This project applies social networking technologies implemented via the Semantic Web to support identity management. It will demonstrate how current identity and access control systems may benefit from the use of social trust models. The technology will be based on Friend-of-a-Friend (FOAF) – a vocabulary to provide information about people and organisations and describe their relationships. Currently, many authentication mechanisms (such those used by the UK eScience Certification Authority) rely on centralised systems involving high administrative effort – a significant barrier for entry. This project will demonstrate a more streamlined, and much more usable, enhancement or replacement to these processes.

Identity & access management using social networking technologies

Download final report

Overview

This project applies social networking technologies implemented via the Semantic Web to support identity management. It will demonstrate how current identity and access control systems may benefit from the use of social trust models. The technology will be based on Friend-of-a-Friend (FOAF) – a vocabulary to provide information about people and organisations and describe their relationships. Currently, many authentication mechanisms (such those used by the UK eScience Certification Authority) rely on centralised systems involving high administrative effort – a significant barrier for entry. This project will demonstrate a more streamlined, and much more usable, enhancement or replacement to these processes.

Aims and objectives

The Project will merge social networking technologies with current federated identity management systems to demonstrate more flexible, transient, ad hoc relationships between people, such as those formed for the purpose of a specific project (i.e. virtual organisations) and can therefore include individuals who would otherwise fit with difficulty in the hierarchy of institutions such as foreign guest researchers or external consultants. The technology will be applied to core middleware utilised by two important JISC initiatives which rely heavily on the Access and Identity Management programme: the UK NGS and the UK Access Management Federation.

Project methodology

The project is managed and administered by Dr Mike Jones, whose role it is to maintain strategic direction for the project. The project deliverables are split into two main components: the Shibboleth integration targets the Identity Provider and will be led by Dr Bruno Harbulot, Globus integration will be addressed by Robert Frank via the development of a plugable authorisation module. Dr Harbulot will oversee the overall technical direction of the project with consultancy from Henry Story (Lead architect of the FOAF+SSL project).

Technology / Standards used
  • Security technologies will require use of X.509, TLS, GSI, SAML and XACML.
  • Semantic Web technologies will make use of FOAF and its representation through RDF

 

Project Staff

Project Manager
  • Dr Mike Jones, Research Computing Service Manager (NGS), Research Computing Services, The University of Manchester, Manchester M13 9PL, +44 161 275 7038 mike.jones@manchester.ac.uk
Project Team
  • Dr Bruno Harbulot, Software Engineer, Research Computing Services, University of Manchester
  • Henry Story (consultant), Social Web Architect, Sun Microsystems 
  • Robert Frank, Development Officer, Research Computing Services, University of Manchester

Documents & Multimedia

Bookmark and Share
Summary
Start date
1 January 2010
End date
30 September 2010
Funding programme
Access and Identity Management Programme
Project website
Lead institutions
University of Manchester
Committees
  • JISC Infrastructure and Resources Committee
Topic