6815944
doi
10.5281/zenodo.6815944
oai:zenodo.org:6815944
user-cicompass
Drake, Josh
Indiana University
The Federated Identity Management Cookbook
Scott, Erik
RENCI
info:eu-repo/semantics/openAccess
Creative Commons Attribution 4.0 International
https://creativecommons.org/licenses/by/4.0/legalcode
Identity management, federated identity, NSF Major facilities, cyberinfrastructure, CI Compass
<p>One of the basic tasks any Cyberinfrastructure (CI) has to handle is the problem of keeping track of who the users are, what they’re allowed to do, and whether it’s likely they are who they say they are. This is the core of Identity Management, usually abbreviated as IdM. At the simplest, it might be a list of users and passwords on a computer in the back of a lab. National Science Foundation (NSF) Major Facilities (MFs), on the other hand, may have many kinds of users in large numbers of subgroups, many overlapping, some mutually exclusive, and with complicated rulesets determining membership. The problem becomes worse when we face the challenge of applying those rulesets to a large number of data products, instruments, and CI resources. Managing this constellation of capabilities becomes time consuming and prone to errors with substantial impacts.</p>
<p>The goal of this document is twofold. First, we want to provide a few time-tested recipes for building IdM capabilities. This is indeed where our title comes from. Secondly, this report can serve as a quick introduction and primer on topics in IdM with references for further learning.</p>
This work was supported by the National Science Foundation (NSF) Grant #2127548: CI Compass: An NSF Cyberinfrastructure (CI) Center of Excellence for Navigating the Major Facilities Data Lifecycle and NSF Grant #1920430: Trusted CI, the NSF Cybersecurity Center of Excellence.
Zenodo
2022-07-10
info:eu-repo/semantics/report
6815943
user-cicompass
1.0
1657504117.245911
3080984
md5:211fc47f0a516b0f4c93ccf5f464a312
https://zenodo.org/records/6815944/files/idm cookbook final.pdf
public
10.5281/zenodo.6815943
isVersionOf
doi