Presentation is loading. Please wait.

Presentation is loading. Please wait.

Networks ∙ Services ∙ People TNC 2016, Prague Alice Through the Looking Glass Science DMZ goes above the network 13 June

Published byBrendan Harper Modified over 7 years ago

Similar presentations

Presentation on theme: "Networks ∙ Services ∙ People TNC 2016, Prague Alice Through the Looking Glass Science DMZ goes above the network 13 June"— Presentation transcript:

1 Networks ∙ Services ∙ People www.geant.org TNC 2016, Prague Alice Through the Looking Glass Science DMZ goes above the network 13 June 2016 @hardingar Ann Harding Activity Leader Trust & Identity Development SWITCH

2 Networks ∙ Services ∙ People www.geant.org Ann Harding TNC, Prague Alice Ann Through the Looking Glass Metadata Science DMZ goes above the network 13 June 2016 Activity Leader Trust & Identity Development SWITCH @hardingar

3 Networks ∙ Services ∙ People www.geant.org 3 Science requirements – The Network View Adapted from The Rationale of Optical Networking, Cees de Laat, Erik Radius, Steven Wallace (c2002) Class A) are the typical home users Class B) consists of the corporations, enterprises, Universities, virtual organisations and laboratories. Class C) are the really high end applications Science means big data

4 Networks ∙ Services ∙ People www.geant.org 4 Through the metadata vg69m+9RK0Cxnh4Knpz5ZU3UL4eON2eaRyN/KxyXw0=t03Jdm5COGvHynCneFxibsejTI5enpdj Y3eero0rTGz4Fu4gtQPY0FnA3joVwebQAxk6OX3H/DfY 1DogUyg69mOXD9SWarPvdfE9lAZa1BJJ+fcuzy2wfCmO3HXDI7du73673GNfkJl4OC1lZMd1Z/4N nfcx7a6p1F5Lb4N9xbl5TZwsBnK5TUdbU4B+jSfoGcl2IBp7K98UWXqoN90nd5UOxiQ7aTJaYZIT z4FCvf1UBFP0Pyv/p/u1iWArzhjF+55syOMfU6B906JMMutFiUW8VxSE0IzA9hydnioxN9ZoPm82 a3lkzrlMXH2RqDknDsfH84jp/bifXGFaPHIyhg== zyfj/lVsMVoGYj/FleUxJWWaxAD/EH1yDOG6cjz8h+MKOLynfDBvncGu+iygFldIoCytAHvfrC4P dYprml3jNNuxXwC8CgvRLLHpZzetbF5mOsCdR94T3JKLjSSDqIJkBxrB3NlGbUWgQcE3nT8KF+Nl EK6xzhrWqW96sadTjCjNAwUKUmbtR/YlDhfz+57GkXxoPLTB9E6GUJAU+j58kD6AOMKfdrFlFYDC jO8ToD3VqGBm1DkyrlPj223yiBkwOaBrfYw9tyrFQkjGBdB2UqJeoJLHiq2nLC+Ol6AUta035pjm ogt9M8+effuf6XWIFaJe2aiq3qDm3OglV591mw== AQAB MIIEJjCCAw6gAwIBAgISSWITCHaaiMetadataSig2015MA0GCSqGSIb3DQEBCwUAMEYxCzAJBgNV BAYTAkNIMQ8wDQYDVQQKEwZTV0lUQ0gxJjAkBgNVBAMTHVNXSVRDSGFhaSBNZXRhZGF0YSBTaWdu aW5nIENBMB4XDTE1MDcxNTA3MDAwMFoXDTE4MDcxNTA2NTk1OVowQjELMAkGA1UEBhMCQ0gxDzAN BgNVBAoTBlNXSVRDSDEiMCAGA1UEAxMZU1dJVENIYWFpIE1ldGFkYXRhIFNpZ25lcjCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAM8n4/5VbDFaBmI/xZXlMSVlmsQA/xB9cgzhunI8/Ifj Cji8p3wwb53BrvosoBZXSKAsrQB736wuD3WKa5pd4zTbsV8AvAoL0Syx6Wc3rWxeZjrAnUfeE9yS i40kg6iCZAcawdzZRm1FoEHBN50/ChfjZRCusc4a1qlverGnU4wozQMFClJm7Uf2JQ4X8/uexpF8 aDy0wfROhlCQFPo+fJA+gDjCn3axZRWAwozvE6A91ahgZtQ5Mq5T49tt8ogZMDmga32MPbcqxUJI xgXQdlKiXqCSx4qtpywvjpegFLWtN+aY5qILfTPPnn37n+l1iBWiXtmoqt6g5tzoJVefdZsCAwEA AaOCARAwggEMMA4GA1UdDwEB/wQEAwIHgDAdBgNVHQ4EFgQUNPJ4wplyT4usqy5df/

