Shibboleth (Internet2)
Shibboleth is a program developed by Internet2/MACE method for distributed authentication and authorization for Web applications and Web services. The concept of Shibboleth provides that the user must authenticate only once at his home institution, to location-independent access to services or licensed content from different vendors can (german single sign-on ). Shibboleth is based on an extension of the standard SAML.
Etymology
The project name comes from the Hebrew word shibboleth (Hebrew שבולת ) and literally means, ear of corn ', but in a figurative sense today in the meaning of' password 'is used, or code word '. For a more detailed explanation of this extended meaning of a word shibboleth see.
Components
The software consists of three parts:
Identity Provider: located at the home institution
Service Providers: is offered
Localization service or Discovery Service (formerly WAYF Where are you from? ): Can be used as an option to locate the user's home institution.
The components can be installed independently. Thus Shibboleth can work, at least one identity provider and a service provider are required. The Release 2 of Shibboleth was released on 17 March 2008, since 1 December 2009, Version 2.3.1 is available. Currently is currently version 2.4.
Operation
The operation of Shibboleth is most easily explained in terms of the following scenarios:
Authentication ( Who are you? )
Authorization (What you are allowed? )
Use
Shibboleth is used mainly in the field of science and teaching application and may be bilateral ( a provider, a device ), in a larger environment are deployed extensively for an entire country as in Baden- Württemberg ( ReDI ) and Saxony ( Saxis ) or. From a certain size assumes a so-called Federation (german federation ) the organization and technical support. Such federation is in Germany, the DFN- AAI, which was developed in collaboration with the Albert -Ludwigs- University of Freiburg founded by the German Research Network ( DFN). Other federations are for example SWITCHaai ( Switzerland ), ACOnet Identity Federation ( Austria ), DK- AAI (Denmark), menswear (Finland), CRU (France) and UKFederation ( UK).
The logo of Shibboleth is a griffin. The protected as a brand name Hebrew word Shibboleth has its origins in the Old Testament ( see etymology of shibboleth ).