Educause Security Discussion mailing list archives

Multiple campus SSO security requirements

From: "Stewart, Ian" <istewart () UMASSP EDU>
Date: Mon, 3 Nov 2008 13:15:57 -0500

Hello,

We are considering multi-campus web-SSO system that allows an end-user to authenticate using their home campus LDAP 
account or another campus LDAP account they may hold   Has anyone implemented such a system and how have you dealt with 
the trust issues between campuses that this creates? For example, each campus may have their upfront ID-issuing or 
vetting process reviewed by all the other campuses and an agreement signed before they are allowed to participate, as 
in a federation.  Any thoughts on this issue would be welcome.

Thanks,

 <<ole0>> 
                
                :: Ian Stewart, Manager of Identity Management
                :: University of Massachusetts
                :: 508.856.2069 Phone
                :: 508.864.0088 Mobile
                :: 508.856.4844 Fax 
               :: istewart () umassp edu
 
               333 South St., Suite 400 ◦ Shrewsbury, MA 01545 ◦ www.massachusetts.edu <http://www.massachusetts.edu/>

Current thread:

Multiple campus SSO security requirements Stewart, Ian (Nov 03)
- <Possible follow-ups>
- Re: Multiple campus SSO security requirements Chris Green (Nov 03)
- Re: Multiple campus SSO security requirements Sarah Stevens (Nov 03)
- Re: Multiple campus SSO security requirements Greg Vickers (Nov 03)
- Re: Multiple campus SSO security requirements Steven Carmody (Nov 04)
- Re: Multiple campus SSO security requirements Stewart, Ian (Nov 04)
- Re: Multiple campus SSO security requirements David Walker (Nov 04)
- Re: Multiple campus SSO security requirements Stewart, Ian (Nov 04)
- Re: Multiple campus SSO security requirements David Walker (Nov 05)