Presentation is loading. Please wait.

Presentation is loading. Please wait.

Leveraging the IGTF authentication fabric for research

Published byAlphonse Labrie Modified over 6 years ago

Similar presentations

Presentation on theme: "Leveraging the IGTF authentication fabric for research"— Presentation transcript:

1 Leveraging the IGTF authentication fabric for research
the IGTF-to-eduGAIN Bridge and the registration authority network David Groep Nikhef co-supported by the Dutch National e-Infrastructure coordinated by SURF, and by EGI Core Services

2 Leveraging the IGTF registration network for research
A look at the IGTF 15 November 2018 Leveraging the IGTF registration network for research

3 Leveraging the IGTF registration network for research
IGTF capabilities AuthN fabric and identity availability (today) Assurance requirements and assessment for Infrastructures (tomorrow morning) Registry operational guidelines (tomorrow morning) Infrastructure policy harmonisation Snctfi (tomorrow) Registry and operational capabilities (tomorrow afternoon) 15 November 2018 Leveraging the IGTF registration network for research

4 What we do (for authN services)
User-centric authentication – across organisations Independent of user’s home organization Inspired by and aligned with research communities and e-Infrastructures Differentiated assurance derived from a both solid and transparent assurance level Ability to transfer registrations across authorities and countries (with the Registration Practice Statement) … and guidance around trust and trustworthy operations for AuthN and Attributes … and … 15 November 2018 Leveraging the IGTF registration network for research

5 Leveraging the IGTF registration network for research
eduGAIN 40 NRENS (≈ countries) 4254 entities (of which 2533 IdPs, i.e., authentication providers) eduGAIN (status Sept 2017) organisation-centric, and with much national autonomy in policy & practice where it reaches the users and a ‘link’ is made, provides great ease of use in most organisations, research is not the primary use case (yet) for the ‘IdP’ 15 November 2018 Leveraging the IGTF registration network for research

6 Infrastructure specific hubs
EGI CheckIn B2ACCESS CILogon ORCID Local log-in, mangled tokens, directory auth, ‘golden’ portals that ‘snoop’ your credentials, ‘golden’ portals assuming ownership of everything, … Service-bespoke solutions 15 November 2018 Leveraging the IGTF registration network for research

7 Turtles all the way down … and up!
15 November 2018 Leveraging the IGTF registration network for research

8 TCS – CILogon – DFN SLCS – RCauth.eu
15 November 2018 Leveraging the IGTF registration network for research

9 Leveraging the IGTF registration network for research
IGTF to eduGAIN bridge 15 November 2018 Work by Ioannis Kakavas and Nicolas Liampotis (GRNET) for the AARC project Leveraging the IGTF registration network for research

10 Guidance we have and use
Assurance Profile Assessment support ‘Back-office’ template practices 15 November 2018 Leveraging the IGTF registration network for research

11 Registration Networks
Although the process is labour-intensive and relatively slow, for some user categories the prevalent ‘user-held’ credential is the only one that ‘works’: non-academic users (SMEs, industrial R&S) users in a place without an eduGAIN federation users in a place that does not do unique ID users in an organization that does not release attributes users in an organization that does not provide assurance 15 November 2018 Leveraging the IGTF registration network for research

12 A ‘high-quality IdP of last resort’?
Most useful asset is our RA network! 15 November 2018 Leveraging the IGTF registration network for research

13 Leveraging the IGTF registration network for research
Ideas … Promote the use of (existing) bridges Support other credential types and/or interfaces? In places without an existing federation Promote its establishment, as now eduGAIN is more open than before … join eduGAIN yourself – as a ‘trivial hub&spoke’ using the bridge IdP technology? Where a federation exists Establish direct links – there’s an opportunity in ‘long-tail’ support and IdP-of-last-resort services ? Push for a federation policy aligned with global (researcher) needs? Expose differentiated assurance model to subscribers? User-held credentials avoid much of the privacy issues? 15 November 2018 Leveraging the IGTF registration network for research

14 Building a global trust fabric
Discussion! Building a global trust fabric Leveraging the IGTF registration network for research

Download ppt "Leveraging the IGTF authentication fabric for research"

Similar presentations

EGI-InSPIRE RI-261323 EGI-InSPIRE EGI-InSPIRE RI-261323 AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Www.geant.org AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.

AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
EResearchers Requirements the IGTF model of interoperable global trust and with a view towards FIM4R AAI Workshop Presenter: David Groep, Nikhef.

EResearchers Requirements the IGTF model of interoperable global trust and with a view towards FIM4R AAI Workshop Presenter: David Groep, Nikhef.
Authentication and Authorisation for Research and Collaboration Licia Florio AARC Workshop The AARC Project Brussels, 26 October.

Authentication and Authorisation for Research and Collaboration Licia Florio AARC Workshop The AARC Project Brussels, 26 October.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration David Kelsey AARC AHM Milan And mechanisms NA3 Task 4 – Scalable.

Authentication and Authorisation for Research and Collaboration David Kelsey AARC AHM Milan And mechanisms NA3 Task 4 – Scalable.
Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos Open Day Event: Towards the European Open.

Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos Open Day Event: Towards the European Open.
Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.
Networks ∙ Services ∙ People Thomas Bärecke Journée Fédération, Paris Collaboration européenne GÉANT SA5 03/07/2015 SA5 T5 team

Networks ∙ Services ∙ People Thomas Bärecke Journée Fédération, Paris Collaboration européenne GÉANT SA5 03/07/2015 SA5 T5 team
David Groep Nikhef Amsterdam PDP & Grid Bring the WLCG federation Home Extending your trust options beyond bottom-up identity by collaborating with global.

David Groep Nikhef Amsterdam PDP & Grid Bring the WLCG federation Home Extending your trust options beyond bottom-up identity by collaborating with global.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration Taipei Taiwan Authentication and Authorisation for Research and.

Authentication and Authorisation for Research and Collaboration Taipei Taiwan Authentication and Authorisation for Research and.
European Grid Initiative AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

European Grid Initiative AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
David Groep Nikhef Amsterdam PDP & Grid AARC Authentication and Authorisation for Research and Collaboration an impression of the road ahead.

David Groep Nikhef Amsterdam PDP & Grid AARC Authentication and Authorisation for Research and Collaboration an impression of the road ahead.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration Peter Solagna, Nicolas EGI AAI integration experiences AARC Project.

Authentication and Authorisation for Research and Collaboration Peter Solagna, Nicolas EGI AAI integration experiences AARC Project.
ELIXIR AAI Michal Procházka, Mikael Linden, EGI VC 15 March 2016.

ELIXIR AAI Michal Procházka, Mikael Linden, EGI VC 15 March 2016.
IGTF in 10 years enabling the interoperable global trust federation Nikhef, Amsterdam supported the Dutch national e-Infrastructure funded and coordinated.

IGTF in 10 years enabling the interoperable global trust federation Nikhef, Amsterdam supported the Dutch national e-Infrastructure funded and coordinated.
Security in the wider world David Kelsey (STFC-RAL) GridPP37 – Ambleside 2 Sep 2016.

Security in the wider world David Kelsey (STFC-RAL) GridPP37 – Ambleside 2 Sep 2016.
The IGTF to eduGAIN Bridge

The IGTF to eduGAIN Bridge
Building Trust for Research and Collaboration

Building Trust for Research and Collaboration
Introduction to AAI Services

Introduction to AAI Services

Similar presentations

Ads by Google