Presentation on theme: "Europe Latin America Collaborative e ‑ Infrastructure for Research Activities A Model for Federated Services Brook Schofield, TERENA ● Sofia, Bulgaria."— Presentation transcript:
Europe Latin America Collaborative e ‑ Infrastructure for Research Activities A Model for Federated Services Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014
A family of services
Worldwide eduroam status… eduroam in production eduroam pilot Missing eduroam
Overview Partners CLARA, GARR, RNP, TERENA, RedIRIS Focus: – Promoting and consolidating the foundations for creating a framework for authentication and authorization in Latin America, and facilitate the integration with the European initiatives under TERENA activities such as TF-EMC2 and REFEDS, and will make the necessary arrangements to join the GÉANT service eduGAIN
eduroam in Latin America Before the Project 1 production deployments – Brazil, Peru Zero pilot deployments
eduroam in Latin America Year 1 of the Project 3 production deployments – Brazil, Peru, Chile 9 pilot deployments – Argentina, Colombia, Costa Rica, Ecuador, El Salvador, Mexico, Nicaragua, Uruguay, Venezuela
eduroam in Latin America Current progress… 8 production deployments – Argentina, Brazil, Chile, Colombia, Costa Rica, Ecuador, Mexico, Peru 4 pilot deployments – El Salvador, Nicaragua, Uruguay, Venezuela 6 Missing – Bolivia, Guatemala, Honduras, Panama, Paraguay, Guyana
eduroam statement signed
Federation Development Campus Username/Password Store for AuthN IdP Expose Campus IdM via SAML/RADIUS Federation Aggregates IdPs & SPs; Builds Trust Inter- Federation Aggregates Federations
Key steps eduroam at TICAL 2012 – Regional Conference, Assess who has eduroam and who uses it – Repeat at TICAL 2013 and TICAL 2014 Offer services via federated access/eduGAIN – FileSender, Video Conference Portal, RedCLARA Portal Collaboration with GÉANT
Federation Development Criteria Pilot Name, Webpage, Metadata Feed Production Policy for IdPs & SPs Candidate Metadata Registration Practice Statement eduGAIN Declaration Signed, Metadata Feed Validated
Identity Federations and Latin America Year 1 eduGAIN Participant – Brazil (CAFe) eduGAIN Candidate – Chile (COFRe) Pilot Federation – Peru MoU Federations – Argentina, Colombia, Costa Rica, Mexico eduGAIN Member Joining eduGAIN Candidate Federation Pilot Federation MoU Signed
Worldwide eduGAIN status… CAFe COFRe eduGAIN Member Joining eduGAIN Candidate Federation Pilot Federation MoU Signed
Identity Federations and Latin America Current eduGAIN Participant – Brazil (CAFe) – Chile (COFRe) eduGAIN Candidate – Colombia (COLFIRE) Pilot/MoU Federations – Argentina, Costa Rica, Ecuador, Mexico, Peru eduGAIN Member Joining eduGAIN Candidate Federation Pilot Federation MoU Signed with ELCIRA
Problems and Concerns Policy often more difficult then technical issues - Chile was 1 st world wide to adopt Policy Template from GÉANT/REFEDS; Different models of sustainability in the NRENs in Latin America; Few technical people involved in the project; NREN commitment/focus in setting up eduroam infrastructure ahead of AAI.
* MATE (Argentina) MATE run by INNOVA|RED Marco para el Acceso a la Tecnología y la Educación (MATE) Model for Access to Technology and Education (MATE) Started operation in late 2013 Joined eduGAIN in early-2014 ;-) *This is NOT their logo (nor their name)!!
What to focus on? Federating your campus systems – Talk to your researchers, staff & students Investigate key services – Intranet and Website – Webmail Google Apps for Education, Microsoft 365 – e-Learning – Moodle – Talk to your librarian about Journal Access – Find your own “killer app”.
simpleSAMLphp – PHP – Multi-lingual support Shibboleth – IdP is Java, SP is C/mod_shib – Runs within Apache Tomcat PySAML2 – Python Many plug-ins or modules available for common tools. Benefits are greater than using LDAP. More that one choice is good…
Federation Development Technology Policy
Federation Development Technology == Pilot Policy ==Production
Federation Development Technology =>Campus Policy =>NREN
Technology == Pilot NREN as Federation Operator – “Routing” – Discovery Campus, Content Providers, Research Infrastructures – Shibboleth – simpleSAMLphp – PySAML – ADFS
What to NOT focus on? Policy over business case/justification – What’s important for your campus’ Waiting until … – your federation in “production” or in eduGAIN – …a “killer app” is found. “Other” or Future Federation Technologies – OpenID Connect + OAuth are being explored. – Hub&Spoke gateways already exist.
Identity Federations World Wide 31 Production Federations 17 Pilot Federations Last update May 2014
eduroam – roam across borders 26 eduroam Pilot :-(
eduGAIN & Federations 24 eduGAIN Members 7 Joining eduGAIN 0 Candidate Federation 16 Other Federations 15 April 2014
Next steps… Deploy eduroam Use it at TICAL2015 Pick a campus federation technology & Deploy an IdP – PySAML2, simpleSAMLphp, Shibboleth – FreeRADIUS, Microsoft NPS, other… Connect with your NREN/Fed Operator Connect with the community – Country, EAP/CEENet, Europe and Globally Federate your services