Multi-tenant Resource Management for Instruments, Applications, and Services (The evolution of infrastructure consortiums…) Dean Flanders FMI / SystemsX.

Slides:



Advertisements
Similar presentations
Office 365 Identity June 2013 Microsoft Office365 4/2/2017
Advertisements

Agenda AD to Windows Azure AD Sync Options Federation Architecture
System Center 2012 R2 Overview
Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.
What is Cloud Computing? o Cloud computing:- is a style of computing in which dynamically scalable and often virtualized resources are provided as a service.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
© 2014 IBM Corporation 15 minutes about IBM Bluemix Karim Abousedera, Bluemix Subject-Matter Expert
SaaS, PaaS & TaaS By: Raza Usmani
MICROSOFT CONFIDENTIAL Sept 2009 | Page 1 | BDM Presentation.
Cloud computing Tahani aljehani.
Private Cloud: Application Transformation Business Priorities Presentation.
Cloud Attributes Business Challenges Influence Your IT Solutions Business to IT Conversation Microsoft is Changing too Supporting System Center In House.
Empower Enterprise Mobility Jasbir Gill Azure Mobility.
Windows Azure Networking & Active Directory Nasir (Muhammad Nasiruddin) Developer Evangelist - Azure Microsoft Corporation
Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.
Identity and Access Management Business Ready Security Solutions.
Overview of Access and Information Protection
.. Skytap Better Software Faster Visual Studio Industry Partner Skytap NEXT STEPS Contact us at: Insert your company description here.
VS Anywhere. Visual Studio Industry Partner VS Anywhere NEXT STEPS Contact us at: Websitehttps://vsanywhere.com Blog- Facebook.
Preparing your Fabric & Apps for Windows Server 2003 End of Support Jeff Woolsey Principal Program Manager.
Lets agree that an Optimized Data Center is not yet a Cloud +=
Windows Azure Conference 2014 Windows Azure AD – All about WAAD & integration with on- premises AD.
…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.
The I-Trust Federation: Federating the University of Illinois Keith Wessel Identity Management Service Manager University of Illinois at Urbana-Champaign.
Solutions Road Show – 13 December 2013 | India Alok Agrawal Practice Lead – UC & C Communication and Collaboration.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Paul Andrew. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.
Alessandro Cardoso Microsoft MVP | Readify National Manager |
AUTOMATING DAAS DESKTOPS WITH CITRIX CORTEX Tony Sanchez WW Alliances Solutions Architecture Citrix Systems Inc SESSION CODE: CLI415 (c) 2011 Microsoft.
Access and Information Protection Product Overview Andrew McMurray Technical Evangelist – Windows
IBM Bluemix Ecosystem Development Hands on Workshop Section 1 - Overview.
Access resources in a federation partner organization.
University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.
3/12/2013Computer Engg, IIT(BHU)1 CLOUD COMPUTING-1.
User and Device Management
Mark Gilbert Microsoft Corporation Services Taxonomy Building Block Services Attached Services Finished Services.
Identities and Azure AD Premium
Chris Louloudakis Solution Specialist Identity & Access Management Microsoft Corporation SVR302.
Slavko Kukrika MVP Connect Windows 10 to the Cloud – Cloud Join.
Why EMS? What benefit does EMS provide O365 customers Manage Mobile Productivity Increase IT ProductivitySimplify app delivery and deployment LOB Apps.
Agenda  Microsoft Directory Synchronization Tool  Active Directory Federation Server  ADFS Proxy  Hybrid Features – LAB.
Cloud, big data, and mobility Your phone today probably meets the minimum requirements to run Windows Server 2003 Transformational change up.
Going Hybrid – part 2 Moving to Hybrid Cloud with Windows Azure Virtual Machines & System Center 2012 R2.
The Four Pillars of Identity: A Solution for Online Success Tom Shinder Principle Writer and Knowledge Engineer, SCD iX Solutions Group Microsoft Corporation.
WINDOWS AZURE AND THE HYBRID CLOUD. Hybrid Concepts and Cloud Services.
SaaS apps.
ADFS - Does it Still have a Place? Fitting into the EMS puzzle Frank C. Drewes III 2016 Redmond Summit | Identity.
Private KEEP OFF! Private KEEP OFF! Open! What is a cloud? Cloud computing is a model for enabling convenient, on-demand network access to a shared.
Azure Active Directory Uday Hegde 2016 Redmond Summit | Identity Without Boundaries May 26, 2016 Group Program Manager, Azure AD
Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.
Web SSO with Cloud Resources using AD Federation Services
READ ME FIRST Use this template to create your Partner datasheet for Azure Stack Foundation. The intent is that this document can be saved to PDF and provided.
Unit 3 Virtualization.
Azure Active Directory - Business 2 Consumer
Azure Infrastructure for SAP®
Microsoft Operations Management Suite Insight and Analytics
SaaS Application Deep Dive
Future Ideas: Federation and Integration
9/13/2018 4:54 PM BRK How to get Office 365 to the next level with Azure Active Directory Premium Brjann Brekkan Program Manager Lead – Customer.
Cloud Connect Seamlessly
Access and Information Protection Product Overview October 2013
Microsoft Ignite NZ October 2016 SKYCITY, Auckland.
Microsoft Virtual Academy
Office 365 Identity Management
Office 365 Identity Management
Windows Azure Hybrid Architectures and Patterns
Microsoft Virtual Academy
Azure AD Simon May Technical Evangelist.
Matthew Farmer Making Azure Integration Services Real
Microsoft Virtual Academy
Presentation transcript:

