Version 65 - History - CSSO - EDIT - EDIT Project Management

CSSO » History » Version 65

Lutz Suhrbier, 08/23/2010 04:32 PM

 Lutz Suhrbier
-Lutz Suhrbier
+# Community Single Sign-On (CSSO) security infrastructure
 Lutz Suhrbier
-Lutz Suhrbier
+-------
 Lutz Suhrbier
-Lutz Suhrbier
+The aim of EDIT's Community Single Sign-On (CSSO) security infrastructure is integrating various EDIT service providers into the platform such as registered users of the EDIT community may access these services using a single EDIT identity only. Simultaneously, the CSSO security infrastructure respects the requirements of many biodiverity service providers to remain the sovereigns of their resources and services offered. That means, service providers may define and enforce individual access control policies in order to protect their resources, i.e. enable or prevent certain users or groups from accessing specific services.
 Lutz Suhrbier
 Lutz Suhrbier
-Lutz Suhrbier
+Technologically, EDIT's [[CSSO|CSSO Security Infrastructure]] bases on the [OASIS Security Assertion Markup Language (SAML)":http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security standard family. The main benefits of SAML include a secure attribute exchange framework, several open source implementations, privacy-preserving access to individually protected online resources and a federation concept. In particular, this federation concept perfectly matches the requirements regarding the creation of a single sign-on platform for more or less closed communities like e.g. taxonomic experts within EDIT. Beside others, the EDIT federation currently consists of about 2000 taxonomic experts registered in an SAML Identity Provider (IdP) and several SAML Service Providers (SP) instances like e.g. "EDITExpertNet](http:///www.editexpertnet.org.)
 Lutz Suhrbier
 While, the vision is to extend the CSSO concept from EDIT to the whole biodiversity community someday, this document shall present an outline to any available information regarding the existing CSSO release.
 Lutz Suhrbier
 Lutz Suhrbier
-Lutz Suhrbier
+----
 Lutz Suhrbier
 Lutz Suhrbier
-Lutz Suhrbier
+## EDIT Federation
  _[[EDITFederation|General Information]]_::
-Lutz Suhrbier
+ Provides general information about the EDIT Federation.
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[EDITFederation#HowtobecomeanEDITuser|How to become an EDIT user ?]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+ Provides a detailed description on how users can be registered to the EDIT federation.
 Lutz Suhrbier
-Lutz Suhrbier
+  _[[EDITFederation#HowtobecomeanEDITServiceProvider|How to become an EDIT Service Provider ?]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+ Provides a detailed description on how EDIT institutions can implement services using the Single Sign-On features within the EDIT federation.
-Lutz Suhrbier
+  _[[EDITFederationMembers|Current EDIT Federatoin members]]_::
 Lutz Suhrbier
   Gives an overview of the EDIT services currently connected to CSSO.
-Lutz Suhrbier
+ _[[EDITFederationShibbolethAttributes|Common Set of EDIT Federation Attributes]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+ Describes the user attributes currently transmitted to EDIT Service Providers from the EDIT Identity Provider.
 ----
 Lutz Suhrbier
 # **The following is currently work in progress. Sorry**
 Lutz Suhrbier
-Lutz Suhrbier
+## CSSO Infrastructure
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[CSSOTechnicalOverview|CSSO Technical Overview ]]_::
 Lutz Suhrbier
  Provides general information about the EDIT security components.
 Lutz Suhrbier
-Lutz Suhrbier
+### Identity Provider (IdP)
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[OpenSSO|OpenSSO General Information]]_::
 Lutz Suhrbier
 Lutz Suhrbier
 Lutz Suhrbier
-Lutz Suhrbier
+### Service Provider (SP)
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[Shibboleth|Shibboleth General Information]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[ShibbolethManagementTools|Shibboleth Management Tools]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[ShibbolethProtocol|The Shibboleth Protocol]]_::
 Lutz Suhrbier
 Lutz Suhrbier
 Lutz Suhrbier
-Lutz Suhrbier
+### Certification Authorities
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[FUBCertificationAuthority|Freie Universität Berlin (FUB-CA) Certification Authority ]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[WP57CertificationAuthority|WP 5.7 Certification Authorities ]]_::
 Lutz Suhrbier
 Lutz Suhrbier
-Lutz Suhrbier
+### Shibboleth Proxy
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[ShibbolethProxy|Shibboleth Proxy General Information]]_::
 Lutz Suhrbier
 Lutz Suhrbier
-Lutz Suhrbier
+----
 Lutz Suhrbier
 ## User Guides
 Lutz Suhrbier
 Lutz Suhrbier
-Lutz Suhrbier
+### [[OpenSSO]]
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[OpenSSOUser|OpenSSO User Documentation ]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+### Certificate Handling
  _[[InvalidSecurityCertificate|The "Invalid Security Certificate Problem"]]_::
 Lutz Suhrbier
 Lutz Suhrbier
