UABgrid Identity Infrastructure John-Paul Robinson, David Shealy, UAB, IT Infrastructure Services Educause.

Slides:



Advertisements
Similar presentations
Student, Faculty, and Staff Data Availability and Protection What’s the Back-Up Plan? (for academic computing) Sponsored by.
Advertisements

The Internet2 NET+ Services Program Jerry Grochow Interim Vice President CSG January, 2012.
Andrea Eastman-Mullins Information & Technology Coordinator University of North Carolina, Office of the President Teaching and Learning with Technology.
Copyright Jill M. Forrester This work is the intellectual property of the author. Permission is granted for this material to be shared for non- commercial,
2006 © SWITCH Authentication and Authorization Infrastructures in e-Science (and the role of NRENs) Christoph Witzig SWITCH e-IRG, Helsinki, Oct 4, 2006.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
Copyright Statement © Jason Rhode and Carol Scheidenhelm This work is the intellectual property of the authors. Permission is granted for this material.
Copyright Dong Chen, This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
Copyright Anthony K. Holden, This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
Learning Management Systems Camp June 2004 Barry R Ribbeck UT HSC Houston Copyright, Barry Ribbeck, This work is the intellectual property of the.
You’ve Built The Pieces, Now Integrate Your Enterprise! Mid-Atlantic Regional Conference January 17, 2003 Patty Gertz, Princeton University
CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,
EDUCAUSE April 25, 2006Enforcing Compliance with Security Policies … Enforcing Compliance of Campus Security Policies Through a Secure Identity Management.
Rice’s 3-in-1 Wiki February 22, 2008 Copyright Carlyn Foshee Chatfield, This work is the intellectual property of the author. Permission is granted.
Sharing MU's SharePoint Experience 2005 Midwest Regional Conference Innovative Use of Technology: Getting IT Done Wednesday, March 23, 2005.
Lynette Olson, Assessment & Effectiveness Director & Gary Langer, Associate Vice Chancellor, Office of the Chancellor, Minnesota State Colleges and Universities.
Moving Your Paperwork Online University of California, Irvine presents PayQuest Copyright UC,Irvine This work is the.
Constructing Campus Grids Experiences adapting myVocs to UABgrid John-Paul Robinson High Performance Computing Services Office of the Vice President for.
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.
and beyond Office of Vice President for Information Technology.
Thursday, August 21, 2008 Cyberinfrastructure for Research Teams UAB High Performance Computing Services John-Paul Robinson.
GridShib Grid-Shibboleth Integration Von Welch, Tom Barton, Kate Keahey, Frank Siebenlist GlobusWORLD 2005.
DynamicBLAST on SURAgrid: Overview, Update, and Demo John-Paul Robinson Enis Afgan and Purushotham Bangalore University of Alabama at Birmingham SURAgrid.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
March 26, 2003The Navigo Project Hans C. Masing, The University of Michigan Lance D. Speelmon, Indiana University An IMS and OKI Compliant Open Source.
What is Cyberinfrastructure? Russ Hobby, Internet2 Clemson University CI Days 20 May 2008.
Middleware Support for Virtual Organizations Internet 2 Fall 2006 Member Meeting Chicago, Illinois Stephen Langella Department of.
GridShib: Grid/Shibboleth Interoperability September 14, 2006 Washington, DC Tom Barton, Tim Freeman, Kate Keahey, Raj Kettimuthu, Tom Scavo, Frank Siebenlist,
NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.
The Grid System Design Liu Xiangrui Beijing Institute of Technology.
Social Identity Working Group Steve Carmody. Agenda Intro to Using Social Accounts Status and Recent News –Current UT Pilot –Current InCommon Pilot with.
Russ Hobby Program Manager Internet2 Cyberinfrastructure Architect UC Davis.
1 Copyright Carl Berger This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
Linking Research Data to Clinical Data – a Pilot The University of Alabama at Birmingham.
NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.
Copyright © 2003, The University of Texas at Austin. This work is the intellectual property of the author. Permission is granted for this material to be.
Authors: Ronnie Julio Cole David
GRID Overview Internet2 Member Meeting Spring 2003 Sandra Redman Information Technology and Systems Center and Information Technology Research Center National.
Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.
Digital Diversity: Multi- institutional Access to Distributed Course Resources Barry Ribbeck UT HSC - Houston.
Leveraging the InCommon Federation to access the NSF TeraGrid Jim Basney Senior Research Scientist National Center for Supercomputing Applications University.
Southeastern Universities Research Association (SURA) - Intro for Fed/Ed 18 Mary Fran Yafchak Senior Program Manager, IT
Integration is Critical for Success Curriculum Course Delivery Ongoing Support Instructor & Learner.
Improving the Social Nature of OnLine Learning Tap into what students are already doing Tap into what students are already doing Educause SWRC07 Copyright.
GridShib Grid-Shibboleth Integration An Overview Von Welch
Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.
Cyberinfrastructure: Many Things to Many People Russ Hobby Program Manager Internet2.
What’s Happening at Internet2 Renee Woodten Frost Associate Director Middleware and Security 8 March 2005.
Copyright Statement Copyright Robert J. Brentrup This work is the intellectual property of the author. Permission is granted for this material to.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.
WebISO, Single Sign-On & Authorization General Overview Shelley Henderson Project Manager, Grid Software USC Information Services Copyright.
Bringing it All Together: Charting Your Roadmap CAMP: Charting Your Authentication Roadmap February 8, 2007 Paul Caskey Copyright Paul Caskey This.
NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.
An Integrated Collaboration Platform John-Paul Robinson Internet2 Member Meeting Fall 2006.
Resources to CAMP: Charting Your Authentication Roadmap.
Shibboleth Use at the National e-Science Centre Hub Glasgow at collaborating institutions in the Shibboleth federation depending.
CernVM and Volunteer Computing Ivan D Reid Brunel University London Laurence Field CERN.
Security in Research Computing John Sandefur UAB Comprehensive Cancer Center John-Paul Robinson UAB Research Computing.
Federated Identity Management at Virginia Tech
LIGO Identity and Access Management
Deploying Regional Grids Creates Interaction, Ideas, and Integration
John O’Keefe Director of Academic Technology & Network Services
Federating with NIH, NSF, and the National Student Clearinghouse
ESA Single Sign On (SSO) and Federated Identity Management
Open Source Web Initial Sign-On Packages
myIS.neu.edu – presentation screen shots accompany:
Signet Privilege Management
Signet Privilege Management
Presentation transcript:

