Unity - one stop IAM & FIM
Printable summary: this is the only section of the abstract that will
be published in the Book of Abstracts.
The demonstration presents an emerging Unity system - a complete identity and (inter-)federation management solution.
Unity allows its users to enable authentication (or login) to their web services using various protocols, with different configurations for many relaying parties. The actual authentication can be performed using the built-in, feature-rich users database or can be delegated to one of supported upstream identity providers (IdPs). The information obtained from upstream IdPs can be flexibly translated and merged with the local database (if needed) and re-exported using other protocols.
While Unity is a new undertaking, being only one and a half year old, it already offers a very high level of service. Hierarchical groups, configurable credentials, automatically and manually assigned attributes with rich value syntax settings and attribute classes are only few examples of what is supported in the local users database. The users management is complemented with a flexible registration support. All of this can be seamlessly integrated with upstream and downstream services.
What is important for the Grid community, Unity contains a dedicated UNICORE plugin. Using this plugin, which extends a standard Unity's SAML IdP endpoint, UNICORE 7 services can be accessed by users who do not have certificates - in a fully web-alike mode. There are ongoing plans to implement other Grid-related plugins for Unity.
Description of content and intended audience- the outcome you expect to achieve.
Intended audience: service providers, ICT project representatives, infrastructure providers.
Contents: Highly dependent on an available timeslot. The base idea is to present: - basics of Unity features: -- users catalogue setup -- attributes -- groups -- members maintenance -- registration form definition -- registration process - integration with upstream Identity Providers using various protocols - features related to authentication management - concrete use-case studies with their realisation
Expected outcome: establishing contact with prospective users of the system, collecting new requirements, initiating collaboration with new partners/projects.
Relevant URL (if any)