Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction Moonshot workshop 6.2.2014

Published byAnnabelle Leonard Modified over 9 years ago

Similar presentations

Presentation on theme: "Introduction Moonshot workshop 6.2.2014"— Presentation transcript:

1 Introduction Moonshot workshop 6.2.2014 Mikael.Linden@csc.fi

2 2 Connect | Communicate | Collaborate Federated identity in Finnish HE Haka – WebSSO (47 organisations) eduroam – network access (30 organisations) Project Moonshot – non-web SSO Combination of the two above Standardisation (IETF) implementation (Mac, Linux, FreeBSD, Windows, Openssh, OpenLDAP, Samba, Apache, NFS…) Piloting (GN3plus)

3 3 Connect | Communicate | Collaborate Moonshot technical architecture 3 SSH clientSSH serverRADIUS server (2) SSH negotiation(4) RADIUS (3) Authentication (1) Username/password issued to the user (5) Attributes (6) SSH session OpenSSH used as example of application; many others also apply Slide by Janet(UK)

4 4 Connect | Communicate | Collaborate Benefits Information security –Password never exposed to the SP (and a rootkit) –Audit trail to serve forensics analysis –Accounts closed when the user departs Usability –Less usernames and passwords for the user Service provisioning –Removes obstacles for streamlining service provisioning to the users

5 5 Connect | Communicate | Collaborate Downsides Understanding it requires wide competence –RADIUS, SAML, GSS-API… Requires client-side software installation –Moonshot libraries and Identity selector Still early work…

6 6 Connect | Communicate | Collaborate Example use scenarios Services Centralised servies E.g. CSC’s computing or data services Grid services Cloud services (IaaS) Technologies SSH secure shell (OpenSSH) iRODS Grid/MyProxy IMAP

7 7 Connect | Communicate | Collaborate About Moonshot technilogy Development led by Janet(UK) Pilot in GN3plus project 4/2013-3/2015 UK, France, Hungary, Switzerland, Croatia, Czech, Finland and Spain Janet, RENATER, NIIFI, SWITCH, CARNet, CESNET, NORDUnet (Funet), RedIRIS Trust fabrics can be based on Eduroam techonology Trust router technology

8 The Finnish Moonshot pilot

9 9 Connect | Communicate | Collaborate Goals Learn the technology, its maturity and applicability Study alternatives to organise Moonshot as a service Extension of Haka, extension of eduroam, something else? Trust router or eduroam…? International co-operation via GN3plus project Foreign Moonshot services?

10 10 Connect | Communicate | Collaborate What? Real end users to real services E.g. selected research groups from their home universities Still a pilot No promise of production quality service Moonshot IdP RADIUS Computing server IDA service HU TUT CSC (Moonshot SP)

11 11 Connect | Communicate | Collaborate Timeline HU and TUT set up the Moonshot IdP 2-3/2014 Works against CSC’s production SPs Kick-off with pilot users 4/2014 Involving the pilot users Pilot with the pilot uses 5-6/2014

Download ppt "Introduction Moonshot workshop 6.2.2014"

Similar presentations

Lousy Introduction into SWITCHaai

Lousy Introduction into SWITCHaai
Federation management A mess? 9.4.2008 Nordunet Conference Mikael Linden CSC, the Finnish IT Center for Science.

Federation management A mess? Nordunet Conference Mikael Linden CSC, the Finnish IT Center for Science.
Innovation through participation eduGAIN as a service (T3) in Multi-Domain User Applications (SA3) Valter Nordh, NORDUnet / GU NORDUnet conference, Köpenhamn,

Innovation through participation eduGAIN as a service (T3) in Multi-Domain User Applications (SA3) Valter Nordh, NORDUnet / GU NORDUnet conference, Köpenhamn,
Abfab use-cases draft-ietf-abfab-usecases-00.txt Rhys Smith Mark Tysom Simon Cooper IETF80.

Abfab use-cases draft-ietf-abfab-usecases-00.txt Rhys Smith Mark Tysom Simon Cooper IETF80.
KERBEROS A NETWORK AUTHENTICATION PROTOCOL Nick Parker CS372 Computer Networks.

KERBEROS A NETWORK AUTHENTICATION PROTOCOL Nick Parker CS372 Computer Networks.
Federated Access to Grids Daniel Kouřil, Sam Hartman, Josh Hewlet, Jens Jensen, Michal Procházka EGI User Forum 2011.

Federated Access to Grids Daniel Kouřil, Sam Hartman, Josh Hewlet, Jens Jensen, Michal Procházka EGI User Forum 2011.
Project Moonshot February 2012. Background Project Moonshot 2.

Project Moonshot February Background Project Moonshot 2.
August 2013 Introduction to Moonshot. Why Moonshot? Within education, there are a number of specialised federations: – UK federation - Access to web-based.

August 2013 Introduction to Moonshot. Why Moonshot? Within education, there are a number of specialised federations: – UK federation - Access to web-based.
Moonshot for Federated Identity Jens Jensen, STFC Daniel Kouřil, CESNET EGI CF, April 2013.

Moonshot for Federated Identity Jens Jensen, STFC Daniel Kouřil, CESNET EGI CF, April 2013.
© Janet 2012 Project Moonshot Technology, use cases & pilot 17 January, 2012 Haka conference, Helsinki 1.

© Janet 2012 Project Moonshot Technology, use cases & pilot 17 January, 2012 Haka conference, Helsinki 1.
5/25/2015 AEB/Yleisesittely Roaming network access using Shibboleth in University of Helsinki Fall 2004 Internet2 Member Meeting 29th of September, 2004.

5/25/2015 AEB/Yleisesittely Roaming network access using Shibboleth in University of Helsinki Fall 2004 Internet2 Member Meeting 29th of September, 2004.
Kalmar Union 15.1.2008 Mikael Linden CSC, the Finnish IT Center for Science.

Kalmar Union Mikael Linden CSC, the Finnish IT Center for Science.
Federated Identity Management for the context of storage Bart Kerver - TERENA Storage-meeting, Amsterdam,

Federated Identity Management for the context of storage Bart Kerver - TERENA Storage-meeting, Amsterdam,
CSC Grid Activities Arto Teräs HIP Research Seminar February 18th 2005.

CSC Grid Activities Arto Teräs HIP Research Seminar February 18th 2005.
Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.

Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.
Project Moonshot TF-MNM. Use cases Project Moonshot 2.

Project Moonshot TF-MNM. Use cases Project Moonshot 2.
Www.kennisnet.nl Naam van de Auteur 7 januari 2008 Kennisnet Entree: federated authentication Pieter BruringTechnical Product Manager.

Naam van de Auteur 7 januari 2008 Kennisnet Entree: federated authentication Pieter BruringTechnical Product Manager.
Federated A(A(A))I Jens Jensen hepsysman, RAL, 20110701.

Federated A(A(A))I Jens Jensen hepsysman, RAL,
ESA EO Federated Identity Management Initiatives A. Baldi ESA: M. Leonardi RHEA:

ESA EO Federated Identity Management Initiatives A. Baldi ESA: M. Leonardi RHEA:
Identity Management in Education. Welcome Scott Johnson, NetProf, Inc. Creator of OmnID Identity Management for Education www.netprof.us.

Identity Management in Education. Welcome Scott Johnson, NetProf, Inc. Creator of OmnID Identity Management for Education

Similar presentations

Ads by Google