Presentation is loading. Please wait.

Presentation is loading. Please wait.

Andrew Cormack Chief Regulatory Adviser, Access Management and Security WG.

Similar presentations


Presentation on theme: "Andrew Cormack Chief Regulatory Adviser, Access Management and Security WG."— Presentation transcript:

1 Andrew Cormack Chief Regulatory Adviser, Access Management and Security WG

2 With thanks to David F: Identify common requirements Reuse existing stuff where we can Guide development of new stuff where efficient Use “specials” when needed Unofficial high level aims

3 Common user life-cycle? StagePolicyControllingCommon?Delegated? ApplicationInfrastructureWho gets accessHeadings?No Identity linkingAuthenticationHow identifiedYesYes: home org Group formingCollaborationMaybe?Yes: to PI Service useData/serviceLegal/ethical/etcPer discipline?? May I use? Here’s my team Use service This is me

4 e.g. Policy enforcement e.g. Revocation time e.g. Credential strength e.g. Policy enforcement e.g. Revocation time e.g. Credential strength Delegated Authentication If needed, link ‘me’ to #ID# etc. Login Linked account Authentication policy promises Authenticated as #ID# SystemProtectsProtocol eduroamNetwork accessRADIUS SAMLWebpagesHTTP Moonshot“Anything”HTTP, SSH,...

5 Probably common to many e-Infrastructures Need to agree it with organisation you’re delegating to – Easiest if they’re doing it already – Otherwise need to persuade them it’s worth it HE employers can probably already provide – Persistent identifier + accountability when required Unique, opaque, identifier Authenticated by username/password Revoked when person leaves Hold person accountable for reported policy breaches Getting more likely to need individual negotiations – How many organisations do users belong to? – Do you have users with no organisation? How many different policies do we need? Authentication policy

6 Infrastructure Policy – Who uses this infrastructure, for what – Probably unique to each infrastructure – May have common headings? Data Policy – Who uses this dataset, for what – Includes regulatory, ethical, commercial issues – May be common to a discipline – But maybe unique to the dataset Other Policies

7 Workflow – Maybe orthogonal to initial AuthN/AuthZ? Group management/authorisation tools Citizen scientists (and other homeless users) – Social login? Part of group management? Other? Secure operations etc. Sharing experiences of all of these Other possible areas of WG interest

8 Is this picture wrong? Do you need more than basic delegated authentication? What sources of authentication do you need? Is delegated group management needed? Can you provide/develop infrastructure & data policies? What’s missing? Questions

9 Janet, Lumen House Library Avenue, Harwell Oxford Didcot, Oxfordshire t: +44 (0) f: +44 (0) e: b: https://community.ja.net/blogs/regulatory-developments Questions?


Download ppt "Andrew Cormack Chief Regulatory Adviser, Access Management and Security WG."

Similar presentations


Ads by Google