Presentation is loading. Please wait.

Presentation is loading. Please wait.

Here Come the Feds Federated identity management: the consumer’s perspective Jens Jensen, STFC On behalf of EUDAT AAI TF EGI CF Manchester April 2013.

Published byDouglas Daniel Modified over 9 years ago

Similar presentations

Presentation on theme: "Here Come the Feds Federated identity management: the consumer’s perspective Jens Jensen, STFC On behalf of EUDAT AAI TF EGI CF Manchester April 2013."— Presentation transcript:

1 Here Come the Feds Federated identity management: the consumer’s perspective Jens Jensen, STFC On behalf of EUDAT AAI TF EGI CF Manchester April 2013

2 Background – EUDAT in nuce EUDAT is building a data e-infrastructure –Support user communities (ESFRI) CLARIN (linguistics, heterogeneous + long tail) ENES (climate) EPOS (Earth obs) VPH (human physiology) LifeWatch (biodiversity) –Move data in and out of EUDAT: PRACE, EGI, … –Move data between sites (replication) –Data storage for individual users 2

3 Principles: AAI Authentication –Make use of existing infrastructures –SSO whenever possible –Make use of existing code - pragmatic Authorisation –Link to community rôles (users can be in more than one community) Infrastructure –Like the grids, secure with IGTF+commercial 3

4 4

5 Requirements Scalable (10**7 users) Easy enough to use for “non-technical” users Support long tail researchers (aka homeless) Portal and command line login Mature, robust, performant Standards-based Work with existing community practices (if pos.) Communities manage authorisation policies 5

6 Premise Support existing user communities –CLARIN already using Shib (note the ePTID problem) –ENES already use OpenID (in ESGF) –Provide “authentication services” Federated identity management –Must work with iRODS for data storage –Must work with GridFTP (and GlobusOnline) for data movement –Must work with Invenio (ORCID) 6

7 Plan A and Plan B API Redirect to EUDAT Obtain Access Token Call CA API Plan A Plan B

8 Evaluations – 2010 1.Standalone Shib (or SAML) 2.Work with a single community’s portal 3.Use SimpleSAMLPhp 4.EGI or GEMBUS STS 5.Contrail AAI code – see Yvon’s talk 6.Moonshot 8

9 Findings Code satisfying most requirements least mature Need X.509 – at least internally (GridFTP) Need good docs for integrators – and effort! –Need to be able to work with betas Technical collaborations: EGI, EUDAT, Contrail Supporting multiple communities: –Ends up being kludgy –MyProxy for GO, OAuth2 for ORCID, … Requirements change regularly Can spend ∞ time on evaluations 9

Download ppt "Here Come the Feds Federated identity management: the consumer’s perspective Jens Jensen, STFC On behalf of EUDAT AAI TF EGI CF Manchester April 2013."

Similar presentations

EGI-InSPIRE RI-261323 EGI-InSPIRE EGI-InSPIRE RI-261323 AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
(Re)using existing AAI experiences and future --- AAI Soapbox --- Jens Jensen, STFC-RAL Terena VAMP, 0-1 Oct 2013.

(Re)using existing AAI experiences and future --- AAI Soapbox --- Jens Jensen, STFC-RAL Terena VAMP, 0-1 Oct 2013.
Federated Access to Grids Daniel Kouřil, Sam Hartman, Josh Hewlet, Jens Jensen, Michal Procházka EGI User Forum 2011.

Federated Access to Grids Daniel Kouřil, Sam Hartman, Josh Hewlet, Jens Jensen, Michal Procházka EGI User Forum 2011.
EMI Development Plans for Identity Management Henri Mikkonen / HIP Moonshot, Grid and HPC Workshop 7.7.2011 London, UK.

EMI Development Plans for Identity Management Henri Mikkonen / HIP Moonshot, Grid and HPC Workshop London, UK.
Implementing Federated Security with ConSec Jens Jensen, STFC OGF40, Oxford, 16 Jan 2014.

Implementing Federated Security with ConSec Jens Jensen, STFC OGF40, Oxford, 16 Jan 2014.
Contrail and Federated Identity Management

Contrail and Federated Identity Management
Moonshot for Federated Identity Jens Jensen, STFC Daniel Kouřil, CESNET EGI CF, April 2013.

Moonshot for Federated Identity Jens Jensen, STFC Daniel Kouřil, CESNET EGI CF, April 2013.
EUDAT FIM4R at TNC 2014 Jens Jensen, STFC, on behalf of EUDAT AAI task force.

EUDAT FIM4R at TNC 2014 Jens Jensen, STFC, on behalf of EUDAT AAI task force.
ACET The ASPiS project UK e-Science AHM Oxford, 08 Dec 2009 Jens Jensen, STFC.

ACET The ASPiS project UK e-Science AHM Oxford, 08 Dec 2009 Jens Jensen, STFC.
Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 EGI - Identity Management Steven Newhouse Director, EGI.eu Federated Identity.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI - Identity Management Steven Newhouse Director, EGI.eu Federated Identity.
EMI INFSO-RI-261611 Session Summary AAI Needs for DCIs John White, HIP Christoph Witzig, SWITCH

EMI INFSO-RI Session Summary AAI Needs for DCIs John White, HIP Christoph Witzig, SWITCH
Towards Cloud Federations: what we have; what we want OGF 31, Taipei Cloud security session Jens Jensen Science and Technology Facilities Council Rutherford.

Towards Cloud Federations: what we have; what we want OGF 31, Taipei Cloud security session Jens Jensen Science and Technology Facilities Council Rutherford.
Federated A(A(A))I Jens Jensen hepsysman, RAL, 20110701.

Federated A(A(A))I Jens Jensen hepsysman, RAL,
Www.egi.eu EGI-Engage www.egi.eu EGI-Engage Engaging the EGI Community towards an Open Science Commons Project Overview 9/14/2015 EGI-Engage: a project.

EGI-Engage EGI-Engage Engaging the EGI Community towards an Open Science Commons Project Overview 9/14/2015 EGI-Engage: a project.
Climate Sciences: Use Case and Vision Summary Philip Kershaw CEDA, RAL Space, STFC.

Climate Sciences: Use Case and Vision Summary Philip Kershaw CEDA, RAL Space, STFC.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
EMI AAI Strategy & Plans John White / Helsinki Institute of Physics Federated Identity Systems for Scientific Collaborations Workshop 09.06.2011, CERN,

EMI AAI Strategy & Plans John White / Helsinki Institute of Physics Federated Identity Systems for Scientific Collaborations Workshop , CERN,
EMI INFSO-RI-261611 AAI in EEF Projects John White (Helsinki University) EMI Security Area Leader.

EMI INFSO-RI AAI in EEF Projects John White (Helsinki University) EMI Security Area Leader.
JASMIN and CEMS: The Need for Secure Data Access in a Virtual Environment Cloud Workshop 23 July 2013 Philip Kershaw Centre for Environmental Data Archival.

JASMIN and CEMS: The Need for Secure Data Access in a Virtual Environment Cloud Workshop 23 July 2013 Philip Kershaw Centre for Environmental Data Archival.
IRODS workshop, September 26-28 2012, Linköping (Sweden) iRODS Workshop users needs summary Agnès Ansari – Wednesday, 26 September.

IRODS workshop, September , Linköping (Sweden) iRODS Workshop users needs summary Agnès Ansari – Wednesday, 26 September.

Similar presentations

Ads by Google