JOURNAL OF SOFTWARE (JSW)
ISSN : 1796-217X
Volume : 2    Issue : 3    Date : September 2007

Shibboleth as a Tool for Authorized Access Control to the Subversion Repository System
Linh Ngo and Amy Apon
Page(s): 78-86
Full Text:
PDF (350 KB)


Abstract
Shibboleth is an architecture and protocol for allowing users to authenticate and be authorized to
use a remote resource by logging into the identity management system that is maintained at their
home institution. With Shibboleth, a federation of institutions can share resources among users
and yet allow the administration of both the user access control to resources and the user identity
and attribute information to be performed at the hosting or home institution. Subversion is a version
control repository system that allows the creation of fine-grained permissions to files and
directories. In this project an infrastructure, Shibbolized Subversion, has been created that consists
of a Subversion repository with an Apache web interface that is protected by a Shibboleth
authentication system. The infrastructure can allow authorized and authenticated data sharing
between institutions yet retains simplicity and protects privacy for users. In addition, it also relieves
local administrators from the task of having to perform extra account management for users from
other institutions. This paper describes the Shibboleth and Subversion systems, the
implementation of the file sharing infrastructure, and issues of attribute maintenance, privacy and
security.

Index Terms
Fine-Grained Access Control, Authentication, Authorization, Shibboleth, Subversion