Multi-tenant Resource Management for Instruments, Applications, and Services (The evolution of infrastructure consortiums…) Dean Flanders FMI / SystemsX VAMP / FIM4R in Helsinki Sept. 30 th, 2013

Overview About SystemsX Problem / Proposed Solution Resource FMI Multi-Institutional / Community Resource Sharing Tool Azure AD Collaboration with Microsoft Summary Overview Overview

We live in a brave new world... Overview

Mission «SystemsX.ch is determined to become a world-leading initiative in quantitative Systems Biology.» SystemsX.ch is open to any Swiss university or research institution. About SystemsX

Some Numbers and Facts... About SystemsX 1000 scientists 200 research groups 11 universities and research institutes Work together inter-disciplinarily

About SystemsX

Problem – Current FIM possibilities are not meeting the needs of researchers, and this problem becomes more critical as more pressure is given to share resources and to collaborate across disciplines, as well as with industry. Solution – A robust inter-institutional self- federation and rights management approach is needed. In this way all users and resource providers can easily participate in resource sharing and collaborations. Obstacle Problem / Proposed Solution

Enabling science/education as a service! These are shared resources... Problem / Proposed Solution

Why share resources in research? Increasing complexity of the tools required to perform research puts more pressure on hardware and people resources. Increased competitive pressure forces greater efficiency. No one institution can house all of different types of resources their researchers need. Under utilization of resources. Lack of expertise to operate complex systems causes the need for better cooperation between institutions. Problem / Proposed Solution

Lots of very basic problems are not easily solvable by current academic federations, e.g. existing institutional security groups cannot be easily seen within or across federations. Many challenges can also be faced with current academic federations, such as bringing in new federation members and new users can be difficult, heterogeneous national solutions. Unmet needs of current federations Problem / Proposed Solution

1000’s of Users1000’s of Resources Huge Collection of: Entitled users & rights to use Access rights & Reservations Researchers Companies Students How to ensure that the right people will the right access? Problem Analysis Problem / Proposed Solution

Institutions’ Users Individuals synchronize Self Service Social ID Active Directories User & Resource Collection Institutions’ Resources Publish & Provision User group FormationResource Allocation Self Service Projects & Communities Self Service Resource Selection Owners’ Approval or Automated allocation ResearchNet Management Infrastructure Usage Log on with own ID Single Sign On Leader Self Service Δ Δ Δ Overview High Level Solution = IDMaaS / Rights Management Problem / Proposed Solution

Instruments Meeting rooms Clusters Sample analysis Software Bikes Etc. What resources do we have in mind? Problem / Proposed Solution

Resource Sharing at the FMI... Resource FMI

15 Resource Overview Resource FMI

Resource Request Resource FMI

Resource Assigment Interface Resource FMI

Reservation Request Resource FMI

(Results reviewed periodically to ensure correct use.) Resource Review Resource FMI

(We have now also integrated this approach also into web based applications.) Expert List Resource FMI

