InCommon Academy Instructor Insights: Go with Shibboleth for Synergy and Streamlining
By Apryl Motley - Technical Writer & Communications Lead, Internet2 Trust and Identity/NET+ Service
With our next virtual Shibboleth workshop coming up October 3–7, we asked co-Instructors Paul Caskey, an IAM architect at Internet2, and Paul Riddle, an identity architect at the University of Maryland Baltimore County (UMBC), to share their insights on its benefits.
How does understanding more about Shibboleth and implementing it help streamline workload?
Paul C.: One obvious way is by implementing single sign-on, which can span the globe and extend beyond organizational boundaries. We hear the mantra authenticate locally, but act globally, and that just means putting power into your identity and access management system and extending it beyond your borders.
Paul R.: Shibboleth is a very popular and widely deployed product, and a lot of people come to us with existing installations that they may have taken over from predecessors, and they may want to get more up to speed on the product and how they can make it work better for them.
How does Shibboleth training help research and educational institutions work together?
Paul R: Shibboleth implements a standard protocol called SAML, which stands for security assertion markup language, that is used very widely by various vendors that work with higher education institutions. Shibboleth is what you would call a reference implementation of SAML. In other words, it implements the standard very closely, and it’s very highly utilized by educational institutions.
Paul C.: I would second that and say we’re talking about global collaboration via federation. Shibboleth is a sort of enabler for that; it enables you to participate in this circle of trust that is higher education across the globe, so it’s not just about the bits and bytes of information transfer, but about the free flow of information across boundaries.
What do you hope students will be able to accomplish by the end of the course?
Paul C.: In general, they should be able to bring up and configure a new Shibboleth identity provider. There’s a lot of specific details mixed up in there, but that’s our overall goal.
Paul R.: We also talk about upgrading existing identity providers and maintaining existing identity providers as well because we know that a lot of participants come to us with existing systems that they may not have installed themselves, and they may want assistance getting up to speed. For example, perhaps, the software version is out of date, and they need to install the latest version, or they want to move from a server-based installation to a container-based installation. We cover topics that will help them with existing deployments as well as new ones.
What do you enjoy the most about working with students and facilitating the training?
Paul C.: InCommon serves a very broad and diverse community, and I love getting to meet its members. I hear about their challenges, gain understanding of what they would like to get the software to do, and then help them to acquire that knowledge to bring that back to their home institutions and help their teams.
Paul R.: Helping people work through specific problems they may have with their installations and successfully getting somebody over a hurdle with the software is very gratifying.
There’s still time to join our insightful instructors for the virtual Shibboleth workshop, October 3–7. Register now.