Directory Enabled AuthN/Z at Clemson

LDAP yesterday, Shibboleth tomorrow

Jill GemmillBarry Johnson

Early adopters of Directories

Since mid 1990’s Event-driven provisioning into/from

directory Developers of DirXML (Novell Identity

Manager) Use of Blackboard as GUI for

collaborative spaces

Clemson myCLE

Auto-provisioned Tools per VO

Address Book Blog Tool Calendar Drop Box EDU Assessment

Tool Glossary HomePage

My Files mySQL Database Organization

Portfolio Search Survey Tool Tasks Wiki General Web Space -Etc!

So, why Shibboleth?

Placing attributes and also Access Control Roles in Directory became cumbersome to enforce correctly for each application

Had come to conclusion that attribute based access control was needed, and Shibboleth appeared to be best solution available.

Shibboleth today at Clemson

Production Shibboleth IdP In use for a few applications, including a

GridShib CA for use in Open Science Grid Plans in place to migrate current

applications to Shibboleth Service Providers

State-wide consortium : Health Sciences South Carolina

Health Sciences South Carolina

http://www.healthsciencessc.org/

HSSC Shibboleth Working Group

Clemson University Greenville Hospital System University

Medical Center Palmetto Health Medical University of South Carolina University of South Carolina Spartanburg Regional Health Care System

Grids Today at Clemson

Condor Pool : A campus grid linking over 1700 machines distributed across 27 locations on campus providing a high throughput computing resource for all faculty and students in need of a loosely coupled computer system to run thousands of jobs. Applications from civil engineering, economics and chemistry have already benefited.

Grids and Shibboleth…Coming Soon

Access to HPC/HTC resources will be authorized using Shibboleth, consistent with other campus applications

Collaboration environments such as myVocs, Sharpe will be used as guides to revising Clemson’s existing access control and provisioning systems.