. .
SEARCH
LOGIN
Enter your username and password here in order to log on to the website:

Abstract


Identity Federation is one of the key concepts of SPIKE to support "virtual organizations", their fast setup, comfortable maintenance and orderly closing. Despite the fact to aim at a flexible collaboration the aspect of security must not be disregarded. Authentication of collaboration partners and their authorization – based on attributes – remain inevitable.

This deliverable describes the mechanisms from which collaboration partners, registered at the SPIKE platform, will be authenticated by using a standardized identity federation protocol – Shibboleth. It is shown how the identity data of a company, using its own IDMS, can be integrated into the SPIKE platform and what a company has to setup from a technical point of view so that its employees can be authenticated via Shibboleth.

Further an approach is presented suitable for mostly SMEs which do not have an own IDMS.

 


Executive Summary


The current report presents the implemented results of SPIKE’s identity federation approach. Based on the standardized Shibboleth protocol it is shown how the identity data of a company, which is interested in taking part in collaborations, can be integrated.

For companies not having an own IDMS, SPIKE foresees the possibility to store identity data in its own IDMS. We describe here how to enable this. If a company has its own IDMS, Shibboleth offers the possibility to authenticate users from that company by delegating the authentication role to the company’s IDMS.

Referring to the role model of the application case "Identity Federation" of deliverable D2.2, the technical effort that a SPIKE administrator has to spend is shown. This effort must not be underestimated. The most obvious advantage of using federations is to avoid redundant identity data and especially the data maintenance effort (e.g. password reset) by making use of and trust SPIKE "external" IDMS.

 


Download


You can download a short version of this document here:

D7.4: Identity Management Service

 

In order to obtain the full content of this document, please use the contact form below:

 



CONTACT
This form allows you to get in contact with the SPIKE development team in case you have further questions.

Company:
*Contact person:
Zip/City:
  
Country:
*E-Mail:
Inquires:
Please fill in all required fields marked with an asterisk (*)