Innovation through participation eduGAIN interfederation service for research and education Cern FedID workshop in RAL, UK 2-3 Nov 2011 Mikael Linden,

Slides:

Advertisements

Similar presentations

Joint Action for ECHIM European Community Health Indicators and Monitoring Antti Tuomi-Nikula National Institute for Health and Welfare (THL), Helsinki,

Advertisements

Innovation through participation Data Protection Code of Conduct (DP CoC) REFEDS Helsinki Mikael Linden, CSC – IT Center for Science

Federated Identity Management for Researchers – A quick overview from GÉANT BoF TNC May 2014 Dublin.

Innovation through participation GÉANT Data Protection Code of Conduct (DP CoC) FIM for research collaboration workshop Mikael Linden,

Innovation through participation Attributes Release Working Group European data protection directive REFEDS meeting 22th Apr, 2012

USERDEVELOPERADVERTISER.

EduGAIN – Are we there yet? Lukas Hämmerle (ghost writer, Brook Schofield) FIM4R, Helsinki – 2 October 2013.

Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI TF, AAI workshop 19 Sep 2012.

Kalmar Union Mikael Linden CSC, the Finnish IT Center for Science.

Innovation through participation eduGAIN federation operator training eduGAIN policy eduGAIN training in Vienna Oct 2011

Can financial services in developed countries remain on a long-term basis within postal organizations or is separation inevitable? TIP Conference, ,

FIM-ig Federated Identity Management Interest Group.

EduGAIN Code of Conduct Workshop, , Brussels GEANT eduGAIN Data Protection "Code of Conduct" Workshop Dieter Van Uytvanck

Federated Identity Management in New Zealand Sat Mandri Service Manager TNC15 REFEDs Meeting, 14 th June 2015.

John Dyer Business & Technology Strategist TERENA Business & Technology Strategist December 2013 European NRENs Evolution.

Innovation through participation Interfederation through eduGAIN - steps and challenges eduGAIN interfederation service Federated Identity Systems.

AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

Identity Federation Policy Marina Vermezović, AMRES Federated Identity Technology Workshop Sofia, Bulgaria, 20. Jun 2014.

Supporting Are we ready? REFEDS, Oct 2013 Ann Harding

ELCIRA and eduGAIN: Practical aspects of interfederation for academic collaboration Brook Schofield, TERENA ● TICAL2013, Cartagena, Colombia ● 8 th July.

European Life Sciences Infrastructure for Biological Information Life science community update for the 7 th Federated Identity Management.

Campus Identity Management Requirements (=IAP) REFEDs meeting Mikael Linden,

Schac attributes and common vocabularies TF-EMC Mikael Linden CSC, the Finnish IT Center for Science.

7 th FIM 4 R meeting April 2014 ESRIN Frascati.

Kalmar Union lessons: Findings in federation harmonisation REFEDS Mikael Linden, CSC.

INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.

Authentication and Authorisation for Research and Collaboration Licia Florio REFEDS Meeting The AARC Project I2 Technology Exchange.

Authentication and Authorisation for Research and Collaboration Licia Florio AARC Workshop The AARC Project Brussels, 26 October.

Authentication and Authorisation for Research and Collaboration David Kelsey AARC AHM Milan And mechanisms NA3 Task 4 – Scalable.

Innovation through participation eduGAIN policy: A worm report TF-EMC2 Vienna Mikael Linden, CSC The worm farmer.

Federations, the Data Protection Directive and WP29 TF-EMC2 Mikael Linden, CSC, the Finnish IT Center for Science.

Refeds update TF-EMC2 Utrecht 3-Dec 2008 Mikael Linden CSC – the Finnish IT Center for Science.

Authentication and Authorisation for Research and Collaboration Mikael Linden AARC all hands Milan Authentication and Authorisation.

European Life Sciences Infrastructure for Biological Information ELIXIR and Identity Management 2 nd Workshop on Federated Identity.

Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.

Council on the World Stage John Ellis (King’s College London) Formerly advisor to CERN DGs on relations with Non-Member States ‘Science for Peace’ Scientific.

Innovation through participation EduGAIN policy (working draft) Status update REFEDs 30th May 2010

Federated Identity Management for Scientific Collaborations The Common Vision David Kelsey (STFC) 3 Nov 2011.

NREN Trust and Identity Strategy Ann Harding, SWITCH Cambridge July 2014.

Networks ∙ Services ∙ People Thomas Bärecke Journée Fédération, Paris Collaboration européenne GÉANT SA5 03/07/2015 SA5 T5 team

Connect communicate collaborate Trust & Identity EC meets GÉANT 19 June 2014 Brussels Valter Nordh, NORDUnet Federation as a Service Task Leader Trust.

CIS-Workshop on „WFD and Hydropower“ June 2007 Berlin, Germany - First Workshop under Phase II ( ) of the EU activity „Water Framework Directive.

Networks ∙ Services ∙ People Nicole Harris UK federation meeting eduGAIN, REFEDS and the UK 23 June 2015 Project Development Officer GÉANT.