UABgrid Identity Infrastructure John-Paul Robinson, David Shealy, UAB, IT Infrastructure Services Educause Southeast Regional Conference June 3, 2008

Educause Copyright Statement Copyright John-Paul Robinson and David Shealy This work is the intellectual property of the authors. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the authors.

June 3, 2008Educause Southeast Regional Conference3 Overview Understanding Collaboration Identity Services and the Grid UABgrid IdM Solution System Walk Through Next Steps Conclusions

June 3, 2008Educause Southeast Regional Conference4 The Challenge of Collaboration Research Group Google University IT Collaborator Compute Center

June 3, 2008Educause Southeast Regional Conference5 Common Steps to Collaboration Mailing list -- where ever its easiest Wiki – easy on your local server Add blogs, shared bookmarks, and other social networking tools Find compute resources to crunch the numbers Enjoy the autonomy and control of self directed collaboration and a low infrastructure burden

June 3, 2008Educause Southeast Regional Conference6 Challenges to Collaboration Deal with the hassle of maintaining accounts and permissions across tools? Accept the limitations of a single function applications? Choose an applications that does many things poorly? Use someone's portal but loose authority over your portlet needs? Who do you call when you need help? Who do you trust?

June 3, 2008Educause Southeast Regional Conference7 UABgrid Technology Backdrop UAB adopted Campus IdM in mid-1990's & joined Internet2 in late 1990's NMI-Testbed Participation and EPSCoR funding ( ) Began construction of campus grid with Computer & Information Sciences (CIS) and Engineering (ENG), UABgrid Ongoing collaboration on regional grid, SURAgrid NSF project to integrate NMI middleware tools and open source web applications ( ) Acquire dark fiber leases for connection to national fiber networks Launch UABgrid Pilot September 2007

June 3, 2008Educause Southeast Regional Conference Traditional IT Stack IT Business and Administrative Applications Infrastructure Services Networking Applications exclusively managed by IT Infrastructure services exclusively serve IT application needs Network exists to extend access to application

