Presentation is loading. Please wait.

Presentation is loading. Please wait.

Diego R. Lopez RedIRIS update Middleware activities at the South-western Border.

Published byMilton Sherman Modified over 9 years ago

Similar presentations

Presentation on theme: "Diego R. Lopez RedIRIS update Middleware activities at the South-western Border."— Presentation transcript:

1 Diego R. Lopez RedIRIS update Middleware activities at the South-western Border

2 TF-EMC2 Malaga October 2006 SCHACing and COPing The use of SCHAC is recommended by RedIRIS through its iris-* set of schemas  Since the availability of SCHAC IAD release 1 The COPA coding schema is gaining momentum  Institutional codes of centers in the national council for scientific research and location-aware services COPA v2 in beta stage  Enhanced flexibility in virtual view definition First COPA-aware tools  SiLeDAP: http://sugus.eii.us.es/siledap/http://sugus.eii.us.es/siledap/  VOSnav: http://www.irisgrid.es/vosnav/http://www.irisgrid.es/vosnav/

3 TF-EMC2 Malaga October 2006 pkIRIS A web-based interface for managing PKIs  Based on OpenSSL  Coded in PHP  AA (PAPI and potentially others) aware Full LDAP backend  Extensibility of operations  Access methods based on COPA codes In use for the EUGridPMA-accredited Spanish PKI (pkIRISGrid)  Beta distributions in use at CICA and UNED (Spain), REUNA (Chile) and UNAM (Mexico)

4 TF-EMC2 Malaga October 2006 PAPI: Software PAPI 1.4.1 about to be released  Maintenance releases (last version on Apache 1) PAPI 1.5 in beta testing phpPoA 2.0 in beta testing  Coherent object mode an enhanced attribute retrieval Several Java flavors in production  Tomcat filter  JAAS implementation  SAGPoA (AA-RR based) Rewriting the Java implementation  PAPI-EE and PAPICore Enhancing the proxy features  Better attribute entanglement

5 TF-EMC2 Malaga October 2006 PAPI speaks Shibboleth Both SP and IdP  Using the tests at http://www.testshib.org/http://www.testshib.org/  First real-usage tests to start next month The Shib Wiki Sympa Elsevier SP Experimenting with AKAShib configuration  Shibbolized applications can run behind a PAPI PoA without change

6 TF-EMC2 Malaga October 2006 PAPI: Community The federation idea has been soaking minds for quite a long time The two biggest PAPI-based federation are now interconnected Several projects for building federated infrastructures  With direct financial support  Similar to the one that brought eduroam The European fusion community is on the rails  First interconnection CFN-ITER-TJII  Meeting at JET next November

7 TF-EMC2 Malaga October 2006 OpenPMI Aimed for providing the necessary tools to build an open Privilege Management Infrastructure (PMI) according to standards  Authorization service based on attributes certificates  Available at http://openpmi.sourceforge.net/http://openpmi.sourceforge.net/ Current status  Based on enhancing OpenSSL with attribute certificate support Collaboration with Adobe  SAML – AC translator  Attribute certificate delegation editor Visual design of delegation model Automatic AC generation Ongoing work  Java and Web Services support  Attribute certificate support in TLS handshake  Attribute certificates in smartcards

8 TF-EMC2 Malaga October 2006 AA application to SB in OSIRIS OSIRIS component 1 OSIRIS component 2 OSIRIS component N PoA AA component GPoA Liberty protocol OpenPMI Admin

9 TF-EMC2 Malaga October 2006 Opera Oberta Opera Oberta multicasts live opera performances from Gran Teatre del Liceu http://www.opera-oberta.org/  10 Mbps MPEG2  Dolby Digital  More than 40 institutions in 5 countries DRM is performed using proprietary technology  Smartcard-based IPSec boxes Sessions are announced and managed via out- of-band methods

10 TF-EMC2 Malaga October 2006 Enhancing Opera Oberta Native IPSec multicast on IPv6 Session keys distributed and managed through IKE Session descriptions stored in LDAP  Session metadata  Session entitlements  Session key material Several output formats envisaged  Direct LDAP query  SDP  RSS Currently defining the schema and building initial component prototypes

Download ppt "Diego R. Lopez RedIRIS update Middleware activities at the South-western Border."

