eduTEAMS – Current status & Future Plans

Slides:



Advertisements
Similar presentations
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Advertisements

External Identity and Authorization in GENI. Topics Federated identity and virtual organizations ABAC Creating and transporting attributes.
CLARIN Infrastructure Vision (and some real needs) Daan Broeder CLARIN EU/NL Max-Planck Institute for Psycholinguistics.
Updates Licia Florio, TERENA REFEDS Meeting 5 Sept 2012.
Supporting Are we ready? REFEDS, Oct 2013 Ann Harding
Authentication and Authorisation for Research and Collaboration Licia Florio (GÉANT) Christos Kanellopoulos (GRNET) Service orientation.
Authentication and Authorisation for Research and Collaboration Peter Solagna Milano, AARC General meeting Current status and plans.
Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos GRNET Proposed Pilots for Libraries and eGov.
JRA1.4 Models for implementing Attribute Providers and Token Translation Services Andrea Biancini.
AAI Developments AAI for e-infrastructures UK T0 workshop, Milton Hill Park October 2015
Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos Open Day Event: Towards the European Open.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.
A uthentication & A uthorization for R esearch & C ollaboration Pilots in SA1 Paul van Dijk, SURFnet AARC.
NREN Trust and Identity Strategy Ann Harding, SWITCH Cambridge July 2014.
AAI/Federated Identity Training Ann Harding, SWITCH Cambridge July 2014.
Networks ∙ Services ∙ People Thomas Bärecke Journée Fédération, Paris Collaboration européenne GÉANT SA5 03/07/2015 SA5 T5 team
b2access.eudat.eu B2ACCESS The simple and secure authorisation and authentication platform of EUDAT This work is licensed under the Creative.
Networks ∙ Services ∙ People Marina Adomeit FIM4R meeting Virtual Organisation Platform as a Service VOPaaS Nov 30, 2015, Austria Task Leader,
Federated Identity Fundamentals Ann Harding, SWITCH Cambridge July 2014.
Authentication and Authorisation for Research and Collaboration Taipei Taiwan Authentication and Authorisation for Research and.
European Grid Initiative AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
AAI needs of the Distributed Computing Infrastructures - CLARIN Dieter Van Uytvanck Max Planck Institute for Psycholinguistics
B2access.eudat.eu B2ACCESS User Training How to register with B2ACCESS Version 1 February 2016 This work is licensed under the Creative Commons.
Authentication and Authorisation for Research and Collaboration Peter Solagna, Davide Vaghetti, et al. Topics for PY2 activities.
Networks ∙ Services ∙ People Marina Adomeit TNC16 Conference, Prague Towards a platform for supporting collaboration GÉANT VOPaaS
Networks ∙ Services ∙ People TNC 2016, Prague Alice Through the Looking Glass Science DMZ goes above the network 13 June
Authentication and Authorisation for Research and Collaboration Peter Solagna, Nicolas EGI AAI integration experiences AARC Project.
Authentication and Authorisation for Research and Collaboration AARC/CORBEL Workshop for Life Sciences AAI AARC Draft Blueprint.
Networks ∙ Services ∙ People Ann Harding Networkshop 44, Manchester Thinking globally, acting locally Trust and Identity in the GÉANT project.
Networks ∙ Services ∙ People Mandeep Saini AARC/CORBEL Workshop Collaborative Organisation Platform as a Service June 1, 2016, Paris Product.
ELIXIR AAI Michal Procházka, Mikael Linden, EGI VC 15 March 2016.
Introduction to AAI Services
The EGI AAI “CheckIn” Service
Boosting AAI for research and collaboration
ESA EO Federated Identity Management Activities
Cross-sector and user-centric AAI
EGI Updates Check-in Matthew Viljoen – EGI Foundation
AARC Update What’s been happening in AARC which matters for GÉANT
User Community Driven Development in Trust and Identity
eduTEAMS platform for collaboration Niels Van Dijk
eduTEAMS Roadmap and Timeline,
Identity Federations - Overview
Identity Management and Authorization
Géant-TrustBroker Dynamic inter-federation identity management
Christos Kanellopoulos
CheckIn: the AAI platform for EGI
AAI Alignment Nicolas Liampotis (based on the work of Mikael Linden)
Check-in Nicolas Liampotis
CLARIN Federated Identity Vision
An AAI solution for collaborations at scale
Boosting AAI for research and collaboration
Updates on Training Andrea Biancini (AARC2.AHM)2 NA2 WP leader
The AARC Project Licia Florio (GÉANT) Christos Kanellopoulos (GRNET)
The AARC Project Licia Florio AARC Coordinator GÉANT
Identity Management and Authorization
Identity Management and Authorization
GÉANT project update eduTEAMS - AAI as a Service for Collaborative organisations Introduction Status Pilots New Features – input requested InAcademia –
Policy in harmony: our best practice
ESA Single Sign On (SSO) and Federated Identity Management
Pilots in AARC Arnout Terpstra (AARC2) / Paul van Dijk (AARC1)
EduTEAMS at a Glance Mandeep Saini Linz, Austria 30 May 2017.
Pilots in AARC Arnout Terpstra (AARC2) / Paul van Dijk (AARC1)
AARC Blueprint Architecture and Pilots
AAI Architectures – current and future
Björn Erik Abt :: Paul Scherrer Institut
Community AAI with Check-In
AAI in EGI Status and Evolution
JRA1: Integrated AAI Developments
UmbrellaID in the EOSC era ?
Check-in Identity and Access Management solution that makes it easy to secure access to services and resources.
Presentation transcript:

eduTEAMS – Current status & Future Plans Christos Kanellopoulos, Ann Harding EOSCPilot WP5 AAI call July 2017

Background - Market Analysis Results Conducted Market Analysis including FIM4R paper Interview Vos include AARC findings http://www.geant.org/Projects/GEANT_Project_GN4-1/deliverables/D9-2_Market-Analysis-for-Virtual-Organisation-Platform-as-a-Service.pdf

eduTeams – Makes managing virtual teams easy A suite of services to support research collaborations Built on top of eduGAIN, takes full advantaged of federated AAI Simplify the management of group and authorization information Enables the integration users from a wide range of environment Connects users to services

Components – Service Suite approach Users choose how much of the platform they want eduTEAMS Membership Management service VO specific workflows for onboarding members Registry for VO persistent Identifier Limited set of attributes to maximise interoperability Use of eduperson entitlement to carry richer info Accessible through eduGAIN eduTEAMS Identity Hub One persistent (SAML) IdP for many ‘Guest’ Identity Providers Provides Account recovery if users change main a/c Available and accessible through eduGAIN Supports Research and Scholarship Entity Category Discovery Service Provided by CESNET

eduTEAMS ecosystem IdP SP or SP Proxy eduTEAMS Membership Management AuthN: ID + attributes SP or SP Proxy eduTEAMS Membership Management eduTEAMS Identity Hub External IdP

Components – Membership Management SPs Community Services REST AA SAML AA Comanage v.20 Membership Management Identity Hub Get persistent Identifier & VO specific groups and attributes e-Infrastructure Resources - The research community uses eduTeams to manage itself Users register on the community group(s) on eduTeams Users can access resources based on the group membership How it works? Communities set up their groups on eduTeams Users register on eduTeams via eduGAIN (or via a guest identity provider service) and are assigned to groups (many registration and group management strategies are available) Service and Infrastructure AAI proxies use eduTeams as a trusted Attribute Authority SPs Infrastructure AAI proxy SPs SPs

Components Identity Hub Implemented Committed (first Oauth case) Future, via Oauth Support REST AA SAML AA Comanage v.20 Membership Management Identity Hub SPs Community Services LOA Persistent ID Zoom in a bit on eduTEAMS Identity Hub Leverage existing patchwork of ID services Let the user choose the IdP it wants to use Persistent identity for the Servcices LOA information SPs Infrastructure AAI proxy SPs SPs

Service offerings available to pilot now. Multi-tenant Membership management, ID Hub (Discovery) Shared infra – every collab is a group Free at point of use to groups No contracts needed, no legal form required Limitations on personal data etc. Single tenant Membership management, ID Hub, Discovery Dedicated instance on a VM Greater control over data – contract needed. Could be used by an NREN to scale multi-tenant nationally Possibility on case by case basis to support interface with more complex systems Lead time TBD depending on complexity of case – HEXXA/PERUN/Grouper/Other examples

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.