Presentation is loading. Please wait.

Presentation is loading. Please wait.

Federated Identity Management for Researchers (FIM4R)

Published byEdgar Boone Modified over 6 years ago

Similar presentations

Presentation on theme: "Federated Identity Management for Researchers (FIM4R)"— Presentation transcript:

1 Federated Identity Management for Researchers (FIM4R)
David Kelsey (STFC-RAL) EGI Data & Clouds, Amsterdam 24 Sep 2014

2 Overview FIM4R – what? who? why? The AAI vision and requirements
Pilot projects News from RDA FIMig 24 Sep 14 FIM4R, Kelsey

3 Federated IdM for Research (FIM4R)
Includes photon & neutron facilities, social science & humanities, high energy physics, climate science, life sciences and ESA Aim: define common vision, requirements and best practices Vision and requirements paper published 24 Sep 14 FIM4R, Kelsey

4 FIM4R Update Workshops started in June 2011 (CERN)
Most recent (7th) was hosted by ESRIN in Frascati 23-24 April 2014 24 Sep 14 FIM4R, Kelsey

5 7th FIM4R meeting summary (slides of Bob Jones/CERN)
23-24 April 2014 ESRIN Frascati

6 The FIM4R Vision A common policy and trust framework for Identity Management based on existing structures and federations either presently in use by or available to the communities. This framework must provide researchers with unique electronic identities authenticated in multiple administrative domains and across national boundaries that can be used together with community defined attributes to authorize access to digital resources. Still valid though we may think to extend: lifetime of unique electronic identities to cover whole career of a researcher Common policy and trust framework also includes operations authorize access to digital resources may imply legal constraints Being able to estimate the cost of transition to FIM may be an indication of maturity 24 Sep 14 FIM4R, Kelsey

7 Prioritisation of FIM4R requirements
User friendliness (high) Support for citizen scientists and researchers without formal association to research labs or univ Homeless-IdP tested in pilots Browser & non-browser federated access (high) Testing in Pilots Bridging communities (medium) Bridging is a central issue with an efficient mapping of the respective attributes Not tested in Pilots Multiple technologies with translators including dynamic issue of credentials (medium) Implementations based on open stds and sustainable with compatible licenses (high) OpenID & SAML can interop. Different Levels of Assurance with provenance (high) Credentials need to include the provenance of the level under which it was issued Authorisation under community and/or facility control (high) 24 Sep 14 FIM4R, Kelsey

8 Prioritisation of FIM4R requirements
Well defined semantically harmonised attributes (medium) Limited success with subset of eduPerson but believe it is better to aim for consistency within a community Flexible and scalable IdP attribute release policy (medium) Bi-lateral negotiations between all SPs and all IdPs is not a scalable solution Not Yet  Attributes must be able to cross national borders (high) Data protection considerations must allow this to happen. Attribute aggregation for authorisation (medium) Attributes need to be aggregated from different sources of authority including federated IdPs and community-based attribute authorities. Works for Active Directory Federation Services Privacy and data protection addressed with community-wide individual ids (medium) Testing in Pilots 24 Sep 14 FIM4R, Kelsey

9 A quick overview from GÉANT Ann Harding - SWITCH
Federated Identity Management for Researchers – A quick overview from GÉANT Ann Harding - SWITCH BoF TNC 2014 20 May 2014 Dublin

10 Three Collaborative Pilots – User communities and GÉANT
“A connected network of people, information, tools, and methodologies for investigating, exploring and supporting work across the broad spectrum of the digital humanities.” “Basic life science information constitutes a testament of human and natural evolution and advancement. As such, this wealth of knowledge should be freely available for all to access, study and process” “Umbrella is the Federated Identity Solution of the Photon and Neutron Community, enabling user initiated trans-facility access.” Goal – use these pilots to address issues from FIM4R for the benefit both of the individual communities and the wider community. Both geant and the communities invest significant time and effort.