5 Networks ∙ Services ∙ People www.geant.org Class A) are the simple library/journal/learnin g applications Class B) consists of the campus ‘corporate’ infrastructure Class C) are the really complex trust applications for collaboration and e- Research Science means big collaboration 5 Science Requirements - the Trust and Identity View Complexity

6 Networks ∙ Services ∙ People www.geant.org Network Design Pattern Design pattern 1: Protect your elephant flows Design pattern 2: Unclog your data taps Design pattern 3: Build a well tuned end to end infrastructure Trust and Identity Design Pattern Design pattern 1: Enable your collaboration flows Design pattern 2: Unclog your policy taps Design pattern 3: Build a well trusted end to end infrastructure 6 Science DMZ – Design patterns (Network Design Pattern - https://reannz.co.nz/news/inder-monga-eresearch-nz-established-and-emerging-design-patterns/)https://reannz.co.nz/news/inder-monga-eresearch-nz-established-and-emerging-design-patterns/

7 Networks ∙ Services ∙ People www.geant.org Design pattern 1: Enable your collaboration flows Export IdPs to eduGAIN Export eResearch SPs to eduGAIN Design pattern 2: Unclog your policy taps For hub and spoke – do you need the same policies for your C users as for your a and B? Can you be more flexible? For full mesh – do you need to leave everything to the edges? Can you use your resource registry/central tools to apply policy for e- Research more scalably? Pragmatic assurance Design pattern 3: Build a well trusted end to end infrastructure Use Research and Scholarship and GÉANT Code of Conduct Entity Categories to make trust scale beyond your federation Adopt SIRTFI incident response framework to build trust Adopt group and attribute management services e.g. VO Platform 7 Science DMZ, the Trust and Identity View

8 Networks ∙ Services ∙ People www.geant.org Thank you Networks ∙ Services ∙ People www.geant.org This work is part of a project that has received funding from the European Union’s Horizon 2020 research and innovation programme under Grant Agreement No. 691567 (GN4-1). 8 @hardingar

Download ppt "Networks ∙ Services ∙ People TNC 2016, Prague Alice Through the Looking Glass Science DMZ goes above the network 13 June"

Similar presentations

Innovation through participation Data Protection Code of Conduct (DP CoC) REFEDS Helsinki 2.10.2013 Mikael Linden, CSC – IT Center for Science

Innovation through participation Data Protection Code of Conduct (DP CoC) REFEDS Helsinki Mikael Linden, CSC – IT Center for Science
Federated Identity Management in New Zealand Sat Mandri Service Manager TNC15 REFEDs Meeting, 14 th June 2015.

Federated Identity Management in New Zealand Sat Mandri Service Manager TNC15 REFEDs Meeting, 14 th June 2015.
Innovation through participation Interfederation through eduGAIN - steps and challenges eduGAIN interfederation service 2012-02-27 Federated Identity Systems.

Innovation through participation Interfederation through eduGAIN - steps and challenges eduGAIN interfederation service Federated Identity Systems.
Www.geant.org AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.

AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
CLARIN Infrastructure Vision (and some real needs) Daan Broeder CLARIN EU/NL Max-Planck Institute for Psycholinguistics.

CLARIN Infrastructure Vision (and some real needs) Daan Broeder CLARIN EU/NL Max-Planck Institute for Psycholinguistics.
Updates Licia Florio, TERENA REFEDS Meeting 5 Sept 2012.

Updates Licia Florio, TERENA REFEDS Meeting 5 Sept 2012.
Networks ∙ Services ∙ People www.geant.org Mandeep Saini TF-MSP, Espoo, Finland Service Delivery and Adoption 10 th Sep 2015 Task Leader, GN4-1 SA7 T3.

Networks ∙ Services ∙ People Mandeep Saini TF-MSP, Espoo, Finland Service Delivery and Adoption 10 th Sep 2015 Task Leader, GN4-1 SA7 T3.
Authentication and Authorisation for Research and Collaboration Licia Florio (GÉANT) Christos Kanellopoulos (GRNET) Service orientation.

Authentication and Authorisation for Research and Collaboration Licia Florio (GÉANT) Christos Kanellopoulos (GRNET) Service orientation.
European Life Sciences Infrastructure for Biological Information www.elixir-europe.org Life science community update for the 7 th Federated Identity Management.

European Life Sciences Infrastructure for Biological Information Life science community update for the 7 th Federated Identity Management.
Connect communicate collaborate GÉANT3 Services Connectivity and Monitoring Services by and for NRENs Ann Harding, SWITCH TNC 2010.

Connect communicate collaborate GÉANT3 Services Connectivity and Monitoring Services by and for NRENs Ann Harding, SWITCH TNC 2010.
Authentication and Authorisation for Research and Collaboration Licia Florio REFEDS Meeting The AARC Project I2 Technology Exchange.

Authentication and Authorisation for Research and Collaboration Licia Florio REFEDS Meeting The AARC Project I2 Technology Exchange.
Authentication and Authorisation for Research and Collaboration Licia Florio AARC Workshop The AARC Project Brussels, 26 October.

Authentication and Authorisation for Research and Collaboration Licia Florio AARC Workshop The AARC Project Brussels, 26 October.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration David Kelsey AARC AHM Milan And mechanisms NA3 Task 4 – Scalable.

Authentication and Authorisation for Research and Collaboration David Kelsey AARC AHM Milan And mechanisms NA3 Task 4 – Scalable.
Networks ∙ Services ∙ People Nicole Harris, GÉANT GN4 Project Update “SA5”, or Identity Stuff Internet2 Technology Exchange 2015.

Networks ∙ Services ∙ People Nicole Harris, GÉANT GN4 Project Update “SA5”, or Identity Stuff Internet2 Technology Exchange 2015.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration Mikael Linden AARC all hands Milan Authentication and Authorisation.

Authentication and Authorisation for Research and Collaboration Mikael Linden AARC all hands Milan Authentication and Authorisation.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration Michał Jankowski, Maciej Brzeźniak AARC General Meeting, Milan.

Authentication and Authorisation for Research and Collaboration Michał Jankowski, Maciej Brzeźniak AARC General Meeting, Milan.
Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.

Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.
Networks ∙ Services ∙ People Daniela Pöhn REFEDS EWTI, Vienna IdPs and Federations Service Aspects of Assurance 2015-12-01 SA5T1.

Networks ∙ Services ∙ People Daniela Pöhn REFEDS EWTI, Vienna IdPs and Federations Service Aspects of Assurance SA5T1.
Networks ∙ Services ∙ People www.geant.org Bert van Pinxteren General Assembly, Porto, Portugal Transition to one GÉANT Annual Review 2014 18-19 June,

Networks ∙ Services ∙ People Bert van Pinxteren General Assembly, Porto, Portugal Transition to one GÉANT Annual Review June,

Similar presentations

Ads by Google