Misuse Reporting Resource FMI

Free for everyone (commercial and academic users) Cloud hosted Multi-institutional Multi-community Fully self-service (institutions, communities, research groups, users, providers) New resource types: app store, work orders, store Designed the system to facilitate national / international resource sharing. Designed the system to facilitate business development and startups, as well as large companies. Essential for inter-institutional collaborations and resource sharing. New Multi-tenant Cloud Version Multi-Institutional / Community Resource Sharing

System Design: One common platform shared by participating institutions (there can be many of these shared platforms). Exposes resources across institutions and facilitate sharing of resources & expertise. Provides Controls to prevent misuse and insight to optimize usage. It must be: Simple to use (we cannot train 1000’s of users) and appealing (users must love it!) Self-service driven (administrative interference would cause a new bureaucracy) Pervasive use (right to use encompasses access to resources or information, as well as reservations to use resources) No impediments to start using the platform (just get started) Integrated authentication (SSO to minimize helpdesk support) Multi-Institutional / Community Resource Sharing

Federation with ETH over Auth0 / Azure AD ADFS (IdP) Webapp / Instrument / Service (SP) Auth0 / Azure AD Claim Rules Engine ADFS (IdP) Social (IdP) Resource Management Multi-Institutional / Community Resource Sharing

non-integrated integrated Institutional verification Enrollment Multi-Institutional / Community Resource Sharing

Resulting Claims for Integrated User

Scheduler Multi-Institutional / Community Resource Sharing

Applications

Services

Directories

Setting up a Resource Provider Multi-Institutional / Community Resource Sharing

Resource Rights Management Multi-Institutional / Community Resource Sharing

IDMaaS to provision SaaS on IaaS Multi-Institutional / Community Resource Sharing

Windows Azure Active Directory: The Vision A modern, cloud based identity management service providing federation, directory services, device registration, user provisioning, application access control & data protection. A natural extension to your on premise directory, the combination of Windows Server AD and Windows Azure AD let’s you secure today’s hybrid enterprise. On-premises and cloud Active Directory managed as one Consistent identities for on-prem and cloud applications. Easy user experience with single sign on Azure AD Collaboration with Microsoft Keith Brintzenhofe - Group Program Manager | Windows Azure Active Directory Identity & Access Management

Windows Azure Active Directory and the Hybrid Enterprise - Today Active Directory AD DS, ADFS, FIM Third Party Apps Windows Azure Active Directory Microsoft Apps Identity Management Your Apps On-premises and private cloud Other appsHR sources Other Directories Self-Service Microsoft Account Keith Brintzenhofe - Group Program Manager | Windows Azure Active Directory Identity & Access Management Azure AD Collaboration with Microsoft

Identity & Access Management Scenarios Instant productivity with SaaS applications Access from any device, anywhere Connecting and collaborating with partners & customers Rapidly develop and deploy new enterprise capabilities Security monitoring and alerting for cloud services Keith Brintzenhofe - Group Program Manager | Windows Azure Active Directory Identity & Access Management Azure AD Collaboration with Microsoft

It is free. We are all Microsoft customers anyway…. Many institutions use AD already and Microsoft has a vision of “one AD” in terms of cloud and on- premise integration. Ready made integration into soon to be hundreds of existing cloud services. Multi-factor capabilities. Many possible federation partners. Azure is a robust multi-national infrastructure. Azure AD Benefits Azure AD Collaboration

Azure AD Testing Plan Work within a collaborative team interested in investigating Azure AD as a possible part of the FIM puzzle. Map and test use cases. Define a roadmap with Microsoft which has an open flexible architecture for Azure AD usage. Define action items for Microsoft (e.g. improve SAML interoperability, tighter social identity integration). If you have ideas, issues, or complaints about Azure AD feel free to join the collaboration,. Azure AD Collaboration

Summary The lack of good FIM solutions in academia is one of the biggest technical impediments to research and education currently. We need to take a Zendesk like approach to resource providers so they are empowered to share resources. FIM is crucial for this. We need to look at research groups as if they were their own small company, and stop focusing on the national and institutional level. There are simple approaches to federation that can be used to meet the needs of researchers and research communities. The self-federation concept is vital to an all inclusive federation necessary for research. A platform such as Azure AD can play an important role in an effort to improve FIM for research. Summary