11 There’s plenty of work still to do for everyone
Attributes - Release, consistency, community specific and harmonisation Levels of Assurance A long term issue to be broken down Understanding security and incident response Progress can be slow initially More experience, work faster Non web – Early pilot not novice user but evolving more Many other research communities developing AAI requirements and work

12 News from RDA FIMig Met this morning at the RDA Plenary
Topics addressed FIM4R CLARIN pilot Extending Photon/Neutron Umbrella to USA Report from FIM4R Frascati meeting Federation as a Service (GWDG) Plans for REFEDS, GEANT, H2020 Developments in USA including move towards role-based access control Virtual Organisation as a Service Next FIM4R meeting being planned 24 Sep 14 FIM4R, Kelsey

13 Questions? 24 Sep 14 FIM4R, Kelsey

Download ppt "Federated Identity Management for Researchers (FIM4R)"

Similar presentations

Federated Identity Management for Research Communities: FIM 4 R CSC, Helsinki 2 nd October 2013 Bob Jones, CERN.

Federated Identity Management for Research Communities: FIM 4 R CSC, Helsinki 2 nd October 2013 Bob Jones, CERN.
Federated Identity Management for Researchers – A quick overview from GÉANT BoF TNC 2014 20 May 2014 Dublin.

Federated Identity Management for Researchers – A quick overview from GÉANT BoF TNC May 2014 Dublin.
Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI TF, AAI workshop 19 Sep 2012.

Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI TF, AAI workshop 19 Sep 2012.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST 24-27 May 2005, Edinburgh.

1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
FIM-ig Federated Identity Management Interest Group.

FIM-ig Federated Identity Management Interest Group.
EUROPEAN IDENTITY STRATEGY 1 NICOLE HARRIS e-Infrastructure Summer Workshops, Federated Identity Technology.

EUROPEAN IDENTITY STRATEGY 1 NICOLE HARRIS e-Infrastructure Summer Workshops, Federated Identity Technology.
Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.

Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.
Trust and Security for FIM (Sirtfi/SCI) David Kelsey (STFC-RAL) FIM4R at CERN 4 Feb 2015.

Trust and Security for FIM (Sirtfi/SCI) David Kelsey (STFC-RAL) FIM4R at CERN 4 Feb 2015.
BoF: Federated Identity Management for Researchers David Kelsey (STFC-RAL) TNC2014, Dublin 20 May 2014.

BoF: Federated Identity Management for Researchers David Kelsey (STFC-RAL) TNC2014, Dublin 20 May 2014.
Authentication and Authorization in a federated environment Jules Wolfrat (SARA)

Authentication and Authorization in a federated environment Jules Wolfrat (SARA)
Www.geant.org AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.

AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.
Climate Sciences: Use Case and Vision Summary Philip Kershaw CEDA, RAL Space, STFC.

Climate Sciences: Use Case and Vision Summary Philip Kershaw CEDA, RAL Space, STFC.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
Connect communicate collaborate GÉANT3plus Enabling Users Pilots Lukas Hämmerle Task Leader Enabling Users

Connect communicate collaborate GÉANT3plus Enabling Users Pilots Lukas Hämmerle Task Leader "Enabling Users"
Belnet Federation Belnet – Loriau Nicolas Brussels – 12 th of June 2014.

Belnet Federation Belnet – Loriau Nicolas Brussels – 12 th of June 2014.
Authentication and Authorisation for Research and Collaboration Licia Florio (GÉANT) Christos Kanellopoulos (GRNET) Service orientation.

Authentication and Authorisation for Research and Collaboration Licia Florio (GÉANT) Christos Kanellopoulos (GRNET) Service orientation.
Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI CF, FIM workshop 11 Apr 2013.

Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI CF, FIM workshop 11 Apr 2013.
7 th FIM 4 R meeting 23-24 April 2014 ESRIN Frascati.

7 th FIM 4 R meeting April 2014 ESRIN Frascati.
EResearchers Requirements the IGTF model of interoperable global trust and with a view towards FIM4R AAI Workshop Presenter: David Groep, Nikhef.

EResearchers Requirements the IGTF model of interoperable global trust and with a view towards FIM4R AAI Workshop Presenter: David Groep, Nikhef.
Federated Identity Management for Research Collaborations Bob Jones, CERN Daan Broeder, Max-Planck Institute for Psycholinguistics David Kelsey, Particle.

Federated Identity Management for Research Collaborations Bob Jones, CERN Daan Broeder, Max-Planck Institute for Psycholinguistics David Kelsey, Particle.

Similar presentations

Ads by Google