Presentation is loading. Please wait.

Presentation is loading. Please wait.

Authorisation Jens Jensen, Phil Kershaw (STFC) et al. contrail is co-funded by the EC 7th Framework Programme under Grant Agreement nr. 257438 contrail-project.eu.

Published byIlene O’Connor’ Modified over 9 years ago

Similar presentations

Presentation on theme: "Authorisation Jens Jensen, Phil Kershaw (STFC) et al. contrail is co-funded by the EC 7th Framework Programme under Grant Agreement nr. 257438 contrail-project.eu."— Presentation transcript:

1 Authorisation Jens Jensen, Phil Kershaw (STFC) et al. contrail is co-funded by the EC 7th Framework Programme under Grant Agreement nr. 257438 contrail-project.eu 01

2 Background Using OAuth2 to obtain delegated certificate Project internally uses RESTful webservices – Except a few SOAPful instances Own implementation of OAuth2 – Python – Collaboration with NDG (CEDA) Need to use and delegate X.509 certificates

3 Use Cases for Delegation User credential – To virtual machine = access data Host credential – No longer needed? Virtual networks – secured with certificates

4 Non-interactive Delegation Interface (2-legged OAuth) 4

5 Interactive Delegation Interface (OAuth)

6

7 Delegation to VMI

8 Experiences Need to link access token with permissions – Authorisation server to resource server – Projects have investigated magic access tokens Interoperation between Java and Python impl. Full OAuth – need socket open on client!!! – Unusable for real life scenarios Protocol features – Some essential things out of scope of protocol: authentication, discovery – Relies heavily on HTTP redirections Not a standard yet – Simpler than OAuth – but getting complex??

9 Funded under: FP7 (Seventh Framework Programme) Area: Internet of Services, Software & virtualization (ICT- 2009.1.2) Project reference: 257438 Total cost: 11,29 million euro EU contribution: 8,3 million euro Execution: From 2010-10-01 untill 2013-09-30 Duration: 36 months Contract type: Collaborative project (generic) contrail is co-funded by the EC 7th Framework Programme http://contrail-project.eu contrail-project.eu 09

Download ppt "Authorisation Jens Jensen, Phil Kershaw (STFC) et al. contrail is co-funded by the EC 7th Framework Programme under Grant Agreement nr. 257438 contrail-project.eu."

Similar presentations

22 May 2008IVOA Trieste: Grid & Web Services1 Alternate security mechanisms Matthew J. Graham (Caltech, NVO) T HE US N ATIONAL V IRTUAL O BSERVATORY.

22 May 2008IVOA Trieste: Grid & Web Services1 Alternate security mechanisms Matthew J. Graham (Caltech, NVO) T HE US N ATIONAL V IRTUAL O BSERVATORY.
© 2006 Open Grid Forum Federated Identity in the Cloud OGF 32, Salt Lake City.

© 2006 Open Grid Forum Federated Identity in the Cloud OGF 32, Salt Lake City.
1 SensorWebs and Security Experiences Dan Mandl Presented at WGISS Meeting in Toulouse, France May 11, 2009.

1 SensorWebs and Security Experiences Dan Mandl Presented at WGISS Meeting in Toulouse, France May 11, 2009.
CLARIN AAI, Web Services Security Requirements

CLARIN AAI, Web Services Security Requirements
Canada-EU Future Internet Workshop Waterloo, Canada March 24th, 2011 Ignacio M. Llorente DSA-Research.org Distributed Systems Architecture Research Group.

Canada-EU Future Internet Workshop Waterloo, Canada March 24th, 2011 Ignacio M. Llorente DSA-Research.org Distributed Systems Architecture Research Group.
Implementing Federated Security with ConSec Jens Jensen, STFC OGF40, Oxford, 16 Jan 2014.

Implementing Federated Security with ConSec Jens Jensen, STFC OGF40, Oxford, 16 Jan 2014.
Contrail and Federated Identity Management

Contrail and Federated Identity Management
Module 5: Configuring Access to Internal Resources.

Module 5: Configuring Access to Internal Resources.
Haga clic para cambiar el estilo de título Haga clic para modificar el estilo de subtítulo del patrón DIRAC Framework A.Casajus and R.Graciani (Universitat.

Haga clic para cambiar el estilo de título Haga clic para modificar el estilo de subtítulo del patrón DIRAC Framework A.Casajus and R.Graciani (Universitat.
Movie Recommendation System

Movie Recommendation System
MTA SZTAKI Hungarian Academy of Sciences Grid Computing Course Porto, 22-24 January 2007. Introduction to Grid portals Gergely Sipos

MTA SZTAKI Hungarian Academy of Sciences Grid Computing Course Porto, January Introduction to Grid portals Gergely Sipos
Seminar Grid Computing ‘05 Hui Li Sep 19, 2005. Overview Brief Introduction Presentations Projects Remarks.

Seminar Grid Computing ‘05 Hui Li Sep 19, Overview Brief Introduction Presentations Projects Remarks.
Hannes Tschofenig (IETF#79, SAAG, Beijing). Acknowledgements I would like to thank to Pasi Eronen. I am re- using some of his slides in this presentation.

Hannes Tschofenig (IETF#79, SAAG, Beijing). Acknowledgements I would like to thank to Pasi Eronen. I am re- using some of his slides in this presentation.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Company LOGO Remote Method Invocation Georgi Cholakov, Emil Doychev, University of Plovdiv “Paisii.

Company LOGO Remote Method Invocation Georgi Cholakov, Emil Doychev, University of Plovdiv “Paisii.
H The MashMyData Project MashMyData [1] is a NERC (Natural Environment Research Council) funded Technology Proof of Concept project whose aim is to enable.

H The MashMyData Project MashMyData [1] is a NERC (Natural Environment Research Council) funded Technology Proof of Concept project whose aim is to enable.
Globus Computing Infrustructure Software Globus Toolkit 11-2.

Globus Computing Infrustructure Software Globus Toolkit 11-2.
Web Service Implementation Maitreya, Kishore, Jeff.

Web Service Implementation Maitreya, Kishore, Jeff.
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.

Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.

Similar presentations

Ads by Google