Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Grid certificate in 5 minutes large scale federated automated issuing of grid certificates Jan MeijerEGEE’09 21-25 Sept 2009 Barcelona.

Published byRobyn Flynn Modified over 9 years ago

Similar presentations

Presentation on theme: "A Grid certificate in 5 minutes large scale federated automated issuing of grid certificates Jan MeijerEGEE’09 21-25 Sept 2009 Barcelona."— Presentation transcript:

1 a Grid certificate in 5 minutes large scale federated automated issuing of grid certificates Jan MeijerEGEE’09 21-25 Sept 2009 Barcelona

2 me 1998-2007: SURFnet – CERT, security, PKI, systems engineering, e-voting 2007-now: UNINETT – service development, storage, PKI

3 collaborative service the true story of developing a sustainable scalable pan-European service

4 Problem 1 Norwegian Grid, HPC, Data Storage Norwegian authentication infrastructure (AAI) ?

5 Problem 2 eScience Gridauthentication = x.509 certificates

6 Traditional certificate issuing

7 Manual identity vetting annoying for the user annoying for the service provider

8 your identity has been vetted!

9 Solution: reuse and automate

10 not new: SLCS/MICS

11 establish the service 1.Certificate issuing backend 2.Web portal front end 3.EuGridPMA accreditation

12 EUgridPMA accreditation?

13 establish service = people hours + $$

14 Automation scales: share the cost!

15 use technology an online automated CA can handle 100.000s of requests AAI Federations

16 TERENA Certificate Service combined acquisition of certificates operational since March 2006 current provider: Comodo

17 TERENA Certificate Service by NRENs for NRENs

18 SCS Numbers Participating NRENs18 (3 recent) Certificates issued19,400 Participating organisations 2,225 Proxies3,800 Apr 2006 – Aug 2008

19 TCS TERENA SSL CA: Server certificates TERENA eScience SSL CA TERENA Code Signing CA TERENA Personal CA TERENA eScience Personal CA

20 TCS Participating NRENs CountryMember org.ServerCode SigningPersonal AustriaACOnetXXX BelgiumBELNETXXX CroatiaCARnetX Czech RepublicCESNETXX DenmarkUNI-CX FranceRENATERXX GreeceGRNETXX HungaryHUNGARNETX IrelandHEAnetXX ItalyGARRX LithuaniaLITNETXX MaltaUoMX NetherlandsSURFnetXXX NorwayUNINETTXXX PolandPSNCXXX PortugalFCCNX SloveniaARNESX SpainRedIRISXXX SwedenSUNETXXX UKJANETX 20712

21 TERENA eScience Personal CA

22

23 Delegated Responsibilities

24 Governance Service responsible: TERENA delivers on behalf of participating NRENs Important decisions: SCS-Rep per NREN Day-to-day: TCS PMA Kent Engström, Jan Meijer, Kevin Meynell, Teun Nijssen, Milan Sova

25 steps to production EUgridPMA accreditation: – formal start in Oct 2009 Portal software development: – production ready in Sept 2009 Shared portal (.cz,.fi,.nl,.no,.se) – production Oct 2009 Service operational: – Nov 2009

26 a story of smooth collaboration UNINETT/Sigma coordinates NGIs, NRENs and AAI Federations of Czech Republic, Denmark, Finland, Netherlands, Norway, Sweden TERENA, NDGF, all TCS NRENs and countless others....

27 Funding development: – UNINETT/Sigma, TERENA, NDGF, other participants operations: – NRENs

28 soon your grid certificate in 5 minutes through an NREN near you http://www.terena.org/tcs/ http://www.confusa.org/ jan.meijer uninett.no

Download ppt "A Grid certificate in 5 minutes large scale federated automated issuing of grid certificates Jan MeijerEGEE’09 21-25 Sept 2009 Barcelona."

Similar presentations

Joining eduroam Wireless Roaming for Education and Research.

Joining eduroam Wireless Roaming for Education and Research.
Introduction of Grid Security

Introduction of Grid Security
Usage of PGP in TACAR 19th OGF Meeting Chapel Hill, USA February 1, 2007 Licia Florio Project Development Officer

Usage of PGP in TACAR 19th OGF Meeting Chapel Hill, USA February 1, 2007 Licia Florio Project Development Officer
TNC 2008 / Short Lived Credential Service Implementation Based on National AAI Short Lived Credential Service Implementation Based on National AAI Emir.

