Report Open Access

The Federated Identity Management Cookbook

Scott, Erik; Drake, Josh

One of the basic tasks any Cyberinfrastructure (CI) has to handle is the problem of keeping track of who the users are, what they’re allowed to do, and whether it’s likely they are who they say they are. This is the core of Identity Management, usually abbreviated as IdM. At the simplest, it might be a list of users and passwords on a computer in the back of a lab. National Science Foundation (NSF) Major Facilities (MFs), on the other hand, may have many kinds of users in large numbers of subgroups, many overlapping, some mutually exclusive, and with complicated rulesets determining membership. The problem becomes worse when we face the challenge of applying those rulesets to a large number of data products, instruments, and CI resources. Managing this constellation of capabilities becomes time consuming and prone to errors with substantial impacts.

The goal of this document is twofold. First, we want to provide a few time-tested recipes for building IdM capabilities. This is indeed where our title comes from. Secondly, this report can serve as a quick introduction and primer on topics in IdM with references for further learning.

This work was supported by the National Science Foundation (NSF) Grant #2127548: CI Compass: An NSF Cyberinfrastructure (CI) Center of Excellence for Navigating the Major Facilities Data Lifecycle and NSF Grant #1920430: Trusted CI, the NSF Cybersecurity Center of Excellence.
Files (3.1 MB)
Name Size
idm cookbook final.pdf
md5:211fc47f0a516b0f4c93ccf5f464a312
3.1 MB Download
316
291
views
downloads
All versions This version
Views 316316
Downloads 291291
Data volume 896.6 MB896.6 MB
Unique views 294294
Unique downloads 257257

Share

Cite as