Single Sign On

Enterprise single sign-on (SSO) adds another enterprise application to the list of mission-critical applications that an institution must support and maintain. This session will demonstrate how institutions are leveraging Central Authentication Service (CAS) to make their web applications more secure and improve user experience. Developed by Yale University, CAS is now supported and maintained by the JA-SIG consortium (www.ja-sig.org).

Hear from one of Shibboleth's developers how USC is using Shibboleth to provide web-based services to federated guests and secure access to Google Apps. Additionally, this presentation will describe the Shibboleth test environment at USC that provides a quicker, easier, and more secure means for departments to integrate their applications.

Texas A&M deployed Shibboleth single sign-on and federating software to control access to on-campus applications as well as licensed third-party course content through the InCommon Federation and the Texas Digital Library initiative. This session will discuss how this infrastructure can be leveraged to address a variety of business needs.

"OpenID is a single sign-on system for the Internet which puts people in charge. OpenID is a user-centric technology which allows a person to have control over how their Identity is both managed and used online. By being decentralised there is no single server with which every OpenID-enabled service and every user must register. Rather, people make their own choice of OpenID Provider, the service that manages their OpenID. "

Following up on the previous topic, this discussion session will explore the issues and strategies presented. In particular, the group will consider institutional practices and determine if commonalities exist.

This session will provide an overview of the Shibboleth System software, its role within an IdM infrastructure, related concepts, the value it provides, and typical implementation sequences. Shibboleth deployment can be separated into three phases: Web SSO authentication, attribute delivery for authorization, and federated authentication/authorization. This session will explore the effect on existing infrastructure and business processes during each phase.

Whether you're implementing your first WebSSO or transitioning to a new one, this session will provide a brief introduction to the concept and business case for intra-campus WebSSO, and an overview of Shibboleth as an option for WebSSO technology and what it does. In addition, the presenters will review technical and management topics such as the minimum IdM services required to get started, an introduction to the Shibboleth architecture and flows, an overview of the installation process, bringing the software from pilot to production, the basics of connecting in applications, required skill sets and resources, deployment costs, as well as policy and business processes.Whether you're implementing your first WebSSO or transitioning to a new one, this session will provide a brief introduction to the concept and business case for intra-campus WebSSO, and an overview of Shibboleth as an option for WebSSO technology and what it does.

For those campuses running Shibboleth, this session will offer topics such as establishing business processes and policies associated with running an intracampus federation, developing governance, and creating strategies and resources for working with and supporting Shibboleth service providers located outside IT.

Building on the phases of deployment, campus representatives will describe their experiences in implementing and using Shibboleth, including their business drivers and case, policy and process, and architectural and application considerations.