Project

General

Profile

CSSO » History » Version 80

Lutz Suhrbier, 09/02/2010 07:39 PM

1 1 Lutz Suhrbier
2 69 Lutz Suhrbier
3
4 72 Lutz Suhrbier
# Community Single Sign-On (CSSO)
5 1 Lutz Suhrbier
6 69 Lutz Suhrbier
{{>toc}}
7
8
9 2 Lutz Suhrbier
10 71 Lutz Suhrbier
----
11
12 46 Lutz Suhrbier
The aim of EDIT's Community Single Sign-On (CSSO) security infrastructure is integrating various EDIT service providers into the platform such as registered users of the EDIT community may access these services using a single EDIT identity only. Simultaneously, the CSSO security infrastructure respects the requirements of many biodiverity service providers to remain the sovereigns of their resources and services offered. That means, service providers may define and enforce individual access control policies in order to protect their resources, i.e. enable or prevent certain users or groups from accessing specific services.
13 1 Lutz Suhrbier
14 3 Lutz Suhrbier
15 66 Lutz Suhrbier
Technologically, EDIT's [[CSSO|CSSO Security Infrastructure]] bases on the [OASIS Security Assertion Markup Language (SAML)":http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security standard family. The main benefits of SAML include a secure attribute exchange framework, several open source implementations, privacy-preserving access to individually protected online resources and a federation concept. In particular, this federation concept perfectly matches the requirements regarding the creation of a single sign-on platform for more or less closed communities like e.g. taxonomic experts within EDIT. Beside others, the EDIT federation currently consists of about 2000 taxonomic experts registered in an SAML Identity Provider (IdP) and several SAML Service Providers (SP) instances like e.g. "EDITExpertNet](http:///www.editexpertnet.org.)   
16 1 Lutz Suhrbier
17
18 67 Lutz Suhrbier
While, the vision is to extend the CSSO concept from EDIT to the whole biodiversity community someday, this document will present an outline to any available information regarding the existing CSSO release. 
19 6 Lutz Suhrbier
20 46 Lutz Suhrbier
21 53 Lutz Suhrbier
----
22
23 50 Lutz Suhrbier
24 1 Lutz Suhrbier
25 79 Lutz Suhrbier
## CSSO Security Infrastructure
26 1 Lutz Suhrbier
27 79 Lutz Suhrbier
 _[[CSSOTechnicalOverview|CSSO Technical Overview ]]_::
28
29
 Provides general information about the EDIT security components like [[CSSOTechnicalOverview#IdentityProviderIdP|Identity Provider (IdP)]], [[CSSOTechnicalOverview#ServiceProviderSP|Service Provider (SP)]], [[CSSOTechnicalOverview#DiscoveryServiceDS|Discovery Service (DS)]] and [[CSSOTechnicalOverview#PublicKeyInfrastructurePKI|Public Key Infrastructure (PKI)]].
30
31
32
33
----
34
35
36
37
### EDIT Federation
38
39 55 Lutz Suhrbier
 _[[EDITFederation|General Information]]_::
40
41 56 Lutz Suhrbier
 Provides general information about the EDIT Federation.
42 2 Lutz Suhrbier
43 58 Lutz Suhrbier
 _[[EDITFederation#HowtobecomeanEDITuser|How to become an EDIT user ?]]_::
44 52 Lutz Suhrbier
45 54 Lutz Suhrbier
 Provides a detailed description on how users can be registered to the EDIT federation.
46 1 Lutz Suhrbier
47 58 Lutz Suhrbier
  _[[EDITFederation#HowtobecomeanEDITServiceProvider|How to become an EDIT Service Provider ?]]_::
48 1 Lutz Suhrbier
49 54 Lutz Suhrbier
 Provides a detailed description on how EDIT institutions can implement services using the Single Sign-On features within the EDIT federation.
50
51
  _[[EDITFederationMembers|Current EDIT Federatoin members]]_::
52
53
  Gives an overview of the EDIT services currently connected to CSSO. 
54 1 Lutz Suhrbier
55
 _[[EDITFederationAttributes|Common Set of EDIT Federation Attributes]]_::
56
57 62 Lutz Suhrbier
 Describes the user attributes currently transmitted to EDIT Service Providers from the EDIT Identity Provider.
58 73 Lutz Suhrbier
59 1 Lutz Suhrbier
60 79 Lutz Suhrbier
61 53 Lutz Suhrbier
----
62 1 Lutz Suhrbier
63
64
65 79 Lutz Suhrbier
### User Guides
66 1 Lutz Suhrbier
67 79 Lutz Suhrbier
 _[[OpenSSOUser|OpenSSO User Documentation ]]_::
68 1 Lutz Suhrbier
69 79 Lutz Suhrbier
 Documentation of the basic [[OpenSSO]] user interface for EDIT users. 
70 1 Lutz Suhrbier
71 79 Lutz Suhrbier
 _[[InvalidSecurityCertificate|The "Invalid Security Certificate Problem"]]_::
72 74 Lutz Suhrbier
73 79 Lutz Suhrbier
 Explains how users have to deal with this error message when connecting to EDIT CSSO services.
74 53 Lutz Suhrbier
75 74 Lutz Suhrbier
76 75 Lutz Suhrbier
77
----
78
79
80 76 Lutz Suhrbier
81 79 Lutz Suhrbier
### Certification Authorities
82 76 Lutz Suhrbier
83 79 Lutz Suhrbier
 _[[FUBCertificationAuthority|Freie Universität Berlin (FUB-CA) Certification Authority ]]_::
84 76 Lutz Suhrbier
85 79 Lutz Suhrbier
 Documentation of any X.509 certificates used within the CSSO Infrastructure.
86 76 Lutz Suhrbier
87 79 Lutz Suhrbier
 _[[WP57CertificationAuthority|WP 5.7 Certification Authorities ]]_::
88 77 Lutz Suhrbier
89 79 Lutz Suhrbier
 Documentation of the EDIT Demo CA.
90
91 52 Lutz Suhrbier
92
93 1 Lutz Suhrbier
----
94
95 76 Lutz Suhrbier
96 1 Lutz Suhrbier
97 80 Lutz Suhrbier
## Miscellaneous
98
99
 _[[CSSOSoftwareLicense|Licenses used by CSSO 3rd party components ]]_::
100
101
 Overview of Open Source licenses used by CSSO and its third party components. 
102
103
 _[[CSSOPlannings|Initial Plannings of the Community Single Sign-On (CSSO) Security Infrastructure ]]_::
104
105
 Document describing the initial ideas and plannings regarding the construction of EDIT's CSSO infrastructure.
106
107
 
108
109 76 Lutz Suhrbier
## **Anything below is currently work in progress. Sorry** 
110 53 Lutz Suhrbier
111 76 Lutz Suhrbier
 
112 53 Lutz Suhrbier
113 76 Lutz Suhrbier
### Service Provider (SP)
114 53 Lutz Suhrbier
115 48 Lutz Suhrbier
 _[[Shibboleth|Shibboleth General Information]]_::
116
117 53 Lutz Suhrbier
 _[[ShibbolethProtocol|The Shibboleth Protocol]]_::
118
119
120
121
### Shibboleth Proxy
122
123
 _[[ShibbolethProxy|Shibboleth Proxy General Information]]_::
124
125 1 Lutz Suhrbier
126
----