1. www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE PY5 new activities Peter Solagna – EGI.eu

2. www.egi.eu EGI-InSPIRE RI-261323 Overview Activities partially funded (with the project unspent effort) for the last months of 2014 –But open to unfunded participation New activities relevant to operations: –Services for the long tail of science –AAI Pilot –EGI Marketplace

3. www.egi.eu EGI-InSPIRE RI-261323 Long tail of science Goal –Evaluate possible technologies to make easier for the users of the long tail of science to access EGI resources. –Possibly deploy proof of concept services before the end of the year –Review and adapt the current security policies for this specific use case Capabilities foreseen for the platform –Reduced-technical-barrier access: any user who carries out relevant research should be able to use EGI resources –Realistic: Reuse existing technology building blocks as much as possible –Secure: keep an acceptable security level for resource providers –Scalable: Can scale up to support large number resource providers, technology providers, use cases and users –User-centric: User support for platform users is available through the NGIs Use cases –Support users who approach centrally EGI –Provide the platform as-a-service to the NGIs to serve the LTOS users of their NGIs

4. www.egi.eu EGI-InSPIRE RI-261323 Architecture schema User Management Portal User EGI User support / NIL / NGI representative /.. Approve Request Access resources Credential management service Scie ntifi c gate ways

5. www.egi.eu EGI-InSPIRE RI-261323 Contributions (LTOS) Currently participating –NGI_IT –NGI_PL –NGI_GRNET –NGI_NL –NGI_BG Additional contributions –NGIs and RCs to review and comment the security policy and VO AUP Wiki: https://wiki.egi.eu/wiki/Long- tail_of_science_pilothttps://wiki.egi.eu/wiki/Long- tail_of_science_pilot

6. www.egi.eu EGI-InSPIRE RI-261323 AAI pilots Goal –Use federated identity credentials, specifically SAML ones, to manage independently user membership and user authorization on the services in a coordinated way With a similar workflow as it is done now with the VOMS services. –Not to deploy production services, but to test the technical feasibility of using SAML to manage distribute AuthN and AuthZ Activities –Connect cloud services to the SURFnet OpenConext service to retrieve SAML assertions containing user identities and attributes that describe the user capabilities. –Connect external attribute providers to OpenConext –Test the workflow with and without attribute aggregator Long term goal –Users to use credentials from institutional SAML based IdPs –SAML attribute authorities to manage the VO membership of the users

7. www.egi.eu EGI-InSPIRE RI-261323 © Paul Van Dijk

8. www.egi.eu EGI-InSPIRE RI-261323 Contributions (AAI) Currently participating –Cloud providers NGI_IT NGI_SI NGI_PT NGI_CZ NGI_GR –IdP, Attribute aggregator SURFnet Wiki: https://wiki.egi.eu/wiki/AAI_pilothttps://wiki.egi.eu/wiki/AAI_pilot

9. www.egi.eu EGI-InSPIRE RI-261323 EGI Marketplace Goal –Define the marketplace features –Design the architecture considering the existing tools Purpose of the marketplace –For the users: single entry point to discover and “buy” EGI services (get usage statistics, billing information..) –Resource providers: platform to advertise the offered services and produce billing (if relevant) Wiki: https://wiki.egi.eu/wiki/EGI_Marketplace (under construction)https://wiki.egi.eu/wiki/EGI_Marketplace

10. www.egi.eu EGI-InSPIRE RI-261323 directory / authentication user profile VM registry instrumentscloud services accounting / reportingbillingpersistent identifiers Plugin Modules Service Catalogs Authentication (eduGAIN, social, enterprise, etc.) Group management (organizational, local, etc.) Attributes (billing information, ORCID, etc.) Etc. Favorites Ratings Etc. A possible architecture attribute providers user group organizationcommunity software API etc. proposals etc. marketplace portal Different catalogs (AppDB, GOCDB, Helix Nebula, IRIS, etc.) Catalogs should deliver additional value to providers Can have multiple of the same type of catalog Different plugins for catalogs (e-GRANT, etc.) Plugins should deliver additional value to service catalogs Not mandatory to the catalogs. Can have multiple of the same type of plugin Search across all service types

11. www.egi.eu EGI-InSPIRE RI-261323 Contacts Long tail of science –Peter Solagna AAI Pilot –Peter Solagna Marketplace –Dean Flanders (NGI_CH), Diego Scardaci (EGI.eu/INFN)