Copyright Information Here Junaid Arshad 1, Wei Jie 2, Andy Turner 1 University of Leeds 1, University of Manchester 2, UK Securing.

Slides:



Advertisements
Similar presentations
Authorisation Models for National Scale Services Alan Robiette Joint Information Systems Committee
Advertisements

Open Archives Forum Workshop University of Bath, September 2003 Workshop summing up Rachel Heery UKOLN, University of Bath
Combining the strengths of UMIST and The Victoria University of Manchester Adapting to Federated Identity SHEBANGS Shibboleth Enabled Bridge to Access.
SEcurE access to GEOspatial services OGC-OGF Collaboration workshop Open Grid Forum 22 (OGF22) February, 2007 Chris Higgins (EDINA, University of Edinburgh)
Joint Information Systems Committee 01/04/2014 | slide 1 Support e-Research at JISC Access Management and Security Joint Information Systems CommitteeSupporting.
Joint Information Systems Committee Supporting Higher and Further Education Portals and the JISC Information Environment Strategy Chris Awre Programme.
13 February 2009ESDS – whats in it for librarians? Royal Statistical Society The strange case of the local data librarian - a peculiarly Edinburgh perspective!
The Economic and Social Data Service (ESDS) Kevin Schürer ESDS/UKDA ESDS Awareness Day 5 December 2003.
Karen Dennison Accessing international survey data collections via ESDS British Academy, Tuesday 14 March 2006 ESDS International.
Data management, data sharing and the activities of the UKDA Managing research data well workshop London, 30 June 2009 Manchester, 1 July 2009.
Access to Economic and Social Data via the UK Data Archive Jack Kneeshaw UKDA.
Shibbolising UK Census and ESDS services Lucy Bell Associate Director, Head of Information Systems and Preservation, UKDA 26 May 2005.
The Economic and Social Data Service (ESDS) Karen Dennison UK Data Archive Improving access to government datasets 18 January 2007.
Digital Certificate Operation in a Complex Environment Matthew J. Dovey Oxford University Computing Services.
The National Grid Service and OGSA-DAI Mike Mineter
OMII-Europe Repository Steven Newhouse Director, OMII-UK.
Next Generation Athens Services Ed Zedlewski UK e-Science Town Meeting, London, 11 April 2005.
Mapping and Visualising Census Data Keith Cole Jackie Carter Geo-data forum - 4/4/2001.
Spatial Data e-Infrastructure UK e-Science ALL HANDS MEETING September, Edinburgh, UK Higgins, C., Koutroumpas, M., Sinnott, R.O., Watt, J.,
Joint Information Systems Committee Digital Library Services BL/JISC Workshop Rachel Bruce JISC Programme Director The Digital Library and its Services,
Enabling UCTrust Access for Your Application Introduction to The UC CSC Conference UC Santa Barbara, July 21-22, 2008.
Building and using REST information services Rion Dooley.
Joint Information Systems Committee 25/08/2014 | slide 1 JISC Core Middleware Programme Meeting Middleware in Development Joint Information Systems CommitteeSupporting.
Introduction to Shibboleth and the IAMSECT Project.
The e-Research framework for South Africa developed by Fernihough (2011), after in depth interviews with various.
The VOMS Attribute Authority and its relation with Shibboleth Presenter: Vincenzo Ciaschini 8 th TF-EMC2 Meeting Firenze, March 2007.
Holding slide prior to starting show. Supporting Collaborative Working of Construction Industry Consortia via the Grid - P. Burnap, L. Joita, J.S. Pahwa,
Copyright JNT Association 20051Optional Copyright JNT Association Joining the UK Access Management Federation 4th April.
EDINA 20 th March 2008 EDINA Geo/Grid - Security Prof. Richard O. Sinnott Technical Director, National e-Science Centre University of Glasgow, Scotland.
MoSeS meets NEC 10 th March 2008 MoSeSMoSeS Andy Turner
SEE-GEO Meeting 20 th March 2008 NCeSS e-Infrastructure for the Social Sciences Project: Security and Geospatial Services Andy Turner
CSC – Tieteen tietotekniikan keskus Oy CSC – IT Center for Science Ltd. The Language Bank of Finland User Authentication and Authorization Service
