Download presentation
Presentation is loading. Please wait.
Published byOsborne Tucker Modified over 8 years ago
1
Networks ∙ Services ∙ People www.geant.org Licia Florio TNC, Lisbon Consuming identities across e- Infrastructures 16 June 2015 PDO GÈANT
2
Networks ∙ Services ∙ People www.geant.org When and how it all started Where we are now Where we want/should be 2 Overview
3
Networks ∙ Services ∙ People www.geant.org 3 10 years of 1 st March 2005: SAML2.0 was approved Now used by 50 R&E federations! REFEDS – 10 years of discussion on how federations can interoperate. And of course federated access
4
Networks ∙ Services ∙ People www.geant.org 4 A look at the past
5
Networks ∙ Services ∙ People www.geant.org Our community realised very soon that username and password would not scale in a world: Where on-line access was becoming more and more common Where students mobility was growing and it was expected to grow more Where remote access to resources was becoming a main requirement 5 Importance of Federated Access
6
Networks ∙ Services ∙ People www.geant.org 6 From the Internet Archives Tuesday 29 Oct 2002 I2 News Item: “After two months of using Shibboleth to manage web course material at North Carolina State University, we saw an 80- to 85-percent drop in our help desk call” https://lists.internet2.edu/sympa/arc/i2-news/2002-10/msg00003.html Dec Oct 2002 SWITCH AAI Info Day: “Demo on Shibboleth demo (v 0.7!) And an overview on other AAIs in Europe ” https://www.switch.ch/aai/support/presentations/infoday-2002/
7
Networks ∙ Services ∙ People www.geant.org 7 How it all started A-Select PAPI FEIDE Shibboleth Athens PermisSPOCP
8
Networks ∙ Services ∙ People www.geant.org 8 The good year! Source: Ton Verschuuren http://geant2.archive.geant.net/upload/pdf/2005-11- 14_Confederation_-_JISC_Workshop.pdf SAML becomes the de-facto lingua franca with multiple implementations (i.e. simpleSAMLphp and commercial products)
9
Networks ∙ Services ∙ People www.geant.org 9 Federations in 2005 Source: TERENA CompendiumTERENA Compendium 6 Federations Many NRENs planning
10
Networks ∙ Services ∙ People www.geant.org 10 Challenges back then Scalability Inter-federation Business Models Schema harmonization Support for VOs Authorization
11
Networks ∙ Services ∙ People www.geant.org 11 Please meet eduGAIN grandpa
12
Networks ∙ Services ∙ People www.geant.org 12 Federations in the past 5 years
13
Networks ∙ Services ∙ People www.geant.org April 2011: Official start of eduGAIN Nov 2013: 21 Federations are members (50%), 5 joining Apr 2014: 24 Federations are members (51%), 6 joining April 2015: 32 Federations are members (57%), 9 joining Whole (academic) SAML landscape: 56 Federations, 3007 IdPs, 6514 SPs (gathered from metadata) Not all of them need to be interfederated, e.g. many internal SPs 13 The Rise of Federations
14
Networks ∙ Services ∙ People www.geant.org 14 eduGAIN and Federations 32 eduGAIN Members 9 Joining eduGAIN 3 Candidate Federation 12 Other Federations April 2015
15
Networks ∙ Services ∙ People www.geant.org 15 Identity is QUEEN Demand for Federated Access Identity as important as the network Users want to access services across various e- Infrastructures Industry recognises the importance of identity and federated access
16
Networks ∙ Services ∙ People www.geant.org 16 Scalability Business Models Support for VOs Authorization Non-Web Browser federated access Assurance Security Incident Response in Federations Support for Guest Users Data Protection Technology translators Attribute release Schema harmonisation Schema harmonization Business Models Scalability The Challenges Inter-federation
17
Networks ∙ Services ∙ People www.geant.org 17 Work in progress
18
Networks ∙ Services ∙ People www.geant.org 18 The Project Two-year EC-funded project 20 partners NRENs, e-Infrastructure providers and Libraries as equal partners About 3M euro budget Starting date 1st May, 2015 https://aarc-project.eu/ Authentication and Authorisation for Research and Collaboration
19
Networks ∙ Services ∙ People www.geant.org 19 AARC - Objectives Build on federated access, improve its up- take and address current challenges Harmonise policies among e-Infrastructures to ease service delivery Avoid the creation of project-specific AAIs by enabling researchers to use their existing credentials to access different resources Avoid the creation of project-specific AAIs by enabling researchers to use their existing credentials to access different resources Define a training package for institutions and services to support federated access Integrate existing R&E AAIs to create an highway for identities
20
Networks ∙ Services ∙ People www.geant.org 20 The landscape 20 AARC Requirements Anchored in real use cases Pilots AARC technical and policy findings Training REFEDS/FIM4R REFEDS: Feedback and validation from Fed Operators on best practices FIM4R: Feedback on pilots from AAI user communities Requirements/feedback for training and architecture e-Infrastructures i.e. GEANT Develop business case Costing Supply chain Pilot the deployments eduGAIN Incorporate
21
Networks ∙ Services ∙ People www.geant.org 21 Where do we want to be
22
Networks ∙ Services ∙ People www.geant.org 22 Challenges in 5 years The role of the IdPs will change: To become only authentication? A national single authentication point for the R&E ? Or a hub? eduID.se to create user accounts to access courses (and more) in all Swedish universities Federations will change More hubs and mesh as needed And to cope with privacy laws Engagement with other sectors: eGov – different approaches per countries/federations Industry – OIDC, social identities and cloud services Account linking
23
Networks ∙ Services ∙ People www.geant.org 23 What will be solved Non-Web federated access Incident response in federated access Attribute release for some use- cases Many issues related to Support for VOs
24
Networks ∙ Services ∙ People www.geant.org 24 Conclusions Plenty of work ahead Environment is right to collaborate rather than reinventing the wheel
25
Networks ∙ Services ∙ People www.geant.org Thank you and any questions Networks ∙ Services ∙ People www.geant.org 25
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.