June 3, 2008Educause Southeast Regional Conference Extend Networking from Stack IT Business and Administrative Applications Infrastructure Services Networking

June 3, 2008Educause Southeast Regional Conference Supported Networking Stack IT Business and Administrative Applications Infrastructure Services Networking Research Applications End-User Applications

June 3, 2008Educause Southeast Regional Conference Infrastructure Next in Stack IT Business and Administrative Applications Infrastructure Services Networking

June 3, 2008Educause Southeast Regional Conference Extend Infrastructure Stack IT Business and Administrative Applications Infrastructure Services Networking

June 3, 2008Educause Southeast Regional Conference Supported Infrastructure Stack IT Business and Administrative Applications Infrastructure Services Networking Research Applications End-User Applications

June 3, 2008Educause Southeast Regional Conference14 National Cyberinfrastructure A Continuum of Identity lower assurance – facilitates collaboration higher assurance – facilitates trust Authorization Policies Informed by Identity Attributes Pools of Execution Resources A Common Data Framework Reliability and Performance Monitoring Maximized Network Bandwidth

June 3, 2008Educause Southeast Regional Conference15 National Cyberinfrastructure Grid: Interconnected Infrastructure Visualizing a Grid Site Resources Site Resources Linked via Shared Cyberinfrastructure

June 3, 2008Educause Southeast Regional Conference16 Cyberinfrastructure IdM Exec Data Net Info UABgrid Application 1 Application 4 Application 3 Application 2 Common Grid Interfaces

June 3, 2008Educause Southeast Regional Conference17 Cyberinfrastructure IdM Exec Data Net Info UABgrid Application 1 ResearchUser AdminEducation Grid Infrastructure Supports Multiple Application Domains

June 3, 2008Educause Southeast Regional Conference18 Cyberinfrastructure IdM Exec Data Net Info UABgrid Research Applications UsersStats FilesProcesses GroupsComm UABgrid is Building Services for Research Collaborations

June 3, 2008Educause Southeast Regional Conference19 Cyberinfrastructure IdM Exec Data Net Info UABgrid Research Application Services UsersStats FilesProcesses GroupsComm Statistical Genetics “R” caBIG Collaboration Tools Future Initiatives UABgrid is a Research Collaboration Platform

June 3, 2008Educause Southeast Regional Conference20 Interconnects and coordinates resources across administrative domains Uses standard, open, and general purpose interfaces and protocols Allows resource combination to deliver high quality services built on the core utility Understanding the Grid The “grid” is the Fabric of Inter-connected Resources

June 3, 2008Educause Southeast Regional Conference21 Supporting Collaboration Provide infrastructure that is flexible Offer self-managed services Provide portable identities Support integration across domains Respect autonomy Empower the researcher Contribute components to infrastructure IT strength in middleware services HPC Centers strength in computational services

June 3, 2008Educause Southeast Regional Conference22 Philosophy of Identity Identity is a natural continuum Different applications can enlist different technologies (Shibboleth, Certificates, OpenID, etc.) Different technologies support different levels of trust Systems need consistent identity Identity is pervasive Identity is a leading integration point

June 3, 2008Educause Southeast Regional Conference23 Solving the Attribute Puzzle

June 3, 2008Educause Southeast Regional Conference UABgrid Identity Solution Identity & Attribute Management Web Application Attribute Store Head Node Identity & Attribute Release Web Applications Clusters UABgrid IdM Attributes to Web Apps with Shibboleth Attributes to Non-web Apps with GridShib User Accesses Services Directly User Identity from Institution IdM (via InCommon not legacy feeds)

June 3, 2008Educause Southeast Regional Conference25 Pilot Collaboration Applications Mailing Lists: Sympa Wiki's: MediaWiki and Confluence Project management: Trac + Subversion Blogs: Wordpress User certificate management: PHPki Grid meta-scheduling: GridWay Grid facing computational resources: Globus

June 3, 2008Educause Southeast Regional Conference26 Confluence Login Walk-Through Confluence is a commercial wiki product from Atlassian Atlassian Demo for UABgrid Collaboration Environment Confluence Highlights proprietary software integration wiki for collaborations that require distinct access and content management roles for members Login Highlights System Boundaries

