Summary of the todays lecture.. Shibboleth

Today I learnt a new topic ..Shibboleth because of the guest speaker Art Vandenberg. The main Keywords in the lecture were One Identity Management, Federation access Management. The discussion revolves around on single signon and federating software.

Shibboleth specifically addresses the challenges of multiple passwords required for multiple applications, Scaling the account management of multiple applications, Security issues, Privacy, Interoperability within and across organization boundaries, enabling institutions to choose their authentication technology, enabling service providers to control access to their resources.

The presentation helped me in getting deeper understanding of the work processes in our library that uses Shibboleth Pilot Solution. The guest lecture neatly described Shibboleth impact at both source provider and identity provider with a flowchart and screenshots. He has shown a video which explained about federation standards and about the agreement to a trust by an organization. I also understood that an organization needs to take several steps in order for an organization to adapt Shibboleth.

Thank you Dr.Jack for inviting a guest speaker to the class who shared his practical experiences with the case studies of process implemented in our library.

I wonder what the origin or meaning of the name “SHIBBOLETH” is? This is question to the commenters. Waiting for the answers….

Posted by Asha on 10:00 PM


doomsberry said...
this may give u the meaning of the term shibboleth

Jack G. Zheng said...

I think Art will be happy to read this.

Steve Reynolds said...

Shibboleth is any distinguishing practice which is indicative of one's social or regional origin. It usually refers to features of language, and particularly to a word whose pronunciation identifies its speaker as being a member or not a member of a particular group.

The term originates from the Hebrew word "shibbólet" (שִׁבֹּלֶת), which literally means the part of a plant containing grains, such as an ear of corn or a stalk of grain[3] or, in different contexts, "stream, torrent"

Prateek Swastik said...

Nice summary Asha! Just want to add my lecture notes here, to append some more information.

Honorable guest lecturer Mr. Art Vandenberg opened the presentation with he need of Identity Management. Identity management is required to protect Web based resources, and provide authorization mechanism for accessing these resources. It makes sense, we should be able to identify the person (who he is?) before letting him in to use the resource. The Requirements of One Identity Management via implementing Shibboleth, is to have One Identity Management Infrastructure already deployed.

Integrating across traditional applications and data is one of the primary goal of identity management. Moreover, it must operate in inter-organizational collaborative environments. For example, different groups in a university like Students, Staff, Research groups, etc have some unique features but at the same time they might collaborate with other groups too.

At GSU, IS&T department adopts Campus ID as unified name space to enable support for multiple applications.

The underlying data elements for ID management are Directories, Meta directory and application enabling , directory information tree architecture, object classes, OIDS.

Directory Identity Technology leverages DNS for uniqueness of data elements.

The Challeges which IS&T faced in integrating such system was "How to bring directories together – which was solved by applying Novel LDAP system. Now its easy to email a specific group of people.

Enabling Shibboleth:

1. It addresses challenges of multiple passwords, required for multiple applications (Library, department, recreational center, Laboratories etc) and protects privacy.

2. IS&T uses Sun Solaris for Shibboleth origin.

3. At higher level Apache Tomcat, J2SE and open SAML for secure transmission are used.

Thank you Dr. Zheng, for such enlightening lecture. It definitely widened my ken.

Sumantra Sarkar said...

Dr Zheng,
Me a ardent Novell Fan - Novell had a product called iChain ( I think it was later renamed to some thing else - possibly Access Manager) - on the same principles of Identity management - wonder why was this product not looked into since GSU is a Novell Shop anyway....


Asha said...

Steve Thanks for providing the origin of Shibboleth.

And also everybody please refer to the blog of Steve where he has provided detailed description of the origin of the Shibboleth.Its a great resource...

Thanks Steve.

Asha said...

waw,,, Prateek.. it seems u didnt even miss a second of Art lecture :):)

Thanks Prateek for explaining more about Identity Management associated with Shibboleth.

Post a Comment