Presentation is loading. Please wait.

Presentation is loading. Please wait.

Case Studies in Federated Identity Management for Research Communities Ann Harding, SWITCH/GN3plus Peter Gietz, DAASI International GmbH/DARIAH Tommi Nyro.

Published byRandell Lawson Modified over 8 years ago

Similar presentations

Presentation on theme: "Case Studies in Federated Identity Management for Research Communities Ann Harding, SWITCH/GN3plus Peter Gietz, DAASI International GmbH/DARIAH Tommi Nyro."— Presentation transcript:

1 Case Studies in Federated Identity Management for Research Communities Ann Harding, SWITCH/GN3plus Peter Gietz, DAASI International GmbH/DARIAH Tommi Nyro ̈ nen, CSC - IT Center for Science/ELIXIR Mirjam van Daalen, Paul Scherrer Institute/Umbrella TNC 2014 20 May 2014 Dublin

2 2 Connect | Communicate | Collaborate Federated Identity Management for Research 30+ Research Infrastructures in Europe The Wizard Gap

3 3 Connect | Communicate | Collaborate Shared Challenges – FIM4R and TERENA AAA Study Non-web- browser Homeless users Attribute release Credential translation User friendliness Attribute aggregation Levels of Assurance Bridging Communitie s

4 4 Connect | Communicate | Collaborate Collaborative pilots between user communities and GÉANT “Umbrella is the Federated Identity Solution of the Photon and Neutron Community, enabling user initiated trans- facility access.” “A connected network of people, information, tools, and methodologies for investigating, exploring and supporting work across the broad spectrum of the digital humanities.” “Basic life science information constitutes a testament of human and natural evolution and advancement. As such, this wealth of knowledge should be freely available for all to access, study and process”

5 5 Connect | Communicate | Collaborate DARIAH Goals Make DARIAH services available via eduGAIN Encourage attribute release based on GÉANT Code of Conduct Group and attribute management integration with DARIAH-DE Textgrid Lab tools for scholarly digital editions Support digital humanities researchers Find and use a wide range of research data Work across domains and disciplines Experiment and innovate in collaboration with other scholars

6 6 Connect | Communicate | Collaborate DARIAH Progress Architecture based on standards interoperable with eduGAIN 5 DARIAH services in DFN AAI: Portals, search, wiki, collections, research tools Support GÉANT Code of Conduct Distributing group and attribute management

7 7 Connect | Communicate | Collaborate Combination of eduGAIN and community specific DARIAH homeless-IdP and attribute authority DARIAH has been able to meet many requirements Distributed user and privilege administration Policies that allow for integration into DFN- AAI and eduGAIN DARIAH would like to see more entities available in eduGAIN and reasonable attributes available eduGAIN is the best approach to pan European AAI for DARIAH but some time is needed to fulfil all needs DARIAH Experience

8 8 Connect | Communicate | Collaborate ELIXIR Goals Requirements for Levels of Assurance Make EGA and REMS available on a pan-European basis via eduGAIN Part of a wider portfolio of ELIXIR AAI work Research requiring AAI – Matching the treatment to the cancer One in 10 women in the EU-27 will develop breast cancer before the age of 80. If they can identify patterns of genes that are active in different tumours, we can diagnose and treat cancers earlier ELIXIR distributed infrastructure

9 9 Connect | Communicate | Collaborate Level of Assurance capabilities for European Identity Federations/IdPs vs. EGA’s security needs ELIXIR Progress EGA SP registered to Haka (the Finnish Identity Federation). EGA SP exported to eduGAIN Use of GÉANT Data Protection Code of Conduct

10 10 Connect | Communicate | Collaborate A pan-European approach to LoA would be appreciated/necessary in the future Minimise ELIXIR-specific customisation ELIXIR Experience Next phase of AAI in ELIXIR – blueprint for discussion External IdPs via eduGAIN ELIXIR specific services for authorisation (REMS), non web, homeless users and community management Federated identity cross sector collaboration: REMS to be used by FI-CLARIN & FI- CESSDA

11 11 Connect | Communicate | Collaborate Umbrella Goals Bridging Home Institution Accounts with Umbrella persistent identities Enable Home Org identities to be used in Umbrella & Umbrella identities to use eduGAIN Non-web-browser based access Umbrella platform - a collaborative effort by leading European Photon and Neutron facilities as part of several EU projects Unique and persistent user identification for interdisciplinary user community from biology, physics to earth sciences Optimisation of the process from experimental data acquisition to data publication Swiss Light Source at Paul Scherrer Institute in Villigen Switzerland Six such facilities use Umbrella and serve over 30’000 users - 40% of these researchers use multiple facilities.

12 12 Connect | Communicate | Collaborate Umbrella Progress Umbrella-eduGAIN Bridging prototype Moonshot pilot infrastructure for SSH Considerations for usability in a production Umbrella context Next step – considerations for interfederation testing of Moonshot

13 13 Connect | Communicate | Collaborate More opportunities for NREN/Research Infrastructure Collaboration Security analysis discussion at FIM4R Piloting with a wider community has benefits JANET/Diamond Light in UK Moonshot Pilot Confidentiality aspects critical for Umbrella - high competition, especially structural biology Authorisation is delegated to the systems participating in Umbrella Umbrella Experience

14 14 Connect | Communicate | Collaborate GÉANT Goals Better Understanding = Better Services White paper “Options for Joining eduGAIN” Improved public documentation & knowledgebase Collaborate with the wider GÉANT project and with international user communities to increase usage of AAI infrastructure. Act as an expert partner for large pan- European projects with AAI requirements. Custom support for finding the best option Help you reach the right federation contacts In development – test IdP, plans for other services beyond basic eduGAIN