European Union Agency For Network And Information Security Enhancing the security of CIIPs in Europe – eHealth and ENISA Dr. Evangelos Ouzounis, Head of.

Networks ∙ Services ∙ People Marina Adomeit FIM4R meeting Virtual Organisation Platform as a Service VOPaaS Nov 30, 2015, Austria Task Leader,

Open Collaboration Exchange Alexander Blanc, Niels van Dijk, Jocelyn Manderveld, Remco Poortinga - van Wijnen VAMP 2013, Espoo.

Networks ∙ Services ∙ People Licia Florio TNC, Lisbon Consuming identities across e- Infrastructures 16 June 2015 PDO GÈANT.

Authentication and Authorisation for Research and Collaboration Licia Florio AARC CORBEL Workshop The AARC Project Paris, 31 May.

Designing Identity Federation Policy, the right way Marina Vermezović, Academic Network of Serbia TNC2013 conference 4 May 2013.

Innovation through participation Data Protection Code of Conduct (DP CoC) TNC2013 conference, 4 June 2013 Mikael Linden, CSC – IT Center for Science

The Policy Puzzle Many groups and (proposed) policies, but leaving many open issues AARC “NA3” is tackling a sub-set of these “Levels of Assurance” –

Case Studies in Federated Identity Management for Research Communities

Federated Identity Management for Scientific Collaborations

ELIXIR Safeguarding the results of life science research in Europe

EUBREWNET A European Brewer Network COST Action no. ES1207 Objectives

Eurojust cases involving crimes against children

TF-EMC Mikael Linden, REFEDs update TF-EMC Mikael Linden,

Perception Survey on quality of life Report on "Cities of tomorrow"

CEF eID SMO The use of eID in eHealth

State of legal transposition (1)

eduPersonAffiliation semantics – a spin-off of eduGAIN policy

CSC, the Finnish IT Center for Science

ETS Working Group meeting 24-25/9/2007 Agenda point 7 CVTS3 brief update /09/ 2007 ETS working group.

European Statistical Training Programme (ESTP)

STEM Education Policies and Practices in Europe

IT security assurance – 2018 and beyond Item 2 of the agenda DIME/ITDG Steering Group June 2018 Pascal JACQUES ESTAT B2/LISO.

LAMAS Working Group June 2015

GEANT Data protection Code of Conduct 2.0 REFEDS meeting 16 June 2019

Presentation transcript:

Innovation through participation eduGAIN interfederation service for research and education Cern FedID workshop in RAL, UK 2-3 Nov 2011 Mikael Linden, Haka federation, Finland

Innovation through participation Academic identity federations Focused to serve Research and (higher) education communities Often national, focused around National Research and Education Networks Web access/SAML2 (except: eduroam and project Moonshot) Europe AT, BE, CH, CZ, DE, DK, ES, FI, FR, GR, HR, HU, IE, IT, LV, NL, NO, PT, SE, SI, UK America BR, CA, US Asia/Pacific AU, CN, JP, NZ, TR More information: REFEDS Separate speak after the coffee break

Innovation through participation Now available: eduGAIN service To interconnect the national R&E identity federations Initially European Part of the EC-funded GN3 project 4/2009-3/2013 went production 4/2011 Currently, 12 federations have joined eduGAIN

Innovation through participation eduGAIN – interfederation service eduGAIN is a subset of IdPs and SPs in the federations 1. IdP/SP joins national federation 2. National federation joins eduGAIN 3. IdP/SP asks to become exposed to eduGAIN To get your SP to eduGAIN, you need to join a federation first

Innovation through participation IRISC2011 workshop recommendations Identity in research infrastructure and scientific collaboration, SEP Make attribute retrieval easy for SPs (balance risks vs benefits) Harmonise attribute availability and semantics Introduce a global Assurance Framework for Authentication strength Pay attention to usability Put effort on outreach among research services/infrastructures Make the service free for research services/infrastructures Establish a bioinformatics pilot with the EGA service of EBI For IRISC2011 workshop report summary, see

Innovation through participation eduGAIN and trust 1/2 IdP needs to trust an SP that the SP respects the end user’s privacy EU data protection laws may make the IdP partly liable for SPs’ privacy/security problems An SP needs to convince the IdP that it has done its own side well Worst case: bilateral agreement (between IdP and SP) Scales poorly: e.g. CLARIN has ultimately 176 IdPs and 25 SPs in separate countries Searching for better approaches Balancing the data protection risks and easiness of collaboration IdPSP trusts

Innovation through participation eduGAIN and trust 2/2 SP needs to trust the IdP that attribute semantics are correct eduGAIN has published a recommended attribute profile Recommended attributes: displayName, common name, mail, eduPerson(scoped)Affiliation, schacHomeOrganization, schacHomeOrganizationType SP needs to trust the IdP that it has authenticated the end user according to common standard eduGAIN Identity Assurance Framework being developed IdPSP trusts