03 December 2003 Digital Certificate Operation in a Complex Environment Consultation/Stakeholders Meeting 3 December 2003.
Turkey IDA Info-Day PM Session, September 25, 2003 CIRCA 1 CIRCA : The IDA Collaborative Software Tool Grzegorz Ambroziewicz European Commission - DG Enterprise.
Interoperability ERRA System.
PERSEU S : Portal-enabled Resources via Shibbolized End-user Security 3 May 05Spring 2005 Internet2 Member meeting 1 News from the ‘misty’ Albion: Shibboleth.
Security Middleware and VOMS service status Andrew McNab Grid Security Research Fellow University of Manchester.
1 Copyright © 2004, Oracle. All rights reserved. Introduction to Oracle Forms Developer and Oracle Forms Services.
Web-based Virtual Research Environments (VRE): Supporting Collaboration in e-Science Xiaobo Yang, Rob Allan CCLRC e-Science Centre Daresbury Laboratory,
11/16/2012ISC329 Isabelle Bichindaritz1 Web Database Application Development.
Copyright JNT Association 2005Copyright JNT Association An Introduction to Access Management and the UK Federation Simon Cooper.
Shibboleth and Grids Oxford Internet Institute, Oxford e-Science Centre and e-Horizons Institute Mark Norman 10 May 2006.
23:48:11Service Oriented Cyberinfrastructure Lab, Grid Portals Fugang Wang April 29
2005 © SWITCH Perspectives of Integrating AAI with Grid in EGEE-2 Christoph Witzig Amsterdam, October 17, 2005.
ShibGrid: Shibboleth access to the UK National Grid Service University of Oxford and STFC.
OGC/Grid activities in UK Chris Higgins (EDINA), Phil James (Uni of Newcastle), Andrew Woolf (CCLRC)
Portal-based Access to Advanced Security Infrastructures John Watt UK e-Science All Hands Meeting September 11 th 2008.
MAT U M A T U Middleware Assisted Take-Up Service For JISC Funded Early Adopters.
NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.
OGF22 25 th February 2008 OGF22 Demo Slides Prof. Richard O. Sinnott Technical Director, National e-Science Centre University of Glasgow, Scotland
State of e-Authentication in Higher Education August 20, 2004.
Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.
EGEE User Forum Data Management session Development of gLite Web Service Based Security Components for the ATLAS Metadata Interface Thomas Doherty GridPP.
Cole David Ronnie Julio. Introduction Globus is A community of users and developers who collaborate on the use and development of open source software,
Authorisation Jens Jensen, Phil Kershaw (STFC) et al. contrail is co-funded by the EC 7th Framework Programme under Grant Agreement nr contrail-project.eu.
Shibboleth & Grid Integration STFC and University of Oxford (and University of Manchester)
SEcurE access to GEOspatial services OGC-OGF Collaboration workshop Open Grid Forum 21 (OGF21) October, 2007 Chris Higgins (EDINA, University of Edinburgh)
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.
OGC/OGF usage in UK e-Social Science OGF 21, Seattle, USA Paul Townend School of Computing, University of Leeds.
Shibboleth for Middle Schools James Burger -
1 Identities and Federation: The Next IT Wave (The Canadian Access Federation) Rick Bunt President The Canadian University Council of CIOs (CUCCIO)
Shibboleth Use at the National e-Science Centre Hub Glasgow at collaborating institutions in the Shibboleth federation depending.
REST API to develop application for mobile devices Mario Torrisi Dipartimento di Fisica e Astronomia – Università degli Studi.
Oct 2005 Implementing Shibboleth at a UK National Academic Data Centre (MIMAS) Ross MacIntyre MIMAS Service Manager The University of Manchester
Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.
Grid Services for Digital Archive Tao-Sheng Chen Academia Sinica Computing Centre
Web and mobile access to digital repositories Mario Torrisi National Institute of Nuclear Physics – Division of
Portlet Development Konrad Rokicki (SAIC) Manav Kher (SemanticBits) Joshua Phillips (SemanticBits) Arch/VCDE F2F November 28, 2008.
Web Portal Project.
UK Federation 101 Ian A. Young EDINA, University of Edinburgh (and the UK Federation) Internet2 Fall Member Meeting, 7 Dec Shibboleth Development.
Presentation transcript:

