Multi-Domain User Applications Research (JRA3)

Slides:

Advertisements

Similar presentations

Innovation through participation eduGAIN as a service (T3) in Multi-Domain User Applications (SA3) Valter Nordh, NORDUnet / GU NORDUnet conference, Köpenhamn,

Advertisements

Federated Identity Management for Researchers – A quick overview from GÉANT BoF TNC May 2014 Dublin.

Licia Florio EUNIS05, Manchester 1 Eduroam EUNIS Conference, June Licia Florio.

Connect. Communicate. Collaborate WI5 – tools implementation Stephan Kraft October 2007, Sevilla.

EuroCAMP Ljubljana, 3-5 March 2006 TERENA Server Certificate Service Towards the large-scale use of affordable popup-free server certificates for the European.

17 th TF-EMC2. Lyon, February 2011 On the Many Ways to Identity Exchange D i g i t a l i d e n t i t i e s a r e m o r e v a l u a b l e a s t h e y a.

TF-EMC2 February 2006, Zagreb Deploying Authorization Mechanisms for Federated Services in the EDUROAM Architecture (DAME) -Technical Project Proposal-

Connect. Communicate. Collaborate The eduGAIN Way Diego R. Lopez - RedIRIS.

Connect. Communicate. Collaborate GÉANT2 JRA1 & perfSONAR Loukik Kudarimoti, DANTE 28 th May, 2006 RNP Workshop, Curitiba.

Developments and challenges in authentication and authorisation Klaas Wierenga Berlin, 23 May 2006.

AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

High-quality Internet for higher education and research AAI from the NREN perspective Schiphol, October 17, 2005

Authentication and Authorisation for Research and Collaboration Licia Florio (GÉANT) Christos Kanellopoulos (GRNET) Service orientation.

Connect. Communicate. Collaborate eduGAIN in Real Life! Ajay Daryanani, RedIRIS TERENA Networking Conference Brugge, 20th May 2008.

Connect. Communicate. Collaborate Federation Interoperability Made Possible By Design: eduGAIN Diego R. Lopez (RedIRIS)

Authentication and Authorisation for Research and Collaboration Pilots on the Integrated R&E AAI Paul van Dijk, Activity Lead Pilots.

Connect communicate collaborate The GEMBus Way Delivering the Promise of the Internet of Services Diego R. Lopez, RedIRIS.

Connect. Communicate. Collaborate The authN and authR infrastructure of perfSONAR MDM Ann Arbor, MI, September 2008.

Connect. Communicate. Collaborate AAI scenario: How AutoBAHN system will use the eduGAIN federation for Authentication and Authorization Simon Muyal,

Authentication and Authorisation for Research and Collaboration Licia Florio REFEDS Meeting The AARC Project I2 Technology Exchange.

Authentication and Authorisation for Research and Collaboration Licia Florio AARC Workshop The AARC Project Brussels, 26 October.

Authentication and Authorisation for Research and Collaboration Peter Solagna Milano, AARC General meeting Report and plans Attribute.

© 2006 Open Grid Forum Network Monitoring and Usage Introduction to OGF Standards.

January 16 GGF14 NMWG Chicago (June 05) Jeff Boote – Internet2 Eric Boyd - Internet2.

Diego R. Lopez, RedIRIS JRES2005, Marseille On eduGAIN and the Coming GÉANT Middleware Infrastructure.

Image © Viatour Luc ( Project Moonshot TNC 2010 Vilnius, 1 June 2010 Josh Howlett, JANET(UK)

Internet2 End-to-End Performance Initiative Eric L. Boyd Director of Performance Architecture and Technologies Internet2.

Connect. Communicate. Collaborate Deploying Authorization Mechanisms for Federated Services in the eduroam architecture (DAMe)* Antonio F. Gómez-Skarmeta.

Community PKIs Initiatives Updates TF-EMC2 Meeting Loughborough, UK 6-7 May, 2009 Licia Florio, TERENA

PerfSONAR WG 2006 Spring Member Meeting Jeff W. Boote 24 April 2006.

Innovation through participation eduGAIN update TF-EMC2 Vienna Valter Nordh, NORDUnet / GU Josh Howlett, JANET.

DICE: Authorizing Dynamic Networks for VOs Jeff W. Boote Senior Network Software Engineer, Internet2 Cándido Rodríguez Montes RedIRIS TNC2009 Malaga, Spain.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.

Connect communicate collaborate Trust & Identity EC meets GÉANT 19 June 2014 Brussels Valter Nordh, NORDUnet Federation as a Service Task Leader Trust.

University of Murcia Gabriel López.  Network authentication in eduroam and SSO token distribution ◦ RADIUS hierarchy ◦ Token based on SAML  Network.

Networks ∙ Services ∙ People Marina Adomeit FIM4R meeting Virtual Organisation Platform as a Service VOPaaS Nov 30, 2015, Austria Task Leader,

Networks ∙ Services ∙ People Ann Harding eduGAIN Town Hall eduGAIN in the GÉANT Project Activity Leader GÉANT Trust and Identity.

Authentication and Authorisation for Research and Collaboration Licia Florio REFEDS Meeting AARC and AARC2 Vienna, 1 st December.