Similar presentations

Options for integrating the JANET Roaming Service (JRS) and Shibboleth Tim Chown University of Southampton (UK) JISC Access Management.

Options for integrating the JANET Roaming Service (JRS) and Shibboleth Tim Chown University of Southampton (UK) JISC Access Management.
DPM ARCHITECT FOR XBRL XBRL taxonomy editor aimed at BUSINESS USERS Based on the DPM approach and DPM XBRL Architecture Currently on its last stage of.

DPM ARCHITECT FOR XBRL XBRL taxonomy editor aimed at BUSINESS USERS Based on the DPM approach and DPM XBRL Architecture Currently on its last stage of.
Implementing Shibboleth-based Virtual Organisations and VO Federations using IAMSuite (including AAF update) James Dalziel & Alan Lin Professor of Learning.

Implementing Shibboleth-based Virtual Organisations and VO Federations using IAMSuite (including AAF update) James Dalziel & Alan Lin Professor of Learning.
Donkey Project Introduction and ideas around February 21, 2003 Yuri Demchenko.

Donkey Project Introduction and ideas around February 21, 2003 Yuri Demchenko.
TechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003 Yuri Demchenko.

TechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003 Yuri Demchenko.
TAC - Poznan, 6 June 2005 Building trust with a European style Diego R. Lopez RedIRIS.

TAC - Poznan, 6 June 2005 Building trust with a European style Diego R. Lopez RedIRIS.
EFDA Federation PAPI based federation as a test-bed for a common security infrastructure in EFDA sites R. Castro, J. Vega, A. Portas, D. R. López, S. Balme,

EFDA Federation PAPI based federation as a test-bed for a common security infrastructure in EFDA sites R. Castro, J. Vega, A. Portas, D. R. López, S. Balme,
TF-EMC2 February 2006, Zagreb Deploying Authorization Mechanisms for Federated Services in the EDUROAM Architecture (DAME) -Technical Project Proposal-

TF-EMC2 February 2006, Zagreb Deploying Authorization Mechanisms for Federated Services in the EDUROAM Architecture (DAME) -Technical Project Proposal-
Connect. Communicate. Collaborate The eduGAIN Way Diego R. Lopez - RedIRIS.

Connect. Communicate. Collaborate The eduGAIN Way Diego R. Lopez - RedIRIS.
Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (http://www.ag-nbi.de)http://www.ag-nbi.de.

Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (
The EC PERMIS Project David Chadwick

The EC PERMIS Project David Chadwick
Office of Science U.S. Department of Energy Grids and Portals at NERSC Presented by Steve Chan.

Office of Science U.S. Department of Energy Grids and Portals at NERSC Presented by Steve Chan.
Academic Services Interactive Media Managing the Web with Java JA-SIG Winter 2002 Robert Sherratt Academic Services, Interactive Media.

Academic Services Interactive Media Managing the Web with Java JA-SIG Winter 2002 Robert Sherratt Academic Services, Interactive Media.
WebFTS as a first WLCG/HEP FIM pilot

WebFTS as a first WLCG/HEP FIM pilot
Shibboleth 2.0 : An Overview for Developers Scott Cantor The Ohio State University / Internet2 Scott Cantor The Ohio.

Shibboleth 2.0 : An Overview for Developers Scott Cantor The Ohio State University / Internet2 Scott Cantor The Ohio.
Shibboleth 2.0 IdP Training: Basics and Installation January, 2009.

Shibboleth 2.0 IdP Training: Basics and Installation January, 2009.
Connect. Communicate. Collaborate Federation peering à la European The eduGAIN way Diego R. Lopez - RedIRIS.

Connect. Communicate. Collaborate Federation peering à la European The eduGAIN way Diego R. Lopez - RedIRIS.
Shibboleth-intro-dec051 Shibboleth A Technical Overview Tom Scavo NCSA.

Shibboleth-intro-dec051 Shibboleth A Technical Overview Tom Scavo NCSA.
QCDgrid Technology James Perry, George Beckett, Lorna Smith EPCC, The University Of Edinburgh.

QCDgrid Technology James Perry, George Beckett, Lorna Smith EPCC, The University Of Edinburgh.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Similar presentations

Ads by Google