Download presentation
Presentation is loading. Please wait.
Published byMarvin Shaw Modified over 8 years ago
1
Security in the wider world David Kelsey (STFC-RAL) GridPP37 – Ambleside 2 Sep 2016
2
Overview Reminder - EGI CSIRT continues to be the operational security body for WLCG (in Europe) –The UK NGI Security team plays a leading role –Funding for security coordination from the EGI Foundation Many different activities – just show a few today –Policies, Procedures, Monitoring, Training, Dissemination … EU H2020 projects - development –EGI-Engage –AARC (Authentication and Authorisation for Research & Collaboration) “Wise Information Security for Einfrastructures” (WISE) Future H2020 proposals –AARC2 now approved: ? May 2017 – April 2019 –EINFRA12 call (EGI-Engage follow-on): ? Jan 2018 – Dec 2020 2 Sep 2016 Kelsey/Security 2
3
EGI-Engage SA1.2 2 Sep 2016 Kelsey/Security 3
4
EGI SVG 2 Sep 2016 Kelsey/Security 4
5
2 Sep 2016 Kelsey/Security 5
6
AARC 2 Sep 2016 Kelsey/Security 6
7
2 Sep 2016 Kelsey/Security 7
8
The new EGI AAI infrastructure TJRA1.1 JRA1 E-Infrastructure Commons EGI-Engage JRA1.1 – slides from Diego Scardaci
9
Core requirements for the AAI Credentials/Tokens –Users access EGI services with credentials released by his/her home organisation (eduGAIN support) –Take into account the so-called homeless users –Level Of Assurance (LoA) for each credential type Open architecture –Support the most common technologies to manage federated identities: SAML, OpenID Connect, X.509, etc. –Support several attributes sources –Easily extensible and interoperable with other infrastructures Hide the complexity to the Service providers –Token Translator Services (TTSs) Convert a credential to be recognised by the service JRA1 E-Infrastructure Commons
10
New EGI AAI and trust model JRA1 E-Infrastructure Commons Information sent to service providers Community Attribute Authority TRUST Community attributes User “User A” EGI Services Level of Assurance
11
Liaison with AARC & Requirements gathering Collaboration established with the AARC project: –Adopt AAI policies, solutions and best practices defined at European level –Deal with problems that require a larger scope to be resolved (e.g. global unique identifiers, levels of assurance, etc.) –The AARC Blueprint IdP/SP proxy model, TTS based on CILogon Requirements gathering –EGI-Engage Competence Centers –Other EGI communities and RIs –EGI Tools JRA1 E-Infrastructure Commons
12
EGI AAI WP3 E-Infrastructure Commons
13
EGI AAI WP3 E-Infrastructure Commons
14
EGI AAI WP3 E-Infrastructure Commons
15
IGTF/AARC 2 Sep 2016 Kelsey/Security 15
16
USA - CILogon 2 Sep 2016 Kelsey/Security 16
17
AARC IOTA CA 2 Sep 2016 Kelsey/Security 17
18
WISE 2 Sep 2016 Kelsey/Security 18
19
2 Sep 2016 Kelsey/Security 19
20
WISE 2 Sep 2016 Kelsey/Security 20
21
WISE 2 Sep 2016 Kelsey/Security 21
22
WISE 2 Sep 2016 Kelsey/Security 22
23
Next WISE Workshop Tuesday 27 Sep 2016 Before the Digital Infrastructures for Research (DI4R) conference in Krakow, Poland 2 Sep 2016 Kelsey/Security 23
24
QUESTIONS? 2 Sep 2016 Kelsey/Security 24
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.