CSSO » History » Version 81
Lutz Suhrbier, 09/02/2010 07:41 PM
| 1 | 1 | Lutz Suhrbier | |
|---|---|---|---|
| 2 | 69 | Lutz Suhrbier | |
| 3 | |||
| 4 | 72 | Lutz Suhrbier | # Community Single Sign-On (CSSO) |
| 5 | 1 | Lutz Suhrbier | |
| 6 | 69 | Lutz Suhrbier | {{>toc}} |
| 7 | |||
| 8 | |||
| 9 | 2 | Lutz Suhrbier | |
| 10 | 71 | Lutz Suhrbier | ---- |
| 11 | |||
| 12 | 46 | Lutz Suhrbier | The aim of EDIT's Community Single Sign-On (CSSO) security infrastructure is integrating various EDIT service providers into the platform such as registered users of the EDIT community may access these services using a single EDIT identity only. Simultaneously, the CSSO security infrastructure respects the requirements of many biodiverity service providers to remain the sovereigns of their resources and services offered. That means, service providers may define and enforce individual access control policies in order to protect their resources, i.e. enable or prevent certain users or groups from accessing specific services. |
| 13 | 1 | Lutz Suhrbier | |
| 14 | 3 | Lutz Suhrbier | |
| 15 | 66 | Lutz Suhrbier | Technologically, EDIT's [[CSSO|CSSO Security Infrastructure]] bases on the [OASIS Security Assertion Markup Language (SAML)":http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security standard family. The main benefits of SAML include a secure attribute exchange framework, several open source implementations, privacy-preserving access to individually protected online resources and a federation concept. In particular, this federation concept perfectly matches the requirements regarding the creation of a single sign-on platform for more or less closed communities like e.g. taxonomic experts within EDIT. Beside others, the EDIT federation currently consists of about 2000 taxonomic experts registered in an SAML Identity Provider (IdP) and several SAML Service Providers (SP) instances like e.g. "EDITExpertNet](http:///www.editexpertnet.org.) |
| 16 | 1 | Lutz Suhrbier | |
| 17 | |||
| 18 | 67 | Lutz Suhrbier | While, the vision is to extend the CSSO concept from EDIT to the whole biodiversity community someday, this document will present an outline to any available information regarding the existing CSSO release. |
| 19 | 6 | Lutz Suhrbier | |
| 20 | 46 | Lutz Suhrbier | |
| 21 | 53 | Lutz Suhrbier | ---- |
| 22 | |||
| 23 | 50 | Lutz Suhrbier | |
| 24 | 1 | Lutz Suhrbier | |
| 25 | 79 | Lutz Suhrbier | ## CSSO Security Infrastructure |
| 26 | 1 | Lutz Suhrbier | |
| 27 | 79 | Lutz Suhrbier | _[[CSSOTechnicalOverview|CSSO Technical Overview ]]_:: |
| 28 | |||
| 29 | Provides general information about the EDIT security components like [[CSSOTechnicalOverview#IdentityProviderIdP|Identity Provider (IdP)]], [[CSSOTechnicalOverview#ServiceProviderSP|Service Provider (SP)]], [[CSSOTechnicalOverview#DiscoveryServiceDS|Discovery Service (DS)]] and [[CSSOTechnicalOverview#PublicKeyInfrastructurePKI|Public Key Infrastructure (PKI)]]. |
||
| 30 | |||
| 31 | |||
| 32 | 81 | Lutz Suhrbier | _[[ShibbolethProxy|Shibboleth Proxy General Information]]_:: |
| 33 | 79 | Lutz Suhrbier | |
| 34 | 81 | Lutz Suhrbier | General information about the Shibboleth Proxy component. |
| 35 | |||
| 36 | |||
| 37 | 79 | Lutz Suhrbier | ---- |
| 38 | |||
| 39 | |||
| 40 | |||
| 41 | ### EDIT Federation |
||
| 42 | |||
| 43 | 55 | Lutz Suhrbier | _[[EDITFederation|General Information]]_:: |
| 44 | |||
| 45 | 56 | Lutz Suhrbier | Provides general information about the EDIT Federation. |
| 46 | 2 | Lutz Suhrbier | |
| 47 | 52 | Lutz Suhrbier | _[[EDITFederation#HowtobecomeanEDITuser|How to become an EDIT user ?]]_:: |
