UmbrellaID in the EOSC era ?

Slides:

Advertisements

Similar presentations

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

Advertisements

Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI TF, AAI workshop 19 Sep 2012.

Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.

Authentication and Authorisation for Research and Collaboration Licia Florio (GÉANT) Christos Kanellopoulos (GRNET) Service orientation.

This document produced by Members of the Helix Nebula Partners and Consortium is licensed under a Creative Commons Attribution 3.0 Unported License. Permissions.

Authentication and Authorisation for Research and Collaboration Peter Solagna Milano, AARC General meeting Current status and plans.

Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos GRNET Proposed Pilots for Libraries and eGov.

JRA1.4 Models for implementing Attribute Providers and Token Translation Services Andrea Biancini.

EUDAT receives funding from the European Union's Horizon 2020 programme - DG CONNECT e-Infrastructures. Contract No B2ACCESS LSDMA.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.

Networks ∙ Services ∙ People Thomas Bärecke Journée Fédération, Paris Collaboration européenne GÉANT SA5 03/07/2015 SA5 T5 team

3rd Helix Nebula Workshop on Interoperability among e-Infrastructures and Commercial Clouds Carmela ASERO, EGI.eu 17 September 2013, Madrid

EGI-InSPIRE RI EGI-InSPIRE RI EGI-InSPIRE Software provisioning and HTC Solution Peter Solagna Senior Operations Manager.

Security in the wider world David Kelsey (STFC-RAL) GridPP37 – Ambleside 2 Sep 2016.

SCI & Sirtfi David Kelsey (STFC-RAL) EGI Conference, Lisbon 19 May 2015.

Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014.

Information Security Management Goes Global

Introduction to AAI Services

CALIPSOplus JRA2 Kickoff: Task 6 – Authentication + Identity

Status Umbrella ID Mirjam van Daalen.

WLCG Update Hannah Short, CERN Computer Security.

AENEAS WP6 first conference call

David Kelsey STFC-RAL 4th WISE workshop, Nikhef 27 March 2017

Boosting AAI for research and collaboration

Services for EOSC management

RCauth.eu CILogon-like service in EGI and the EOSC

Umbrella ID Status Mirjam van Daalen.

EGI Updates Check-in Matthew Viljoen – EGI Foundation

AARC Update What’s been happening in AARC which matters for GÉANT

User Community Driven Development in Trust and Identity

Defining EOSC Rules of Engagement Damien Lecarpentier (CSC)

eduTEAMS platform for collaboration Niels Van Dijk

eduTEAMS – Current status & Future Plans

AAI Alignment Nicolas Liampotis (based on the work of Mikael Linden)

Federated Identity Management for Researchers (FIM4R)

Check-in Nicolas Liampotis

Mirjam van Daalen:: Paul Scherrer Institut

Wrap-up & discussion EOSC Governance Development Forum workshop:

EGI-Engage Engaging the EGI Community towards an Open Science Commons

An AAI solution for collaborations at scale

Boosting AAI for research and collaboration

Updates on Training Andrea Biancini (AARC2.AHM)2 NA2 WP leader

The AARC Project Licia Florio (GÉANT) Christos Kanellopoulos (GRNET)

The AARC Project Licia Florio AARC Coordinator GÉANT

Identity Management and Authorization

GÉANT project update eduTEAMS - AAI as a Service for Collaborative organisations Introduction Status Pilots New Features – input requested InAcademia –

ASSTAR Project Overview & User Forum Objectives

Sustainability and Operational models

Presentation to TRAN Committee

Thursday pilot session: 7-minutes

EOSC Governance Development Forum

Policy and Best Practice … in practice

EOSC services architecture

Pilots in AARC Arnout Terpstra (AARC2) / Paul van Dijk (AARC1)

AARC Blueprint Architecture and Pilots

Common Authentication and Authorisation Service for Life Science Research Mikael Linden, ELIXIR Finland.

