Presentation is loading. Please wait.

Presentation is loading. Please wait.

AAAI Pathfinder J Jensen, STFC 031 Oct, 03740.

Published byPatience Nicholson Modified over 6 years ago

Similar presentations

Presentation on theme: "AAAI Pathfinder J Jensen, STFC 031 Oct, 03740."— Presentation transcript:

1 AAAI Pathfinder J Jensen, STFC 031 Oct, 03740

2 RC funded (EPSRC/STFC) Partners:
Executive Summary A national infrastructure pilot for authentication, authorisation, and accounting RC funded (EPSRC/STFC) Partners: EPCC, UCL, JISC, eMedLab (= Crick/UCL), Farr, ARC (= Oxford), DiRAC (UCL+Durham), GridPP, N8 (Leeds) Budget £215K, 10 months, start date

3 Bkg - Technology Moonshot JISC-led activity (+ CESNET, Painless)
“eduRoam for higher level resources (e.g. ssh, web)” Production service in Assent ( Open Source implementation, IETF standard (ABFAB-WG)

4 Bkg - Technology Moonshot Server side Client side Federation
ssh, Apache, MyProxy, (in theory anything that uses GSSAPI, RFC 2743) Client side Needs stuff installed - Support for Debian 8, and {CentOS, RHEL, SL} {6,7} Support for (some) MacOSs nearing completion Federation Needs a trust router (à la eduroam)

5 Bkg - Technology SAFE SAFE-SHARE
Acct mgmt used by ARCHER, DiRAC, and Hartree Developed at EPCC Partially open source - SAFE-SHARE JISC funded HAN – High Assurance Network HAN for medical/biosci (Farr, MRC) and for admin data (ADRN) AAAI for eMedLab, Cloud Infra for Microb. Gen. (CLIMB)

6 Pilot demonstrator for user communities
Project Goals Link stuff together to provide account management, authentication, authorisation, and accounting Pilot demonstrator for user communities EPSR, MR HEI service delivery Connecting to other einfra (internationally) (via a X.509 SLCS)

7 A pilot AAAI across xple sites Interoperability Future directions
Main Deliverables A pilot AAAI across xple sites ARC, N8, DiRAC, eMedLab Interoperability WLCG, ELIXIR, EUDAT, PRACE, EGI Future directions

8 WP details 0. Proj. mgmt Id mgmt pilots SAFE deployment Integration
Assent, IdP, 2-factor for eMedLab SAFE deployment Integration VO/Assent (e.g. VOMS), Assent-X.509 (GridPP) Docs & writeups Architecture, business case

9 GridPP and STFC It was agreed that STFC should fulfill GridPP’s obligations in AAAI pathfinder STFC is a member of Assent STFC already has a Moonshot infrastructure, connected to Assent One IdP connected to site AD; one SP (=ssh) connecting to SCARF cluster (working on more stuff) UK e-Science CA, HSMs, (RCauth?) for interoperation 2.83 Months of effort – Suleman Tariq (Moonshot sysadmin) Starting April 2017

10 Opportunities GridPP STFC
National HPC/data e-I, interoperating beyond WLCG (cf. DiRAC) Considerable expertise in policy harmonisation etc. No direct change to infra(?) – main drivers are LHC STFC Additional services for facilities’ users? Fed id => connecting via nat’l AAAI

11 RCauth RCauth (www.rcauth.eu)
CA, initially piloted by AARC and operated by NIKHEF/Surf Lower LoA (IOTA/DOGWOOD) than Classic et al. But IGTF-accredited Currently investigated by EGI, EUDAT for user certs, (&, indirectly, PRACE) Future terms/steps discussed (Krakow) Should STFC offer to co-host RCauth‘s key? Performance wouldn’t be an issue 

Download ppt "AAAI Pathfinder J Jensen, STFC 031 Oct, 03740."

Similar presentations

Federated Access to Grids Daniel Kouřil, Sam Hartman, Josh Hewlet, Jens Jensen, Michal Procházka EGI User Forum 2011.

