Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security in the wider world David Kelsey (STFC-RAL) GridPP37 – Ambleside 2 Sep 2016.

Published byMarvin Shaw Modified over 8 years ago

Similar presentations

Presentation on theme: "Security in the wider world David Kelsey (STFC-RAL) GridPP37 – Ambleside 2 Sep 2016."— Presentation transcript:

1 Security in the wider world David Kelsey (STFC-RAL) GridPP37 – Ambleside 2 Sep 2016

2 Overview Reminder - EGI CSIRT continues to be the operational security body for WLCG (in Europe) –The UK NGI Security team plays a leading role –Funding for security coordination from the EGI Foundation Many different activities – just show a few today –Policies, Procedures, Monitoring, Training, Dissemination … EU H2020 projects - development –EGI-Engage –AARC (Authentication and Authorisation for Research & Collaboration) “Wise Information Security for Einfrastructures” (WISE) Future H2020 proposals –AARC2 now approved: ? May 2017 – April 2019 –EINFRA12 call (EGI-Engage follow-on): ? Jan 2018 – Dec 2020 2 Sep 2016 Kelsey/Security 2

3 EGI-Engage SA1.2 2 Sep 2016 Kelsey/Security 3

4 EGI SVG 2 Sep 2016 Kelsey/Security 4

5 2 Sep 2016 Kelsey/Security 5

6 AARC 2 Sep 2016 Kelsey/Security 6

7 2 Sep 2016 Kelsey/Security 7

8 The new EGI AAI infrastructure TJRA1.1 JRA1 E-Infrastructure Commons EGI-Engage JRA1.1 – slides from Diego Scardaci

9 Core requirements for the AAI Credentials/Tokens –Users access EGI services with credentials released by his/her home organisation (eduGAIN support) –Take into account the so-called homeless users –Level Of Assurance (LoA) for each credential type Open architecture –Support the most common technologies to manage federated identities: SAML, OpenID Connect, X.509, etc. –Support several attributes sources –Easily extensible and interoperable with other infrastructures Hide the complexity to the Service providers –Token Translator Services (TTSs) Convert a credential to be recognised by the service JRA1 E-Infrastructure Commons

10 New EGI AAI and trust model JRA1 E-Infrastructure Commons Information sent to service providers Community Attribute Authority TRUST Community attributes User “User A” EGI Services Level of Assurance

11 Liaison with AARC & Requirements gathering Collaboration established with the AARC project: –Adopt AAI policies, solutions and best practices defined at European level –Deal with problems that require a larger scope to be resolved (e.g. global unique identifiers, levels of assurance, etc.) –The AARC Blueprint IdP/SP proxy model, TTS based on CILogon Requirements gathering –EGI-Engage Competence Centers –Other EGI communities and RIs –EGI Tools JRA1 E-Infrastructure Commons

12 EGI AAI WP3 E-Infrastructure Commons

13 EGI AAI WP3 E-Infrastructure Commons

14 EGI AAI WP3 E-Infrastructure Commons

15 IGTF/AARC 2 Sep 2016 Kelsey/Security 15

16 USA - CILogon 2 Sep 2016 Kelsey/Security 16

17 AARC IOTA CA 2 Sep 2016 Kelsey/Security 17

18 WISE 2 Sep 2016 Kelsey/Security 18

19 2 Sep 2016 Kelsey/Security 19

20 WISE 2 Sep 2016 Kelsey/Security 20

21 WISE 2 Sep 2016 Kelsey/Security 21

22 WISE 2 Sep 2016 Kelsey/Security 22

23 Next WISE Workshop Tuesday 27 Sep 2016 Before the Digital Infrastructures for Research (DI4R) conference in Krakow, Poland 2 Sep 2016 Kelsey/Security 23

24 QUESTIONS? 2 Sep 2016 Kelsey/Security 24

Download ppt "Security in the wider world David Kelsey (STFC-RAL) GridPP37 – Ambleside 2 Sep 2016."

Similar presentations

EGI-InSPIRE RI-261323 EGI-InSPIRE EGI-InSPIRE RI-261323 AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 EGI - Identity Management Steven Newhouse Director, EGI.eu Federated Identity.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI - Identity Management Steven Newhouse Director, EGI.eu Federated Identity.
Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI TF, AAI workshop 19 Sep 2012.

Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI TF, AAI workshop 19 Sep 2012.
Www.egi.eu EGI-Engage www.egi.eu EGI-Engage Engaging the EGI Community towards an Open Science Commons Project Overview 9/14/2015 EGI-Engage: a project.

EGI-Engage EGI-Engage Engaging the EGI Community towards an Open Science Commons Project Overview 9/14/2015 EGI-Engage: a project.
Www.geant.org AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.

AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
Authentication and Authorisation for Research and Collaboration Licia Florio (GÉANT) Christos Kanellopoulos (GRNET) Service orientation.

Authentication and Authorisation for Research and Collaboration Licia Florio (GÉANT) Christos Kanellopoulos (GRNET) Service orientation.
European Life Sciences Infrastructure for Biological Information www.elixir-europe.org Life science community update for the 7 th Federated Identity Management.

European Life Sciences Infrastructure for Biological Information Life science community update for the 7 th Federated Identity Management.
EResearchers Requirements the IGTF model of interoperable global trust and with a view towards FIM4R AAI Workshop Presenter: David Groep, Nikhef.

EResearchers Requirements the IGTF model of interoperable global trust and with a view towards FIM4R AAI Workshop Presenter: David Groep, Nikhef.
Authentication and Authorisation for Research and Collaboration Licia Florio REFEDS Meeting The AARC Project I2 Technology Exchange.

Authentication and Authorisation for Research and Collaboration Licia Florio REFEDS Meeting The AARC Project I2 Technology Exchange.
Authentication and Authorisation for Research and Collaboration Licia Florio AARC Workshop The AARC Project Brussels, 26 October.

Authentication and Authorisation for Research and Collaboration Licia Florio AARC Workshop The AARC Project Brussels, 26 October.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration David Kelsey AARC AHM Milan And mechanisms NA3 Task 4 – Scalable.

Authentication and Authorisation for Research and Collaboration David Kelsey AARC AHM Milan And mechanisms NA3 Task 4 – Scalable.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration Peter Solagna Milano, AARC General meeting Current status and plans.

Authentication and Authorisation for Research and Collaboration Peter Solagna Milano, AARC General meeting Current status and plans.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration Peter Solagna Milano, AARC General meeting Current status and plans.

Authentication and Authorisation for Research and Collaboration Peter Solagna Milano, AARC General meeting Current status and plans.
JRA1.4 Models for implementing Attribute Providers and Token Translation Services Andrea Biancini.

JRA1.4 Models for implementing Attribute Providers and Token Translation Services Andrea Biancini.
Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.

Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.
Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos Open Day Event: Towards the European Open.

Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos Open Day Event: Towards the European Open.
WLCG Authentication & Authorisation LHCOPN/LHCONE Rome, 29 April 2014 David Kelsey STFC/RAL.

WLCG Authentication & Authorisation LHCOPN/LHCONE Rome, 29 April 2014 David Kelsey STFC/RAL.
Www.eudat.eu EUDAT receives funding from the European Union's Horizon 2020 programme - DG CONNECT e-Infrastructures. Contract No. 654065 B2ACCESS LSDMA.

EUDAT receives funding from the European Union's Horizon 2020 programme - DG CONNECT e-Infrastructures. Contract No B2ACCESS LSDMA.
Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.

Similar presentations

Ads by Google