OIDC Federation for Infrastructures

RCauth.eu CILogon-like service in EGI and the EOSC

Pre-OMB meeting Preparation for the Workshop “EGI towards H2020”

Community AAI with Check-In

Brian Matthews STFC EOSCpilot Brian Matthews STFC

Service Management Board + Service Provider Forum

WP6 – EOSC integration J-F. Perrin (ILL) 15th Jan 2019

Stakeholders R. Dimper 15 January 2019

Authentication and Authorisation for Research and Collaboration

Federated Incident Response

EOSC-hub Contribution to the EOSC WGs

Check-in Identity and Access Management solution that makes it easy to secure access to services and resources.

Umbrella ID Federated Identity for PaN facilities

Common Authentication and Authorisation Service for Life Science Research Mikael Linden, ELIXIR Finland.

Presentation transcript:

UmbrellaID in the EOSC era ? 23rd May 2018 - UmbrellaiD Grenoble meeting J-F. Perrin

EOSC ? Integration of RIs Data / Services Data Catalogues Data Analyses Services (Web remote desktop based, Notebook based) Simulation Services AAI … and e-Infra support services. Compute capacity Data movements Integration at the scale of EOSC Service catalogue and management standards (FitSM) 23rd May 2018 - UmbrellaiD Grenoble meeting J-F. Perrin

AAI a changing landscape 1) SIRTFI : Currently impossible to get access to some services if your IdP is not compliant with Sirtfi framework . (e.g CERN) 23rd May 2018 - UmbrellaiD Grenoble meeting J-F. Perrin

Sirtfi compliance ? https://refeds.org/wp- content/uploads/2016/01/Sirtfi-1.0.pdf [OS3] Mechanisms are deployed to detect possible intrusions and protect information systems from significant and immediate threats [OS6] A security incident response capability exists [IR4] Follow security incident response procedures established for the organisation. … 23rd May 2018 - UmbrellaiD Grenoble meeting J-F. Perrin

AAI a changing landscape 2) Personal Data protection – GDPR Imposes Security Best practises Capability to inform users in case of security breach “UMBRELLA cannot be held liable for the security of data transmitted on the internet. All liability for indirect damage or damage caused by auxiliary persons of UMBRELLA is excluded.” Are we certain? 3) Technologies : From SAML to OAuth 2.0/OpenID Connect to … WebAuthn/CTAP 4 ) EOSC AAI AARC2 proxy model (1 more proxy in the chain ?) 23rd May 2018 - UmbrellaiD Grenoble meeting J-F. Perrin

Free ? In order to work out an Umbrella development and target plan between the different facilities we need the following information: 1. Please send us a list (similar to the example of PSI) with the developments with respect to Umbrella you are planning at your facility, helping us to define a target plan for Umbrella until mid November 2017. 2. If you have other ideas on new planned services with Umbrella please add them to your list. 3. What could your facilities contribute for the Umbrella collaboration, e.g. chair of TT or SC, technical development or else… 4. Please suggest candidates for new chairs of SC and TT of Umbrella Collaboration. 23rd May 2018 - UmbrellaiD Grenoble meeting J-F. Perrin

E-Infras are developing their services EUDAT B2ACCESS EGI – Check-in As a service: AAI catch-all instance Dedicated instance GÉANT – EduTeams Basic service Advanced service (per community contract and cost) All based on the AARC2 blueprints Should be interoperable and transparent for users 23rd May 2018 - UmbrellaiD Grenoble meeting J-F. Perrin

WP6 PaNOSC – collab with GÉANT Ensure the secure integration of the PaNOSC services in the EOSC Study the feasibility, potential impacts and sustainability of the possible models for integrating the Photon and Neutron AAI with EOSC. Present, discuss and reach agreement inside the Photon and Neutron facility community at large (the PaNOSC partners and other members of the AAI consortium) on the integration of the PaNOSC AAI infrastructure, delivered with GÉANT, into EOSC. Implement this integration at the level of the Identity providers (IdP). Provide solution and documentation for the integration into the different services that PaNOSC is providing. 23rd May 2018 - UmbrellaiD Grenoble meeting J-F. Perrin

How do we want to integrate the PaN Services with EOSC How do we want to integrate the PaN Services with EOSC ? What future do we want for UmbrellaId ? 23rd May 2018 - UmbrellaiD Grenoble meeting J-F. Perrin