Internet2

close
Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

Your organization not listed? Create a local account to use Internet2 services.

Create SiteID

News

Shibboleth Version 3 Identity Provider Release Offers Improved Access and Identity Management

Posted on Feb 20, 2015 by Angela Stark
Tags: Frontpage News, Identity & Access, Identity Federation, Identity Management, International Partners, international partnerships, Shibboleth, Trust and Identity in Education and Research

New major release of free open source federated identity solution adds user consent capability and support for Central Authentication Service protocol

BRISTOL, England, Feb. 20, 2015—The research and education (R&E) community is set to benefit from an upgrade to a free open source software system that will help them better deliver access and identity management services.

The Shibboleth Consortium—a collaborative group of international R&E organizations—has released version 3 of the Shibboleth Identity Provider, the latest version of its free open source software that enables secure web single sign-on. Institutions are able to use the software to enable researchers to safely access library resources, databases and collaboration tools using only one login, doing away with the need to set up new accounts as they move between locations.

Developed following extensive consultation with the community, the new release offers significant functional and security enhancements, including user consent and on-demand metadata lookup, as well as supporting the Central Authentication Service (CAS), the internationally-recognized single sign-on protocol used by many universities and research organizations.

Shibboleth is among the world’s most widely deployed federated identity solutions, providing single sign-on capabilities and individual access to protected online resources in a privacy-preserving manner. The Shibboleth Consortium funds the ongoing development, support and maintenance of the software, keeping every component of the Shibboleth system free to users. The two principal members of the consortium are Internet2 in the U.S. and Jisc in the UK. Jisc also acts as consortium operator, managing the day-to-day running of the consortium.

“This new release comes with many new features requested by the broad international community that uses Shibboleth to make informed access decisions and protect their online resources,” said Shelton Waggener, senior vice president at Internet2 and chair of the Consortium Board. “We are grateful for the tremendous collaboration in developing this important new release.”

Josh Howlett, head of trust and identity at Jisc, states: “Seamless and secure access to systems and services is paramount to the continued health of the education and research sector, which makes Shibboleth a vital tool in being able to deliver effective access and identity management services.

“The latest release has been developed for the community, by the community, listening to their feedback to ensure the software truly meets their needs, both now and in the future. We will continue to work with the consortium to ensure this remains to be the case.”

The new features and functionality include:

  • User notification - Ability to present individuals with a list of the attributes the service is requesting, allowing the user to confirm that they wish to proceed. Permissions can be granted directly through the browser, so there is no need to set up and manage a database. Such mechanisms can also help organizations to meet regulations, for example, requirements for user notification under EU law.
  • Support for CAS protocol, enabling organizations to support one identity provider software package for transactions with both on-campus CAS and on- and off-campus SAML-protected services.
  • Ability to support multiple algorithms for signing and encryption simultaneously, allowing organizations to increase the security of their transactions without compromising compatibility with older systems.
  • Built-in next generation federation features such as the emerging Metadata Query Protocol, allowing on-demand metadata lookup that is replacing the need to compile ever-larger metadata aggregates.
  • Support for internationalizing user interface and error messages.

Originally released in 2003, the growth of cloud services has led to an increase in the deployment of Shibboleth worldwide as a core component of campus identity and access management.

Shibboleth Version 3 will come to replace the previous Version 2.4. The consortium urges deployers to plan their upgrade now to take advantage of the security and functional improvements and ensure they are fully compliant before the discontinuation of support for Version 2.4, expected later this year.

For more information on Shibboleth visit www.shibboleth.net.

About the Shibboleth Consortium
The Shibboleth Consortium is a global organization created to further the development of identity and access management for research and educational use. Led by principal members Internet2 and Jisc, it provides financial and infrastructure support for the Shibboleth software and the on-going development. For more information, see www.shibboleth.net.

About Jisc
Jisc offers digital services and solutions for UK education and research. The charity does this to achieve its vision for the UK to be the most digitally advanced education and research nation in the world. Working together across the higher education, further education and skills sectors, Jisc provides trusted advice and support, reduces sector costs across shared network, digital content, IT services and procurement negotiations, ensuring the sector stays ahead of the game with research and development for the future. Find out more at www.jisc.ac.uk or contact the press team on press@jisc.ac.uk.

About Internet2
Internet2® is a member-owned advanced technology community founded by the nation's leading higher education institutions in 1996. Internet2 provides a collaborative environment for U.S. research and education organizations to solve common technology challenges, and to develop innovative solutions in support of their educational, research, and community service missions. Internet2 also operates the nation’s largest and fastest, coast-to-coast research and education network, in which the Network Operations Center is powered by Indiana University. Internet2 serves more than 90,000 community anchor institutions, 260 U.S. universities, 65 government agencies, 40 regional and state education networks, 85 leading corporations working with our community and more than 65 national research and education networking partners representing more than 100 countries. Internet2 offices are located in Ann Arbor, Mich.; Denver, Colo.; Emeryville, Calif.; Washington, D.C; and West Hartford, Conn. For more information, visit www.internet2.edu or follow @Internet2 on Twitter.

Media contact: Justin Knight, Shibboleth Consortium and Jisc, justin.knight@jisc.ac.uk