TNC 2008 / Short Lived Credential Service Implementation Based on National AAI Short Lived Credential Service Implementation Based on National AAI Emir.
TERENA: European Collaboration in Research and Education Networking Belarus-Poland NREN Cross Border Link Inauguration Event Minsk, Belarus, 08-11-2010.

TERENA: European Collaboration in Research and Education Networking Belarus-Poland NREN Cross Border Link Inauguration Event Minsk, Belarus,
2006 © SWITCH Authentication and Authorization Infrastructures in e-Science (and the role of NRENs) Christoph Witzig SWITCH e-IRG, Helsinki, Oct 4, 2006.

2006 © SWITCH Authentication and Authorization Infrastructures in e-Science (and the role of NRENs) Christoph Witzig SWITCH e-IRG, Helsinki, Oct 4, 2006.
EuroCAMP Ljubljana, 3-5 March 2006 TERENA Server Certificate Service Towards the large-scale use of affordable popup-free server certificates for the European.

EuroCAMP Ljubljana, 3-5 March 2006 TERENA Server Certificate Service Towards the large-scale use of affordable popup-free server certificates for the European.
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org JRA3 2 nd EU Review Input David Groep NIKHEF.

INFSO-RI Enabling Grids for E-sciencE JRA3 2 nd EU Review Input David Groep NIKHEF.
National Center for Supercomputing Applications PKI and CKM ® Scaling Study NCASSR Kick-off Meeting June 11-12, 2003 Jim Basney

National Center for Supercomputing Applications PKI and CKM ® Scaling Study NCASSR Kick-off Meeting June 11-12, 2003 Jim Basney
NRENs supporting Grids using current Grid technology TERENA NREN-GRID Workshop Amsterdam 2005-10-17 Milan Sova CESNET.

NRENs supporting Grids using current Grid technology TERENA NREN-GRID Workshop Amsterdam Milan Sova CESNET.
EU NREN PKI Jan MeijerAARnet PKI / Access Federations Strategy Workshop 10 February 2010 Sydney.

EU NREN PKI Jan MeijerAARnet PKI / Access Federations Strategy Workshop 10 February 2010 Sydney.
Webinar “Operating the TCS shared portals” for NREN admins TCS shared portal project a/TCS_Portal_project Jan Meijer.

Webinar “Operating the TCS shared portals” for NREN admins TCS shared portal project a/TCS_Portal_project Jan Meijer.
Connect communicate collaborate Campus Best Practices Gunnar Bøe, Section Manager, Campus Networks and Systems, UNINETT Skopje, 15 Sept. 2011.

Connect communicate collaborate Campus Best Practices Gunnar Bøe, Section Manager, Campus Networks and Systems, UNINETT Skopje, 15 Sept
Middleware challenges to service providers, the Nordic view TERENA, 24.10.2002 Ingrid Melve, UNINETT.

Middleware challenges to service providers, the Nordic view TERENA, Ingrid Melve, UNINETT.
European Life Sciences Infrastructure for Biological Information www.elixir-europe.org ELIXIR www.elixir-europe.org.

European Life Sciences Infrastructure for Biological Information ELIXIR
Www.egi.eu EGI-InSPIRE RI-261323 www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE EGI services for the long tail of science Peter Solagna Senior Operations.

EGI-InSPIRE RI EGI-InSPIRE RI EGI-InSPIRE EGI services for the long tail of science Peter Solagna Senior Operations.
TERENA Certificate Service (TCS) 9 June 2011. Slide 2 › Many NRENs had set-up a CA, but certificates issued were not trusted by web browsers (the ‘ pop-up.

TERENA Certificate Service (TCS) 9 June Slide 2 › Many NRENs had set-up a CA, but certificates issued were not trusted by web browsers (the ‘ pop-up.
Community Services WI TF-EMC2 VC Meeting 29 June, 2011 Licia Florio

Community Services WI TF-EMC2 VC Meeting 29 June, 2011 Licia Florio
John Dyer Business & Technology Strategist TERENA 10 February 2014 TF-MSP Meeting ACOnet, Vienna Aggregation of Demand Collaborative.

John Dyer Business & Technology Strategist TERENA 10 February 2014 TF-MSP Meeting ACOnet, Vienna Aggregation of Demand Collaborative.
12-May-03D.P.Kelsey, SCG Online Authentication1 Online Authentication SCG Meeting EDG Barcelona, 12 May 2003 David Kelsey CCLRC/RAL, UK

12-May-03D.P.Kelsey, SCG Online Authentication1 Online Authentication SCG Meeting EDG Barcelona, 12 May 2003 David Kelsey CCLRC/RAL, UK

Similar presentations

Ads by Google