Federated Identity Management for Scientific Collaborations

Slides:



Advertisements
Similar presentations
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Advertisements

Federated Identity Management for Researchers – A quick overview from GÉANT BoF TNC May 2014 Dublin.
JISC Metaleth Project Athens, Shibboleth and the University of Bristol 29 th January 2007.
Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI TF, AAI workshop 19 Sep 2012.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
FIM-ig Federated Identity Management Interest Group.
Trust and Security for FIM (Sirtfi/SCI) David Kelsey (STFC-RAL) FIM4R at CERN 4 Feb 2015.
BoF: Federated Identity Management for Researchers David Kelsey (STFC-RAL) TNC2014, Dublin 20 May 2014.
Authentication and Authorization in a federated environment Jules Wolfrat (SARA)
Innovation through participation Interfederation through eduGAIN - steps and challenges eduGAIN interfederation service Federated Identity Systems.
AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.
Climate Sciences: Use Case and Vision Summary Philip Kershaw CEDA, RAL Space, STFC.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
Connect communicate collaborate GÉANT3plus Enabling Users Pilots Lukas Hämmerle Task Leader "Enabling Users"
Authentication and Authorisation for Research and Collaboration Licia Florio (GÉANT) Christos Kanellopoulos (GRNET) Service orientation.
Name Position Organisation Date. What is data integration? Dataset A Dataset B Integrated dataset Education data + EMPLOYMENT data = understanding education.
7 th FIM 4 R meeting April 2014 ESRIN Frascati.
EResearchers Requirements the IGTF model of interoperable global trust and with a view towards FIM4R AAI Workshop Presenter: David Groep, Nikhef.
Federated Identity Management for Research Collaborations Bob Jones, CERN Daan Broeder, Max-Planck Institute for Psycholinguistics David Kelsey, Particle.
Authentication and Authorisation for Research and Collaboration Licia Florio REFEDS Meeting The AARC Project I2 Technology Exchange.
Authentication and Authorisation for Research and Collaboration Licia Florio AARC Workshop The AARC Project Brussels, 26 October.
Authentication and Authorisation for Research and Collaboration David Kelsey AARC AHM Milan And mechanisms NA3 Task 4 – Scalable.
A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) 1 st WISE, Barcelona 20 Oct 2015.
A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) WLCG GDB, CERN 10 Jul 2013.
Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.
Jacques Bus Head of Unit, DG INFSO-F5 “Security” European Commission FP7 launch in the New Member States Regional on-line conference 22 January 2007 Objective.
Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos Open Day Event: Towards the European Open.
E-Science Security Roadmap Grid Security Task Force From original presentation by Howard Chivers, University of York Brief content:  Seek feedback on.
Federated Identity Management for Scientific Collaborations The Common Vision David Kelsey (STFC) 3 Nov 2011.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.
Networks ∙ Services ∙ People Nicole Harris UK federation meeting eduGAIN, REFEDS and the UK 23 June 2015 Project Development Officer GÉANT.
Research Community Requirements Ann Harding, SWITCH Cambridge July 2014.
David Groep Nikhef Amsterdam PDP & Grid AARC Authentication and Authorisation for Research and Collaboration an impression of the road ahead.
Federated Identity Management for Research Communities: FIM4R PSI workshop objectives Bob Jones, CERN.
Networks ∙ Services ∙ People Licia Florio TNC, Lisbon Consuming identities across e- Infrastructures 16 June 2015 PDO GÈANT.
Designing Identity Federation Policy, the right way Marina Vermezović, Academic Network of Serbia TNC2013 conference 4 May 2013.
Authentication and Authorisation for Research and Collaboration AARC/CORBEL Workshop for Life Sciences AAI AARC Draft Blueprint.
Research Community Requirements (FIM4R) David Kelsey (STFC-RAL) VAMP Workshop 6 Sep 2012.
SCI & Sirtfi David Kelsey (STFC-RAL) EGI Conference, Lisbon 19 May 2015.
Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014.
Introduction to AAI Services
WLCG Update Hannah Short, CERN Computer Security.
WISE 2016 WISE: a global trust community where security experts share information and work together, creating collaboration among different e- infrastructures.
David Kelsey STFC-RAL 4th WISE workshop, Nikhef 27 March 2017
Boosting AAI for research and collaboration
Authentication and Authorisation for Research and Collaboration
The Policy Puzzle Many groups and (proposed) policies, but leaving many open issues AARC “NA3” is tackling a sub-set of these “Levels of Assurance” –
AARC Update What’s been happening in AARC which matters for GÉANT
User Community Driven Development in Trust and Identity
Identity Management and Authorization
David Kelsey STFC-RAL 2nd WISE workshop, XSEDE16, Miami 18 July 2016
Federated Identity Management for Researchers (FIM4R)
EGI Security Policy Update
CLARIN Federated Identity Vision
Boosting AAI for research and collaboration
The AARC Project Licia Florio (GÉANT) Christos Kanellopoulos (GRNET)
The AARC Project Licia Florio AARC Coordinator GÉANT
Identity Management and Authorization
Frameworks for harmonized policies and practices
Policy in harmony: our best practice
AAI For Researchers Licia Florio AARC Project Coordinator GÉANT DI4R
Updated (VO) Community Security Policies
AARC Blueprint Architecture and Pilots
Supporting communities with harmonized policy
EUGridPMA Status and Current Trends and some IGTF topics March 2018 APGridPMA ISGC Meeting David Groep, Nikhef & EUGridPMA.
AAI Architectures – current and future
David Kelsey (STFC-RAL)
Appropriate Access InCommon Identity Assurance Profiles
FIM4R Requirements where GN3+ (SA5) is Active and Involved (9/2013)
Federated Incident Response
Presentation transcript:

Federated Identity Management for Scientific Collaborations The Common Vision David Kelsey (STFC) 3 Nov 2011

The Vision A common policy and trust framework for Identity Management based on existing structures and federations This needs to support Multiple technologies with translators including dynamic issue of credentials Implementations to be standards based and sustainable Different Levels of Assurance with provenance Authorisation under community and/or facility control Browser & Non-browser federated access Well defined semantically harmonised attributes Privacy and Confidentiality 2 Nov 2011

The Vision (2) Needs to support (continued) Flexible IdP attribute release policy Privacy and Data Protection to be addressed Community-wide individual identity Attributes must be able to cross national borders Attribute aggregation for Authorisation community-based Attribute Authority Easy integration with local SP environment 2 Nov 2011

Vision (3) Operational issues need to be addressed Risk Analysis Traceability Security Incident Response User Friendliness Reliability and Resilience 2 Nov 2011

Vision (4) Legal, Policy and Trust issues Contracts or SLAs between communities and federations Need to define standards of Trust (e.g. IGTF) We need an agreed funding model With related governance 2 Nov 2011

Next Steps

Next Steps All material should be uploaded the website Produce a written summary of the workshop Write-up the common vision as a joint paper with recommendations 3rd workshop is scheduled for 26th Feb 2012 in conjunction with ISGC2012 (Taipei) to do engagement with Asian colleagues. 2 Nov 2011

Endorse the common vision Write-up these slides as a vision paper authored by the architects from all the user communities Include in the paper a series of recommendations that will simplify the deployment of the use cases These should be few in number and precise (i.e. what to do and who do we want to do it) Each user community should discuss the paper’s contents internally and get it endorse the contents in time for the next workshop 2 Nov 2011

Future workshops After Taipei we would need hosts for further workshops June 2012 November 2012 2 Nov 2011