Federated Access to Grids Daniel Kouřil, Sam Hartman, Josh Hewlet, Jens Jensen, Michal Procházka EGI User Forum 2011.
Implementing Federated Security with ConSec Jens Jensen, STFC OGF40, Oxford, 16 Jan 2014.

Implementing Federated Security with ConSec Jens Jensen, STFC OGF40, Oxford, 16 Jan 2014.
Contrail and Federated Identity Management

Contrail and Federated Identity Management
Moonshot for Federated Identity Jens Jensen, STFC Daniel Kouřil, CESNET EGI CF, April 2013.

Moonshot for Federated Identity Jens Jensen, STFC Daniel Kouřil, CESNET EGI CF, April 2013.
EUDAT FIM4R at TNC 2014 Jens Jensen, STFC, on behalf of EUDAT AAI task force.

EUDAT FIM4R at TNC 2014 Jens Jensen, STFC, on behalf of EUDAT AAI task force.
© Janet 2012 Project Moonshot Technology, use cases & pilot 17 January, 2012 Haka conference, Helsinki 1.

© Janet 2012 Project Moonshot Technology, use cases & pilot 17 January, 2012 Haka conference, Helsinki 1.
Technology on the NGS Pete Oliver NGS Operations Manager.

Technology on the NGS Pete Oliver NGS Operations Manager.
WLCG Security TEG, risks and Identity Management David Kelsey GridPP28, Manchester 18 Apr 2012.

WLCG Security TEG, risks and Identity Management David Kelsey GridPP28, Manchester 18 Apr 2012.
Project Moonshot TF-MNM. Use cases Project Moonshot 2.

Project Moonshot TF-MNM. Use cases Project Moonshot 2.
Jens G Jensen CCLRC e-Science Single Sign-on to the Grid Federated Access and Integrated Identity Management.

Jens G Jensen CCLRC e-Science Single Sign-on to the Grid Federated Access and Integrated Identity Management.
Federated A(A(A))I Jens Jensen hepsysman, RAL, 20110701.

Federated A(A(A))I Jens Jensen hepsysman, RAL,
Here Come the Feds Federated identity management: the consumer’s perspective Jens Jensen, STFC On behalf of EUDAT AAI TF EGI CF Manchester April 2013.

Here Come the Feds Federated identity management: the consumer’s perspective Jens Jensen, STFC On behalf of EUDAT AAI TF EGI CF Manchester April 2013.
Www.geant.org AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.

AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
Authentication and Authorisation for Research and Collaboration Licia Florio (GÉANT) Christos Kanellopoulos (GRNET) Service orientation.

Authentication and Authorisation for Research and Collaboration Licia Florio (GÉANT) Christos Kanellopoulos (GRNET) Service orientation.
Introduction Moonshot workshop 6.2.2014

Introduction Moonshot workshop
Jens G Jensen CCLRC e-Science Single Sign-on at RAL (and DLS too) Authentication and Integrated Identity Management hepsysman Cambridge, 23 Oct 2006.

Jens G Jensen CCLRC e-Science Single Sign-on at RAL (and DLS too) Authentication and Integrated Identity Management hepsysman Cambridge, 23 Oct 2006.
Jens G Jensen CCLRC e-Science Single Sign-on to the Grid Authentication and Integrated Identity Management HEPiX, CASPUR, Rome 3-7 April 2006.

Jens G Jensen CCLRC e-Science Single Sign-on to the Grid Authentication and Integrated Identity Management HEPiX, CASPUR, Rome 3-7 April 2006.
Authentication and Authorisation for Research and Collaboration Licia Florio REFEDS Meeting The AARC Project I2 Technology Exchange.

Authentication and Authorisation for Research and Collaboration Licia Florio REFEDS Meeting The AARC Project I2 Technology Exchange.
Authentication and Authorisation for Research and Collaboration Licia Florio AARC Workshop The AARC Project Brussels, 26 October.

Authentication and Authorisation for Research and Collaboration Licia Florio AARC Workshop The AARC Project Brussels, 26 October.

Similar presentations

Ads by Google