Licia Florio Poznan, 5 June SCS Proposal Investigates the possibility to set up a service that offers popup-free cheap server-certificates against.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI-InSPIRE PY5 new activities Peter Solagna – EGI.eu.

Connect. Communicate. Collaborate Applying eduGAIN to network operations The perfSONAR case Diego R. Lopez (RedIRIS) Maurizio Molina (DANTE)

Networks ∙ Services ∙ People Licia Florio TNC, Lisbon Consuming identities across e- Infrastructures 16 June 2015 PDO GÈANT.

Networks ∙ Services ∙ People Marina Adomeit TNC16 Conference, Prague Towards a platform for supporting collaboration GÉANT VOPaaS

1 Network Measurement Challenges LHC E2E Network Research Meeting October 25 th 2006 Joe Metzger Version 1.1.

Status of perfSONAR Tools Jason Zurawski April 23, 2007 Spring Member Meeting.

Authentication and Authorisation for Research and Collaboration Licia Florio IGTF Meeting The AARC Project Amsterdam, 8 September.

perfSONAR WG Meeting (06FMM)

CALIPSOplus JRA2 Kickoff: Task 6 – Authentication + Identity

Applying eduGAIN to network operations The perfSONAR case

Internet2 End-to-End Performance Initiative

Campus IdP Status and plans GARR Mario Reale

AARC Update What’s been happening in AARC which matters for GÉANT

eduTEAMS platform for collaboration Niels Van Dijk

eduTEAMS – Current status & Future Plans

First steps in federation peering: eduGAIN and eduroam

Géant-TrustBroker Dynamic inter-federation identity management

The GEMBus Architecture and Core Components

EMI Interoperability Activities

GÉANT Multi-Domain Bandwidth-on-Demand Service

Robert Szuman – Poznań Supercomputing and Networking Center, Poland

CLARIN Federated Identity Vision

PerfSONAR: Development Status

Neil Witheridge’s slides

An AAI solution for collaborations at scale

ESA Single Sign On (SSO) and Federated Identity Management

The DAMe’s First Steps: eduroam and NAS-SAML

AAI Architectures – current and future

It Is All about Identity (Whatever the Sphere)

GN2 JRA5 Roaming and Authorisation Jürgen Rauschenbach, DFN-Verein

Presentation transcript:

Multi-Domain User Applications Research (JRA3) Licia Florio, TERENA TF-EMC2, Rome

JRA3 Figures 16 NRENs Tot manpower: 50 man-year; 3 Tasks; AL TERENA RESTENA RedIRIS TLs UNINETT Team CARNet, CESNET, GRNET, DFN, PIONIER, SURFnet, JANET, NIIFI, SWITCH, ARNES, BREN

JRA3: Multi-Domain User Application Research Expand the federated framework Provide seamless access to (multi-domain) services GÉANT Network eduroam eduGAIN GÉANT Services Roaming Task Identity Federations Task GEMBus Task JRA3 - - SSO Roaming ESB Ipsphere SAML Others Technologies Other services New APIs New prototypes New pilot services New protocol’s extensions JRA3 Output Services’ Requirements JRA3 aims to expand the federated model and develop a framework to provide seamless access to (multi-domain) services to support collaborating communities.

Roaming Task Leader: Stefan Winter Aim: Identify needs of eduroam service Streamline user authentication process; Experiment with SSO features; Standardise developed features; Done so far: RadSec standardisation work in IETF Results available in the first deliverable CUI: implementation available for Radiator Standard evaluation: IEEE 802.1x revision

GEMBUS Leader: Diego Lopez Aim: Define, discover, access, and combine network services From the infrastructure up to application elements Federated, multi-domain ESB Able to integrate any service within the GÉANT infrastructure Done so far: Deliverable containing use-cases produced Initial discussion has started on what concerns the interfaces to support.

Building by Composition Standard interfaces and support for policy agreements Service Components  AutoBAHN DM  perfSONAR MA  eduGAIN AuthN  … Composite Services  e-science workflow  AA performance  eduGAINized repositories Service Frameworks  Other NRENs  Governmental  Commercial Compositional procedures and orchestration GÉBus CLARIN APAN I2 ESNet IPSphere OGSA Telcos Canarie AutoBHAN eduGAIN Grid Interface descriptions

Identity Federation Leader: Andreas Solberg Aim: Solving the current challenges in the deployment of Identity Management Systems; Exploring next generation Identity Management Systems Technologies Work Items: User Centric Identity Virtual Organizations Beyond Web Federation Lab Metadata Distribution Federation Harmonization

Identity Federation Done so far: Harmonisation: Discussion with Internet2 on the Interoperable SAML 2.0 Web Browser SSO Deployment Profile User centric: proposal on how to build a federation entirely upon OpenID circulated by Andreas Metadata distribution: proof of concept of a metadata aggregator setup and tested by several participants SimpleSAMLphp Aggregator, using in Kalmar Leif's Aggregator VO: SWITCH work to integrate existing Group Management Tool (GMT) with an Attribute Authority using the SAML 2.0 Attribute Query Data Access API. SimpleSAMLphp implemented a SAML 2.0 Attribute Query library to be used in future proof of concept implementations of both VO Clients and VO Platform.