| 48 | 54 | Lutz Suhrbier | |
| 49 | 1 | Lutz Suhrbier | Provides a detailed description on how users can be registered to the EDIT federation. |
| 50 | |||
| 51 | 81 | Lutz Suhrbier | _[[EDITFederation#HowtobecomeanEDITServiceProvider|How to become an EDIT Service Provider ?]]_:: |
| 52 | 54 | Lutz Suhrbier | |
| 53 | 1 | Lutz Suhrbier | Provides a detailed description on how EDIT institutions can implement services using the Single Sign-On features within the EDIT federation. |
| 54 | |||
| 55 | 81 | Lutz Suhrbier | _[[EDITFederationMembers|Current EDIT Federatoin members]]_:: |
| 56 | 54 | Lutz Suhrbier | |
| 57 | 81 | Lutz Suhrbier | Gives an overview of the EDIT services currently connected to CSSO. |
| 58 | 1 | Lutz Suhrbier | |
| 59 | _[[EDITFederationAttributes|Common Set of EDIT Federation Attributes]]_:: |
||
| 60 | |||
| 61 | 62 | Lutz Suhrbier | Describes the user attributes currently transmitted to EDIT Service Providers from the EDIT Identity Provider. |
| 62 | 73 | Lutz Suhrbier | |
| 63 | 1 | Lutz Suhrbier | |
| 64 | 79 | Lutz Suhrbier | |
| 65 | 53 | Lutz Suhrbier | ---- |
| 66 | 1 | Lutz Suhrbier | |
| 67 | |||
| 68 | |||
| 69 | 79 | Lutz Suhrbier | ### User Guides |
| 70 | 1 | Lutz Suhrbier | |
| 71 | 79 | Lutz Suhrbier | _[[OpenSSOUser|OpenSSO User Documentation ]]_:: |
| 72 | 1 | Lutz Suhrbier | |
| 73 | 79 | Lutz Suhrbier | Documentation of the basic [[OpenSSO]] user interface for EDIT users. |
| 74 | 1 | Lutz Suhrbier | |
| 75 | 79 | Lutz Suhrbier | _[[InvalidSecurityCertificate|The "Invalid Security Certificate Problem"]]_:: |
| 76 | 74 | Lutz Suhrbier | |
| 77 | 79 | Lutz Suhrbier | Explains how users have to deal with this error message when connecting to EDIT CSSO services. |
| 78 | 53 | Lutz Suhrbier | |
| 79 | 74 | Lutz Suhrbier | |
| 80 | 75 | Lutz Suhrbier | |
| 81 | ---- |
||
| 82 | |||
| 83 | |||
| 84 | 76 | Lutz Suhrbier | |
| 85 | 79 | Lutz Suhrbier | ### Certification Authorities |
| 86 | 76 | Lutz Suhrbier | |
| 87 | 79 | Lutz Suhrbier | _[[FUBCertificationAuthority|Freie Universität Berlin (FUB-CA) Certification Authority ]]_:: |
| 88 | 76 | Lutz Suhrbier | |
| 89 | 79 | Lutz Suhrbier | Documentation of any X.509 certificates used within the CSSO Infrastructure. |
| 90 | 76 | Lutz Suhrbier | |
| 91 | 79 | Lutz Suhrbier | _[[WP57CertificationAuthority|WP 5.7 Certification Authorities ]]_:: |
| 92 | 77 | Lutz Suhrbier | |
| 93 | 79 | Lutz Suhrbier | Documentation of the EDIT Demo CA. |
| 94 | |||
| 95 | 52 | Lutz Suhrbier | |
| 96 | |||
| 97 | 1 | Lutz Suhrbier | ---- |
| 98 | |||
| 99 | 76 | Lutz Suhrbier | |
| 100 | 1 | Lutz Suhrbier | |
| 101 | 80 | Lutz Suhrbier | ## Miscellaneous |
| 102 | |||
| 103 | _[[CSSOSoftwareLicense|Licenses used by CSSO 3rd party components ]]_:: |
||
| 104 | |||
| 105 | Overview of Open Source licenses used by CSSO and its third party components. |
||
| 106 | |||
| 107 | _[[CSSOPlannings|Initial Plannings of the Community Single Sign-On (CSSO) Security Infrastructure ]]_:: |
||
| 108 | |||
| 109 | Document describing the initial ideas and plannings regarding the construction of EDIT's CSSO infrastructure. |
||
| 110 | |||
| 111 | |||
| 112 | |||
| 113 | 76 | Lutz Suhrbier | ## **Anything below is currently work in progress. Sorry** |
| 114 | 53 | Lutz Suhrbier | |
| 115 | 76 | Lutz Suhrbier | |
| 116 | 53 | Lutz Suhrbier | |
| 117 | ### Service Provider (SP) |
||
| 118 | |||
| 119 | _[[Shibboleth|Shibboleth General Information]]_:: |
||
| 120 | |||
| 121 | _[[ShibbolethProtocol|The Shibboleth Protocol]]_:: |
||
| 122 | |||
| 123 | |||
| 124 | 1 | Lutz Suhrbier | |
| 125 | ---- |