Ata da Reunião de 26-04-2016

Link: 1a Reunião Ordinária do Comitê Técnico de Gestão de Identidade (CT-GID)

Equipe de coordenação CT-GId/Gidlab (faltou só o Bruno assistente do Gidlab):

  • O prof. Marco Aurélio (Unicamp) foi o coordenador do CT-GId ao longo de 2014 e 2015.
  • A profa. Michelle (Univali) é a atual coordenadora do CT-Gid ao longo de 2016.
  • O Maykon e o Bruno são os assistentes que fazem a operação do testbed Gidlab estão também apoiando as atividades do CT-GId em 2016.
  • André Marins da DPD está a frente da secretaria do CT-GId.!/search/%23RNPTNC (\!/search/%23RNPTNC)\!/saved-search/RNPTNC

Obrigado Hendri pela publicação do glossário de Gestão de Identidade neste wiki. Agora, contamos com novas contribuições e revisões dos participantes do CT.

> De: "Antônio Carlos Fernandes Nunes" <>
> Para:
> Cc: "CT-GID - RNP" <>, "dagser" <>
> Enviadas: Quinta-feira, 14 de Abril de 2011 11:18:10
> Assunto: [CT-GID] Fwd: [refeds] Federations map
> Caros,
> Entramos no mapa das Federacoes Academicas mundiais em producao:
> <>.
> Abracos,
> Antonio Carlos.

"In this paper I will briefly discuss the four existing examples we
have of federated authentication, and then go on to discuss a much larger, looming
problem. If the world embraces the Apple vision of your mobile phone becoming your universal
authentication device - so that your phone contains half-a dozen credit cards, a
couple of gift cards, a dozen coupons and vouchers, your AA card, your student card and your
driving license, how will we manage all this? A useful topic for initial discussion, I
argue, is revocation. Such a phone will become a target for bad guys, both old and new. What
happens when someone takes your phone off you at knifepoint, or when it gets
infested with malware? Who do you call, and what will they do to make the world right once more?"

(I'm really sorry to those of you that got this through multiple lists - if you are on the refeds list please respond through that list)

I'm happy to announce that I've put into production a new Discovery Service.

The Discovery Service is named DiscoJuice, and it is entirely written in JavaScript, and it is super simple to load on a SP, compatible with all programming languages (as it lives in the html template). It is also independent of SAML SP, which means it can be used with shib, simplesaml or whatever.

Some of the features include:
* icons, keywords, name, description (Yes, please get started deploying MDUI!)
* cookie storage
* categorisation on country
* discovery of user's country
* live search on name, description and keywords
* magic read and write to national discovery services

I would rather not give you more details, as it would ruin my presentation on TNC2011.

Instead, feel free to test the discovery service at:

and the stand alone version at:

I'm hoping feedback from _you_ that might help me in providing an even better user experience

This is a further evolution of the mockup I've blogged a lot about recently, and is inspired/based upon the Kantara ULX mockup v3.


Registration is open ( for the latest in the Shibboleth Workshop Series, to be held March 14-15, 2011, in Amherst, Massachusetts. The workshops are available to those interested in installing and operating the Shibboleth Single Sign-on and Federating Software from institutions of higher education and their partner organizations. Only 28 seats are available for each workshop.

  • Shibboleth Identity Provider Workshop on March 14, 2011
  • Shibboleth Service Provider Workshop on March 15, 2011

The Shibboleth workshops will provide attendees with technical installation and configuration experience with Shibboleth Single Sign-on and Federating Software, version 2. Developed for organizations new to Shibboleth, and those with existing implementations interested in upgrading to the v2 release, the workshops will offer the opportunity to:

  • Install either a prototype Shibboleth identity or service provider in a virtual machine environment.
  • Hear tips for configuring and running the software in production.
  • Learn about integration with LDAP directories and selected packages.

The Identity Provider Workshop will be March 14, from 9 a.m. - 6 p.m. ($335 for InCommon Participants and Internet2 members; $350 for others). The Service Provider Workshop is March 15, 9 a.m. - 6 p.m. ($335 for InCommon Participants and Internet2 members; $350 for others). Please note there is separate registration and a separate fee for each workshop.

Organizations are encouraged to send up to two attendees who best represent these functions: system install, integration, and ongoing support staff; and/or campus technology architects. Details and registration information and links are available at the InCommon website. (

Travel and lodging information is also on the website. (

This Shibboleth Workshop Series is sponsored by InCommon, Five Colleges, Inc., the University of Massachusetts-Amherst, and Internet2.

IAM Online - Wednesday, February 9, 2011
3 p.m. EST / 2 p.m. CST / 1 p.m. MST / Noon PST

Group Provisioning for Federated Educational Applications

Looking at provisioning Google Apps or other off-site services with your campus identity system? This IAM Online will feature two speakers on the topic of group provisioning for higher education.

Nathan Dors will share work being done at the University of Washington in group provisioning, particularly as it relates to syncing campus groups with Google Apps for Education. Tom Zeller from the University of Memphis will discuss ongoing activity in federated provisioning, specifically within the area of SPML (Service Provisioning Markup Language) standards. 

Nathan Dors, Manager, Identity and Access Management, University of Washington
Tom Zeller, Internet2 and Emerging Technology Developer, University of Memphis

Tom Barton, Senior Director for IT Architecture, Integration & CISO, University of Chicago

We use Adobe Connect for slide sharing and audio: For more details, see

IAM Online is a monthly online education series including essentials of federated identity management, hot topics from the EDUCAUSE Identity and Access Management Working Group, and emerging topics in IAM. Experts provide overviews, answer questions and lead discussions. IAM is brought to you by InCommon in cooperation with Internet2 and the EDUCAUSE Identity and Access Management Working Group.

De: Bradley Beddoes <>
Enviado por:
Data: 08/02/2011 3:21
Assunto: [Shib-Users] AAF tool release

Hi Folks, The Australian Access Federation (AAF) is pleased to announce that our management toolset called 'Federation Registry' is now available to other federations under the Apache 2 open source license.

Federation Registry is a web application that provides a central point of registration, management and reporting for organizations, identity providers, service providers and system administrators participating in a standards compliant SAML 2 identity federation. The AAF has been running 1.x releases in production to manage the AAF since October 2010 with excellent results and user feedback.

A fully functioning demonstration version is available at;&nbsp;Feel&nbsp;free to explore this environment and add data, as we'll periodically refresh back to a default state. While not shown in the demonstration, production deployments are federation integrated with automated user provisioning.

Further information, including source access, is available at

Bradley Beddoes | Advanced Technical Development | Australian Access Federation
Mob: 0413768802 | | Web:
Twitter: Facebook:" rel="nofollow"linktype="raw" linktext=" Facebook:">;Facebook:

The goal of TF-EMC2 is to promote the development and deployment of open and interoperable middleware infrastructures among national and regional research and education networking organisations and academic and research institutions.

A pesquisa no wikipedia, mostra que o termo "Identity Management" tem uma boa organização conceitual, bem
abrangente, onde a dimensão técnica é apenas uma.

Em português o termo, "Gestão de Identidade" não está sendo escrito por ninguém.

Talvez devessemos começar por um glossário para Gestão de Identidade, o que acham?
Quem poderia assumir esta frente?

Interessaria comprar este report com objetivo de uma referência consolidada complementar ao
esforço já dedicado?

Post sobre IAM que comenta brevemente o report acima