  _[[FirefoxImportCACertificates|Firefox: How to import CA certificates ]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[FirefoxInvalidSecurityCertificate|Firefox: How to handle invalid security certificates ? ]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[IEImportCACertificates|Internet Explorer: How to import CA certificates ]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[IEInvalidSecurityCertificate|Internet Explorer: How to handle invalid security certificates ? ]]_::
 Lutz Suhrbier
 Lutz Suhrbier
-Lutz Suhrbier
+----
 Lutz Suhrbier
 Lutz Suhrbier
-Lutz Suhrbier
+## Installation Guides
 Lutz Suhrbier
 Lutz Suhrbier
-Lutz Suhrbier
+### [[OpenSSO]]
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[OpenAMIdPInstallDebianLenny|OpenAM (OpenSSO) based Identity Provider (IdP) Installation on Debian Lenny  ]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[OpenSSOFederationSetup|OpenSSO Federation Setup  ]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[OpenSSOInstallDebianEtch|OpenSSO Installation (with Debian Etch)  ]]_::
 Lutz Suhrbier
 Lutz Suhrbier
-Lutz Suhrbier
+### [[Shibboleth|Shibboleth ]]
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[ShibbolethSP2InstallDebianLenny|Shibboleth Service Provider (SP) v2.3.x Installation on Debian Lenny  ]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[ShibbolethIdPInstallDebianEtch|Shibboleth Identity Provider (IdP) Setup on Debian Etch  ]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[ShibbolethSP2InstallDebianEtch|Shibboleth Service Provider (SP) v2.x Installation on Debian Etch  ]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[ShibbolethSPInstallDebianEtch|Shibboleth Service Provider (SP) Installation on Debian Etch  ]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[ShibbolethSPInstallWindows|Shibboleth Service Provider (SP) Installation on Microsoft Windows  ]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+### [[SimpleSAMLphp|SimpleSAMLphp ]]
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[SimpleSAMLphpInstall|SimpleSAMLphp Installation (Debian Etch)  ]]_::
 Lutz Suhrbier
 Lutz Suhrbier
 Lutz Suhrbier
-Lutz Suhrbier
+### [[SpringSSO]]
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[SpringSSO|Integrating Spring Framework into CSSO  ]]_::
 Lutz Suhrbier
 Lutz Suhrbier
 Lutz Suhrbier
-Lutz Suhrbier
+### Xen
 Lutz Suhrbier
-Lutz Suhrbier
+_[[Xen_installation|BGBM Xen server documentation ]]_::
 Lutz Suhrbier
 Lutz Suhrbier
 Lutz Suhrbier
-Lutz Suhrbier
+### Debian Linux
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[Debian|Debian Linux Installation Guide ]]_::
 Lutz Suhrbier
 Lutz Suhrbier
-Lutz Suhrbier
+### Apache
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[Apache2InstallDebianEtch|Apache2 Installation on Debian Etch]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[ApacheMySQLAuthentication|Apache MySQL Authentication for Debian Etch]]_::
 Lutz Suhrbier
 Lutz Suhrbier
-Lutz Suhrbier
+### [[Drupal|Drupal ]]
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[Drupal5InstallDebianEtch|Drupal5 Installation on Debian Etch]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[Drupal5Mirroring|Drupal]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+### Java
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[JDK5InstallDebianEtch|SUN JDK5 Installation on Debian Etch]]_::
 Lutz Suhrbier
 Lutz Suhrbier
 Lutz Suhrbier
-Lutz Suhrbier
+### Maven2
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[Maven2InstallDebianEtch|Apache Maven 2 Installation on Debian Etch]]_::
 Lutz Suhrbier
 Lutz Suhrbier
-Lutz Suhrbier
+### [[MySQL|MySQL ]]
-Lutz Suhrbier
+ _[[MySQLInstallDebianEtch|MySQL Installation on Debian Etch]]_::
 Lutz Suhrbier
 Lutz Suhrbier
-Lutz Suhrbier
+### Postfix
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[PostfixInstallDebianEtch|Postfix Installation (Debian Etch)]]_::
 Lutz Suhrbier
 Lutz Suhrbier
 Lutz Suhrbier
 ### [[PostgreSQL|PostgreSQL ]]
-Lutz Suhrbier
+ _[[PostgreSQLInstallDebianEtch|PostgreSQL Installation on Debian Etch]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+### [[SQLite|SQLite ]]
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[SQLiteInstallDebianEtch|SQLite Installation on Debian Etch]]_::
 Lutz Suhrbier
 Lutz Suhrbier
 ### [[Subversion|Subversion ]]
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[SVNInstallDebianEtch|Subversion Installation on Debian Etch]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[SVNMirroring|Mirroring Subversion Repositories]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+### Tomcat6
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[Tomcat6InstallDebianEtch|Tomcat6 Installation on Debian Etch]]_::
 Lutz Suhrbier
 Lutz Suhrbier
 Lutz Suhrbier
-Lutz Suhrbier
+### [[Trac|Trac ]]
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[TracInstallDebianEtch|Trac Installation on Debian Etch]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+ _[[TracMirroring|Mirroring Trac]]_::
 Lutz Suhrbier
-Lutz Suhrbier
+----
 ## Miscellaneous
  _[[CSSOSoftwareLicense|Licenses used by CSSO 3rd party components ]]_::
  _[[CSSOPlannings|Initial Plannings of the Community Single Sign-On (CSSO) Security Infrastructure ]]_::

Project

General

Profile

EDIT

CSSO » History » Version 65