15 15 Connect | Communicate | Collaborate Attributes - Release, consistency, community specific and harmonisation GÉANT Experience – What still needs work? Levels of Assurance A long term issue to be broken down Understanding security and incident response Progress can be slow initially More experience, work faster Many other research communities developing AAI requirements and work Non web – Early pilot not novice user but evolving more

16 16 Connect | Communicate | Collaborate Sh aring knowledge of federation capabilities Survey of Levels of Assurance GÉANT Experience – Where do we see progress? Ask us for help: edugain-integration@geant.net Federations looking to do more Support of GÉANT Code of Conduct Emerging ‘opt-out’ pilots for eduGAIN REFEDs Federation Operator Best Practice Research communities services appearing in national federations and eduGAIN Knowledge gained with these pilots helps support other communities & plan service

17 17 Connect | Communicate | Collaborate www.geant.net www.twitter.com/GEANTnews | www.facebook.com/GEANTnetwork | www.youtube.com/GEANTtv Connect | Communicate | Collaborate Thank you! Join the BoF after today’s sessions for more about e-Research and Federated Identity.

Download ppt "Case Studies in Federated Identity Management for Research Communities Ann Harding, SWITCH/GN3plus Peter Gietz, DAASI International GmbH/DARIAH Tommi Nyro."

Similar presentations

EGI-InSPIRE RI-261323 EGI-InSPIRE EGI-InSPIRE RI-261323 AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Federated Identity Management for Researchers – A quick overview from GÉANT BoF TNC 2014 20 May 2014 Dublin.

Federated Identity Management for Researchers – A quick overview from GÉANT BoF TNC May 2014 Dublin.
EduGAIN – Are we there yet? Lukas Hämmerle (ghost writer, Brook Schofield) FIM4R, Helsinki – 2 October 2013.

EduGAIN – Are we there yet? Lukas Hämmerle (ghost writer, Brook Schofield) FIM4R, Helsinki – 2 October 2013.
Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI TF, AAI workshop 19 Sep 2012.

Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI TF, AAI workshop 19 Sep 2012.
FIM-ig Federated Identity Management Interest Group.

FIM-ig Federated Identity Management Interest Group.
SWITCHaai Team Federated Identity Management.

SWITCHaai Team Federated Identity Management.
EUROPEAN IDENTITY STRATEGY 1 NICOLE HARRIS e-Infrastructure Summer Workshops, Federated Identity Technology.

EUROPEAN IDENTITY STRATEGY 1 NICOLE HARRIS e-Infrastructure Summer Workshops, Federated Identity Technology.
DARIAH-ERIC Towards a sustainable social and technical European eResearch Infrastructure for the Arts and Humanities DARIAH-ERICDARIAH-ERIC VCC1 e –Infrastructures.

DARIAH-ERIC Towards a sustainable social and technical European eResearch Infrastructure for the Arts and Humanities DARIAH-ERICDARIAH-ERIC VCC1 e –Infrastructures.
Federated Identity Management in New Zealand Sat Mandri Service Manager TNC15 REFEDs Meeting, 14 th June 2015.

Federated Identity Management in New Zealand Sat Mandri Service Manager TNC15 REFEDs Meeting, 14 th June 2015.
BoF: Federated Identity Management for Researchers David Kelsey (STFC-RAL) TNC2014, Dublin 20 May 2014.

BoF: Federated Identity Management for Researchers David Kelsey (STFC-RAL) TNC2014, Dublin 20 May 2014.
Authentication and Authorization in a federated environment Jules Wolfrat (SARA)

Authentication and Authorization in a federated environment Jules Wolfrat (SARA)
Www.geant.org AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.

AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
Connect communicate collaborate GÉANT3plus Enabling Users Pilots Lukas Hämmerle Task Leader Enabling Users

Connect communicate collaborate GÉANT3plus Enabling Users Pilots Lukas Hämmerle Task Leader "Enabling Users"
Authentication and Authorisation for Research and Collaboration Licia Florio (GÉANT) Christos Kanellopoulos (GRNET) Service orientation.

Authentication and Authorisation for Research and Collaboration Licia Florio (GÉANT) Christos Kanellopoulos (GRNET) Service orientation.
European Life Sciences Infrastructure for Biological Information www.elixir-europe.org Life science community update for the 7 th Federated Identity Management.

European Life Sciences Infrastructure for Biological Information Life science community update for the 7 th Federated Identity Management.
7 th FIM 4 R meeting 23-24 April 2014 ESRIN Frascati.

7 th FIM 4 R meeting April 2014 ESRIN Frascati.
Jamie Hall (ILL). SciencePAD Persistent Identifiers Workshop PANData Software Catalogue January 30th 2013 Jamie Hall Developer IT Services, Institut Laue-Langevin.

Jamie Hall (ILL). SciencePAD Persistent Identifiers Workshop PANData Software Catalogue January 30th 2013 Jamie Hall Developer IT Services, Institut Laue-Langevin.
EResearchers Requirements the IGTF model of interoperable global trust and with a view towards FIM4R AAI Workshop Presenter: David Groep, Nikhef.

EResearchers Requirements the IGTF model of interoperable global trust and with a view towards FIM4R AAI Workshop Presenter: David Groep, Nikhef.
Test your IdP

Test your IdP

Similar presentations

Ads by Google