Copyright Information Here Junaid Arshad 1, Wei Jie 2, Andy Turner 1 University of Leeds 1, University of Manchester 2, UK Securing Confidential e-Social Science Resources using Guanxi Shibboleth: A Geo-Linking Service example Acknowledgements The Census Tool Key requirements: Secure Data, User Friendly The Census Tool is based on Geo-linking technology developed during the Open Geospatial Consortium Geolinking Interoperability Experiment 8 as a collaboration of the SEE-GEO project 9 involving MoSeS 10, Edina 11 and Mimas 12. Edina and Mimas provided services for serving out data to be linked. The Geo-Linking Service (GLS) negotiated with these to provide data to a user as requested. The GLS comprises a client and server, the client (developed by MoSeS) provides a basic user interface and is implemented using Restlet 13 as a JSR-168 standard 4 compliant portlet. The server (developed by Edina) handles all the negotiations between the client and data servers and formats and provides the data as requested to the user via the client.. Overall GLS architecture GLS Client Snapshot Sakai provides a one-stop user-friendly environment to get users authenticated and grant them access to resources. To ensure data is kept secure, a custom shibboleth based solution was developed. This solution is deployed as a proxy servlet in tomcat and is agnostic of the Sakai technology. It facilitates fine grained access control based on the attributes supplied by Shibboleth. GSK PortalSakai GuardEngine GX IdP User authentication Attributes retrieval Attributes forwarding Sakai Portal FilterUserDirectoryProvider SakaiUserDirectoryProvider Shib user Sakai user Guanxi GSK Sakai access control GuanxiUserDirectoryProvider Census Tool Pluto portlet container GSK Pod … Pod Manager Sakai System Access request UDP chaining Grant or deny access User info retrieval User attribute retrieval User attributes & Census attributes Sakai user, role, etc Access control Authorization engine Role Management We use Guanxi Shibboleth Kit with our custom proxy servlet to provide fine grained access control Overall System Architecture This work was funded by: The UK Economic and Social Research Council (ESRC) under the NCeSS e- Infrastructure for the Social Sciences Project (RES ) The UK Joint Information Systems Committee (JISC) under the OGC Grid Collision Programme ( Introduction The Security Framework Census Tool Proxy AuthZ Servlet References The National Centre for e-Social Science (NCeSS) e-Infrastructure for the Social Sciences Project 1 is developing e-infrastructure to provide integrated and secure access to a variety of social science resources (datasets, tools and services). For this, an instance of the portal based user environment Sakai is being used as the main interface to and framework for the resources being developed by NCeSS. This NCeSS Sakai Portal 2 instance is supported by an administrator that is also a Sakai 3 software developer. Various resources hosted in the portal require sophisticated security mechanisms governed by their distinctive security requirements. One such resource is called the Census Tool. Essentially, it provides a web interface to link data about the human population of the UK from the 2001 census 5. Some of these data are not publicly available and users have to subscribe to licenses and agreements before they are allowed access to them. There is a general license covering most of the data and specific terms and conditions of use for various datasets. For a user to get access to the data they must be eligible and agree to the terms on conditions of its use. In this way, the data are regarded as confidential. To secure the Census Tool, Guanxi Shibboleth 6 was used to facilitate federated access to the resource along with a customized solution for providing fine grained access control using attributes provided by Shibboleth 7. This provides a user-friendly and generic solution for security, a security infrastructure, that can be used to secure other resources. [1] Daw, M., et al. (2007) Developing an e-Infrastructure for Social Science. Paper presented at The third International Conference on e-Social Science. [2] NCeSS Sakai Portal [3] The Sakai Project. [4] Java Portlet Specification [5] 2001 Census [6] Guanxi, [7] Shibboleth Project, [8] Geolinking Interoperability Experiment [9] SEE-GEO Project, [10] MoSeS Project [11] EDINA [12] MIMAS [13] Restlet

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.