Presentation is loading. Please wait.

Presentation is loading. Please wait.

University Computing Centre - Srce

Published byAnke Grosse Modified over 6 years ago

Similar presentations

Presentation on theme: "University Computing Centre - Srce"— Presentation transcript:

1 University Computing Centre - Srce
Miroslav Milinović University Computing Centre - Srce EuroCAMP Helsinki, April 2007

2 Contents general information IdM practices policy enforcement
roles & groups schemas authN & certs

3 General information evolved from radius hierarchy (network access as killer app.) SW base (RADIUS + LDAP + SOAP) current architecture in full operation since 03/2006 213 (34) + 1 IdP (nearly enabled users) SP: eduroam hot spots around AuthN reqs processed per month service types: network access (eduroam: wired & wireless, dial-up, cable, EDGE/GRPS) Web based services (LMS, web apps, helpdesks, ...) computing resources (basic services) coupled with national student card & information system of higher.ed.

4 IdM practices IdM policy
technical and organisational requirements data has to be up-to date f2f user registration (registered mail?) IdPs have relative freedom but are considered liable for missuse more formalisation and harmonisation needed a large number of IdPs (diversity in size and technical expertise) is a challenge

5 Policy enforcement IdPs: based on agreements with CARNet and Ministry of science, education and sport resource registry for SPs a large number of IdPs (diversity in size and technical expertise) is a challenge different service classes (network vs. application access) need a different approach to different SPs (eduroam hotspots vs. apps. providers) more formalisation planned

6 Roles & groups via specific atributes in hrEduPerson schema
hrEduPersonAffiliation, hrEduPersonPrimaryAffiliation, hrEduPersonRole hrEduPersonProfessionalStatus, hrEduPersonAcademicStatus, hrEduPersonTitle, hrEduPersonScienceArea, hrEduPersonStudentCategory, hrEduPersonStaffCategory hrEduPersonGroupMember via specific AuthZ solutions at SP’s side croGRID community as a driver for future development federated identity (?) tool for handling groups (?)

7 Schemas hrEduPerson, hrEduOrg use of SCHAC planned in (near) future
registry: ver 1.2. use of SCHAC planned in (near) future harmonisation of attributes (attrib. values) for international (european) conferderations is a challenge

8 AuthN & certs SCS (TERENA) for services
user/passwd seems to be enough for (end)users killer app. needed for (effective) deployment of other authN methods X-CARD project (?) croGRID – a separate case (SLCS solution)

Download ppt "University Computing Centre - Srce"

Similar presentations

Connect. Communicate. Collaborate eduroam: a managed European service Miroslav Milinović, Srce, Zagreb, Croatia eduroam SA, GÉANT2 NORDUnet 2008, Espoo,

Connect. Communicate. Collaborate eduroam: a managed European service Miroslav Milinović, Srce, Zagreb, Croatia eduroam SA, GÉANT2 NORDUnet 2008, Espoo,
Identity Network Ideals – Heterogeneity & Co-existence

Identity Network Ideals – Heterogeneity & Co-existence
EGI-InSPIRE RI-261323 EGI-InSPIRE EGI-InSPIRE RI-261323 AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
TNC 2008 / Short Lived Credential Service Implementation Based on National AAI Short Lived Credential Service Implementation Based on National AAI Emir.

TNC 2008 / Short Lived Credential Service Implementation Based on National AAI Short Lived Credential Service Implementation Based on National AAI Emir.
Connect. Communicate. Collaborate eduroam: towards a managed European service Miroslav Milinović, Srce, Zagreb, Croatia eduroam SA, GÉANT2 Wi-Fi Workshop,

Connect. Communicate. Collaborate eduroam: towards a managed European service Miroslav Milinović, Srce, Zagreb, Croatia eduroam SA, GÉANT2 Wi-Fi Workshop,
Federated access to e-Infrastructures worldwide

Federated access to e-Infrastructures worldwide
18/05/2015 META ACCESS MANAGEMENT SYSTEM Virtual Organisations Accomodating Research Groups in a Shibboleth Federation Peter Schendzielorz Macquarie University’s.

18/05/2015 META ACCESS MANAGEMENT SYSTEM Virtual Organisations Accomodating Research Groups in a Shibboleth Federation Peter Schendzielorz Macquarie University’s.
Identity Management Choosing and Using Sun’s Identity Management Suite March 13 th, 2007 Kim Tracy Executive Director University Computing Services Northeastern.

Identity Management Choosing and Using Sun’s Identity Management Suite March 13 th, 2007 Kim Tracy Executive Director University Computing Services Northeastern.
Technical Issues with Establishing Levels of Assurance Zephyr McLaughlin Lead, Security Middleware Computing & Communications University of Washington.

Technical Issues with Establishing Levels of Assurance Zephyr McLaughlin Lead, Security Middleware Computing & Communications University of Washington.
TechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003 Yuri Demchenko.

TechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003 Yuri Demchenko.
5/25/2015 AEB/Yleisesittely Roaming network access using Shibboleth in University of Helsinki Fall 2004 Internet2 Member Meeting 29th of September, 2004.

5/25/2015 AEB/Yleisesittely Roaming network access using Shibboleth in University of Helsinki Fall 2004 Internet2 Member Meeting 29th of September, 2004.
EuroCAMP Ljubljana, 3-5 March 2006 TERENA Server Certificate Service Towards the large-scale use of affordable popup-free server certificates for the European.

EuroCAMP Ljubljana, 3-5 March 2006 TERENA Server Certificate Service Towards the large-scale use of affordable popup-free server certificates for the European.
Identity Services Goals ① Improved and timely access to MIT services ② Reliable modular utilities (i.e. power, water, phone) ③ Easy integration for.

Identity Services Goals ① Improved and timely access to MIT services ② Reliable modular utilities (i.e. power, water, phone) ③ Easy integration for.
Update SURFnet Bart Kerver TF-EMC2-meeting, Utrecht, 17 Oktober 2006.

Update SURFnet Bart Kerver TF-EMC2-meeting, Utrecht, 17 Oktober 2006.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.

Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
SWITCHaai Team Federated Identity Management.

SWITCHaai Team Federated Identity Management.
AAI with simpleSAMLphp

AAI with simpleSAMLphp
Use case: Federated Identity for Education (Feide) Identity collaboration and federation in Norwegian education Internet2 International Workshop, Chicago,

Use case: Federated Identity for Education (Feide) Identity collaboration and federation in Norwegian education Internet2 International Workshop, Chicago,
(From Radius Hierarchy to AAI) Miroslav Milinović University Computing Centre - Srce EuroCAMP Ljubljana, March 2006.

(From Radius Hierarchy to AAI) Miroslav Milinović University Computing Centre - Srce EuroCAMP Ljubljana, March 2006.
CASE: Haka federation EuroCAMP, 3-5 April, 2006 CSC, the Finnish IT Center for Science

CASE: Haka federation EuroCAMP, 3-5 April, 2006 CSC, the Finnish IT Center for Science

Similar presentations

Ads by Google