IdentityPrimer

From Cheaha
Jump to navigation Jump to search


Attention: Research Computing Documentation has Moved
https://docs.rc.uab.edu/


Please use the new documentation url https://docs.rc.uab.edu/ for all Research Computing documentation needs.


As a result of this move, we have deprecated use of this wiki for documentation. We are providing read-only access to the content to facilitate migration of bookmarks and to serve as an historical record. All content updates should be made at the new documentation site. The original wiki will not receive further updates.

Thank you,

The Research Computing Team

UABgrid Identity Primer

UABgrid supplies reliable and familiar user identities to applications. These identities can be used across all parts of your collaboration platform including web-based collaboration tools, grid-based computational workflows, or traditional desktop applications. Whether your collaboration platform is a single Wiki maintained by your research group on-campus or a collection of tools that orchestrate a complex workflow spanning resources in your department, across campus and at collaborator sites, UABgrid delivers a consistent and reliable user identity for each member of your collaboration.

The UABgrid identity management service makes common user administration tasks simple and complex multi-domain collaboration scenarios possible. UABgrid lets you authenticate with your [UAB BlazerID] and uses it as the foundation for a consistent identity across applications. UABgrid allows your collaborators to authenticate with their own institutional identity systems in the same way that you authenticate with your BlazerID and reliably supplies their institutional user identity to your applications. In other words, your collaborators don't need to get a BlazerID in order to begin using web applications or other resources you want to share with them.

These identity services are made possible with a standards based infrastructure designed to isolate the complexities of securely and reliably authenticating users from the common operational processes of authorizing access to restricted resources.

In order to better understand how to leverage the UABgrid identity management services in your collaborations, it's helpful to get an understanding of what "identity" is and how it can be used across the Internet.

References

The Identity Process Deconstructed, NIST SmartCard Workshop, June 6-8, 2003. - Good 28 slide presentation that covers identity terminology and processes at a high level.

Electronic Authentication Guideline, NIST Special Publication 800-63, April 2006. - Complete description of federal e-authentication requirements. E-Auth levels 1-4 are covered on pages 30-38.

Policy, Trust, and Technology: Mitigating Risk in the Digital World, David Wasley, Educause CAMP 2006 - Overview of various issues related to identity approaches. “Assurance Levels” slide has 4 bullet digest of how various levels assurance are useful.

An Ontology of Identity Credentials, NIST Draft Special Publication 800-103, October 2006 - Comprehensive guide to identity practices. An informative read is the section on state drivers licenses and US Passports, pages 46-53.