization formed in September 2001 to establish standards, guidelines and best practices for identity management in computer systems. It grew to more than 150 organizations, including technology vendors, consumer-facing companies, educational organizations and governments. It released frameworks for federation, identity assurance, an Identity Governance Framework, and Identity Web Services. By 2009, the Kantara Initiative took over the work of the Liberty Alliance. History The group was originally conceived and named by Jeff Veis, at Sun Microsystems based in Menlo Park, California. The initiative's goal, which was personally promoted by Scott McNealy of Sun, was to unify technology, commercial and government organizations to create a standard for federated, identity-based Internet applications as an alternative to technology appearing in the marketplace controlled by a single entity such as Microsoft's Passport. Another Microsoft in ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

SAML 2
Security Assertion Markup Language (SAML, pronounced ''SAM-el'', ) is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is an XML-based markup language for security assertions (statements that service providers use to make access-control decisions). SAML is also: * A set of XML-based protocol messages * A set of protocol message bindings * A set of profiles (utilizing all of the above) An important use case that SAML addresses is web-browser single sign-on (SSO). Single sign-on is relatively easy to accomplish within a security domain (using cookies, for example) but extending SSO across security domains is more difficult and resulted in the proliferation of non-interoperable proprietary technologies. The SAML Web Browser SSO profile was specified and standardized to promote interoperability.J. Hughes et al. ''Profiles for the OASIS Security Assertion Markup Language ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


SAML 1
Security Assertion Markup Language (SAML, pronounced ''SAM-el'', ) is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is an XML-based markup language for security assertions (statements that service providers use to make access-control decisions). SAML is also: * A set of XML-based protocol messages * A set of protocol message bindings * A set of profiles (utilizing all of the above) An important use case that SAML addresses is web-browser single sign-on (SSO). Single sign-on is relatively easy to accomplish within a security domain (using cookies, for example) but extending SSO across security domains is more difficult and resulted in the proliferation of non-interoperable proprietary technologies. The SAML Web Browser SSO profile was specified and standardized to promote interoperability.J. Hughes et al. ''Profiles for the OASIS Security Assertion Markup Language ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]