1. Security Solutions Rachana Ananthakrishnan University of Chicago

2. Security Requirements Vet new user request for community membership Provide new user identity Provide single sign-on for users Manage access control policy Enforce access policy on resources Manage user groups for projects within community Address potential security issues

3. BIRN Security Solutions Hosted services for common requirements Tools and clients for integration with community resources Security Vulnerability Handling System Expertise and consultation for community application integration

4. Registration and Credential Management End User BIRN Identity Provider BIRN Registration Service BIRN Credential Service Administrator Community 1 Identity Provider Community 2 Identity Provider Community 1 Resource Community 2 Resource BIRN Portal BIRN Credential Service Clients

5. FBIRN Integration Administrator End User BIRN Identity Provider BIRN Registration Service BIRN Credential Service BIRN Portal Username/ password BIRN Credential Service Clients X.509 Certificates FBIRN Site 1 GridFTP Server FBIRN Site 2 GridFTP Server Username/ password

6. XNAT Integration (Proposed) Administrator BIRN Identity Provider BIRN Registration Service BIRN Credential Service BIRN Portal XNAT Server XNAT REST Interface XNAT Portal Interface Username/ password Registered User

7. XNAT Integration (Proposed) Administrator Registered User BIRN Identity Provider BIRN Registration Service BIRN Credential Service BIRN Portal Username/ password BIRN Credential Service Clients X.509 Certificates XNAT Server XNAT REST Interface XNAT Portal Interface Username/ password

8. Group Management & Authorization Registered User BIRN Group Management Administrator BIRN Portal Community 1 Resource Group Mgmt Client Authorization Policy Community 2 Resource Group Mgmt Client Authorization Policy

9. FBIRN Site FBIRN Integration Registered User Group Administrator BIRN Group Management Service BIRN Portal Group Mgmt Client Authorization Policy FBIRN Site 1 GridFTP Server

10. NHPRC Site NHPRC Integration Administrator BIRN Group Management Service BIRN Portal Group Mgmt Client Authorization Policy NHPRC Mediator Service Registered User

11. Security Software Grid Account Management Service MyProxy server Globus SimpleCA Group provisioning tools GridGrouper Service Liferay Portal Dorian Service (planned)

12. Summary Features provided: – Common security services – Configuration and provisioning of security – Integration with resources Future plans: – Auditing support – High-level data usage policy – Automate service credential issuance

13. Further Information BIRN Website: http://www.birncommunity.org/ http://www.birncommunity.org/ Capabilities: http://www.birncommunity.org/capabilities/overview/ http://www.birncommunity.org/capabilities/overview/ Security WG: https://wiki.birncommunity.org:8443/display/NEWBIRN CC/Security+WG https://wiki.birncommunity.org:8443/display/NEWBIRN CC/Security+WG