Confluence Wiki Login Confluence :: UABgrid Login :: UAB InCommon (authn + shib) :: UABgrid (collab attributes) :: Confluence

Select Session Identity Confluence :: UABgrid Login :: UAB InCommon (authn + shib) :: UABgrid (collab attributes) :: Confluence

Select UAB Identity Confluence :: UABgrid Login :: UAB InCommon (authn + shib) :: UABgrid (collab attributes) :: Confluence

UAB Authentication Confluence :: UABgrid Login :: UAB InCommon (authn + shib) :: UABgrid (collab attributes) :: Confluence

UAB Attributes to UABgrid Confluence :: UABgrid Login :: UAB InCommon (authn + shib) :: UABgrid (collab attributes) :: Confluence

Collaboration Attributes to Wiki Confluence :: UABgrid Login :: UAB InCommon (authn + shib) :: UABgrid (collab attributes) :: Confluence

User Logged In at Wiki Confluence :: UABgrid Login :: UAB InCommon (authn + shib) :: UABgrid (collab attributes) :: Confluence

Select ProtectNetwork Identity Confluence :: UABgrid Login :: PN InCommon (authn + shib) :: UABgrid (collab attributes) :: Confluence

ProtectNetwork Authentication Confluence :: UABgrid Login :: PN InCommon (authn + shib) :: UABgrid (collab attributes) :: Confluence

ProtectNetwork Attributes Confluence :: UABgrid Login :: PN InCommon (authn + shib) :: UABgrid (collab attributes) :: Confluence

Different User Logged In at Wiki Confluence :: UABgrid Login :: PN InCommon (authn + shib) :: UABgrid (collab attributes) :: Confluence

Globus Identity Use Example

Ultimate Goal: Any Application in Collaboration UABgrid IdM

June 3, 2008Educause Southeast Regional Conference40 Current State Basic group management and collaboration tools in place Building infrastructure to support expansion of resources and users Attribute exchange with web applications is working, Globus attribute consumption needed Good cross-section of users and projects for pilot

June 3, 2008Educause Southeast Regional Conference41 Attribute Service Development Pre-configured VM image Combines multiple services and avoids duplicating integration effort Shibboleth, GridShib, and VO/group management (Sympa) Grew out of the NSF project as encapsulation of the system concepts myVocs box is shared infrastructure component to simplify development and maintenance of UABgrid infrastructure

June 3, 2008Educause Southeast Regional Conference42 UABgrid User Communities UABgrid Development Team SSG Biostatistics “R” Workflow to Grid Migration ASA + UAB Grid Resource Exploration SURAgrid Accounting Working Group CIS Collaborative Computing Lab Viral Bioinformatics Resource Center

June 3, 2008Educause Southeast Regional Conference43 UABgrid Identity Services Next Steps Improved Attribute & Group Management Grouper supports generic group management, Signet an option for permissions. Improved Login Identity provider selections, roaming preferences OpenID Support Asserting is easy. Consuming not so hard but will require updates to registration service Shibboleth 2.0 and GridShib 0.6 Support Regular Release Cycle for myVocs box

June 3, 2008Educause Southeast Regional Conference44 Engaged in Broader Community caBIG – GAARDS authn/z infrastructure SWITCH D-Grid TeraGrid UABgrid

June 3, 2008Educause Southeast Regional Conference45 Conclusions Collaborators need to be able to operate autonomously on a reliable infrastructure Centralized IT services can contribute significantly to collaborations by exposing rich, user-controlled resource interfaces Shibboleth-based identity services allow users to define and manage their trust boundaries in a distributed environment Grid is an effective model for infrastructure development

June 3, 2008Educause Southeast Regional Conference46 Acknowledgments Office of the Vice President for Information Technology at the University of Alabama at Birmingham (UAB) UABgrid Collaborative Development Initiative with Department of Computer and Information Sciences (CIS) and Mechanical Engineering (ENG) at UAB "NMI Enabled Open Source Collaboration Tools for Virtual Organizations" NFSANI ANI

June 3, 2008Educause Southeast Regional Conference47 References Shibboleth   Demo GridShib  InCommon 

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.