Presentation is loading. Please wait.

Presentation is loading. Please wait.

2006 © SWITCH SWITCH Plans for Shibboleth and Grid GGF16 Feb 14, 2006 Christoph Witzig (Thomas Lenggenhager, Valery Tschopp, Placi Flury) SWITCH.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "2006 © SWITCH SWITCH Plans for Shibboleth and Grid GGF16 Feb 14, 2006 Christoph Witzig (Thomas Lenggenhager, Valery Tschopp, Placi Flury) SWITCH."— Presentation transcript:

1 2006 © SWITCH SWITCH Plans for Shibboleth and Grid GGF16 Feb 14, 2006 Christoph Witzig (Thomas Lenggenhager, Valery Tschopp, Placi Flury) SWITCH

2 2006 © SWITCH 2 GGF16 - Feb 14, 2006 Happy Valentine’s Day First an important reminder….

3 2006 © SWITCH 3 GGF16 - Feb 14, 2006 SWITCHaai SWITCH built up and operates now SWITCHaai - a national Shibboleth-based AAI AAI efforts started in 2002, since last summer in production mode Current Status: – Approx. 133’000 members of the Swiss higher education sector have AAI-enabled accounts – Approx. 10’000 use SWITCHaai on a regular basis So far SWITCH has not been active in grids Among other things SWITCH also operates SWITCHpki

4 2006 © SWITCH 4 GGF16 - Feb 14, 2006 SWITCH and EGEE-2 SWITCH work on interoperability of Shibboleth and gLite is part of EGEE-2 proposal (by SWITCH in EGEE NREN Federation) Focus is on – Interoperability (NO replacement for X.509) – Specific for EGEE-2 infrastructure (VOMS etc) – Integrate, re-use, re-engineer existing code, write new code only as needed Key Concepts: – Home institution of the user should be the Identity Provider – Home institution provides some attributes – But VO is needed for (grid specific) attributes

5 2006 © SWITCH 5 GGF16 - Feb 14, 2006 Plan Work will start in April 2006 and last for 2 years Our plan consists of three phases – Two initial, shorter phases with the goal  Start small and hook up Shibboleth AAI to a gLite grid with minimum amount of changes (in particular no change at the CE)  Build up knowledge and expertise  April 06 --> summer/fall – A longer third phase  SAML support at the resource end  Design during phase 1 and 2 (summer 06)  Implementation fall 06 --> spring 08

6 2006 © SWITCH 6 GGF16 - Feb 14, 2006 Phase 1 and 2

7 2006 © SWITCH 7 GGF16 - Feb 14, 2006 Phase 1: Integration with SWITCHpki Generation of X.509 by Shib Resource based on AuthN at IdP Admin. Procedures are key for quality of user management System (EUGRIDPMA compliant) Different kinds of assurance levels User generates key pair and submits certificate signing request

8 2006 © SWITCH 8 GGF16 - Feb 14, 2006 Phase 3: SAML Support at the Resource Goal: Support for SAML for authentication and authorization without relying on X.509 (on a configurable basis) Should be based on SAML2 and Shibboleth2 – Supports ECP Profile (constrained delegation) – Detailed Design to be done in summer 2006 (depends on Shib2)

9 2006 © SWITCH 9 GGF16 - Feb 14, 2006 Access for Grid Users to Shib SP Intention: add “symmetry” between enabling access for Shib and grid users Test-bed SWITCH INFN in 2006

10 2006 © SWITCH 10 GGF16 - Feb 14, 2006 Q & A

Download ppt "2006 © SWITCH SWITCH Plans for Shibboleth and Grid GGF16 Feb 14, 2006 Christoph Witzig (Thomas Lenggenhager, Valery Tschopp, Placi Flury) SWITCH."

Similar presentations

Lousy Introduction into SWITCHaai

Lousy Introduction into SWITCHaai
EGEE-II INFSO-RI-031688 Enabling Grids for E-sciencE www.eu-egee.org EGEE and gLite are registered trademarks Interoperability AAI and Grids Christoph.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Interoperability AAI and Grids Christoph.
EGEE-II INFSO-RI-031688 Enabling Grids for E-sciencE www.eu-egee.org EGEE and gLite are registered trademarks MyProxy and EGEE Ludek Matyska and Daniel.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks MyProxy and EGEE Ludek Matyska and Daniel.
Federated Identity for Grid Architects Tom Scavo NCSA

Federated Identity for Grid Architects Tom Scavo NCSA
Open Grid Forum 19 January 31, 2007 Chapel Hill, NC Stephen Langella Ohio State University Grid Authentication and Authorization with.

Open Grid Forum 19 January 31, 2007 Chapel Hill, NC Stephen Langella Ohio State University Grid Authentication and Authorization with.
Combining the strengths of UMIST and The Victoria University of Manchester Adapting to Federated Identity SHEBANGS Shibboleth Enabled Bridge to Access.

Combining the strengths of UMIST and The Victoria University of Manchester Adapting to Federated Identity SHEBANGS Shibboleth Enabled Bridge to Access.
EGI-InSPIRE RI-261323 EGI-InSPIRE EGI-InSPIRE RI-261323 AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
2005 © SWITCH Authentication and Authorization Infrastructure Martin Sutter, Head of NetServices Thomas Lenggenhager, Deputy Project Manager AAI Christoph.

2005 © SWITCH Authentication and Authorization Infrastructure Martin Sutter, Head of NetServices Thomas Lenggenhager, Deputy Project Manager AAI Christoph.
2006 © SWITCH Authentication and Authorization Infrastructures in e-Science (and the role of NRENs) Christoph Witzig SWITCH e-IRG, Helsinki, Oct 4, 2006.

2006 © SWITCH Authentication and Authorization Infrastructures in e-Science (and the role of NRENs) Christoph Witzig SWITCH e-IRG, Helsinki, Oct 4, 2006.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST 24-27 May 2005, Edinburgh.

1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org JRA3 2 nd EU Review Input David Groep NIKHEF.

INFSO-RI Enabling Grids for E-sciencE JRA3 2 nd EU Review Input David Groep NIKHEF.
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
EDINA 20 th March 2008 EDINA Geo/Grid - Security Prof. Richard O. Sinnott Technical Director, National e-Science Centre University of Glasgow, Scotland.

EDINA 20 th March 2008 EDINA Geo/Grid - Security Prof. Richard O. Sinnott Technical Director, National e-Science Centre University of Glasgow, Scotland.
WebFTS as a first WLCG/HEP FIM pilot

WebFTS as a first WLCG/HEP FIM pilot
SAML-based Delegation in Shibboleth Scott Cantor Internet2/The Ohio State University.

SAML-based Delegation in Shibboleth Scott Cantor Internet2/The Ohio State University.
Federated A(A(A))I Jens Jensen hepsysman, RAL, 20110701.

Federated A(A(A))I Jens Jensen hepsysman, RAL,
SWITCHaai Team Federated Identity Management.

SWITCHaai Team Federated Identity Management.
Internet2 – InCommon and Box Marla Meehl Colorado CIO 11/1/11.

Internet2 – InCommon and Box Marla Meehl Colorado CIO 11/1/11.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
2004 © SWITCH 1 Shibboleth in Switzerland Internet2 Spring Meeting 2004 Thomas Lenggenhager Overview SWITCH & SWITCHaai Project.

2004 © SWITCH 1 Shibboleth in Switzerland Internet2 Spring Meeting 2004 Thomas Lenggenhager Overview SWITCH & SWITCHaai Project.

Similar presentations

Ads by Google