Authorisation and Identity Management Demonstrations

Authorisation and Identity Management Demonstrations

TAS3 LogoEPSRC Logo GloUnc Logo

The following authorisation demonstrations are publicly available for user testing and feedback. They all use open source software which is being developed under projects funded by the EC and the UK JISC. If you have any comments on any of these demonstrations please fill in our feedback form.

  1. Break the Glass demonstration. This shows how responsible users may be authorised to access information or resources, under emergency conditions, that they would normally be denied access to.
  2. Level of Assurance demonstration. This shows how users who are authenticated at different assurance levels can be granted access to resources of different sensitivity levels.
  3. Integration of Different Authentication Systems. This shows how a user can choose between OpenID, Facebook, The UK Access Management Federation SAML2) and a local username and password in order to access the same protected resource.
  4. Delegation of Authority. This shows how a user can delegate his roles or access permissions to another user, in order to give them access to resources that he has access to (providing he does not violate the delegation policy).
  5. Trusted Attribute Aggregation Service. This shows how a user can aggregate attributes from multiple identity providers in order to gain access to a secure service, by only authenticating to one (and not all) of the identity providers.
  6. My Private Cloud. This shows how cloud resources can be linked to federated identity management infrastructures, and how users can grant access to their cloud resources to anyone from anywhere at any time. The public pages contain the documentation and open source code that enables this.
  7. Delegation by Invitation. This shows how a user can delegate their privileges to anyone, by obtaining a secret invitation URL to give to the person they choose (the delegate). In return the delegate can continue to pass on these privileges to others, if the original user gave them permission to do so.
  8. Federated Openstack. This shows how we have integrated federated identity management into OpenStack, by modifying the Keystone service.

Feedback Form

Name (Optional):
Organisation (optional):
Email address (mandatory):
Demonstration (mandatory):
Comments (Mandatory):
Insert CAPTCHA text: