Presentation is loading. Please wait.

Presentation is loading. Please wait.

Middleware challenges to service providers, the Nordic view TERENA, 24.10.2002 Ingrid Melve, UNINETT.

Published byJulia Paul Modified over 8 years ago

Similar presentations

Presentation on theme: "Middleware challenges to service providers, the Nordic view TERENA, 24.10.2002 Ingrid Melve, UNINETT."— Presentation transcript:

1 Middleware challenges to service providers, the Nordic view TERENA, 24.10.2002 Ingrid Melve, UNINETT

2 1 Overview ● What is happening in the Nordic countries with middleware ● Nordunet2 research initative ● GNOMIS ● FEIDE and FEIDHE ● SwUPKI and SPOCP ● Infraservices, the Nordic approach ● Distinguished academic middleware

3 1 Learning Network

4 1 Middleware helps us ● Have an electronic identity ● Name networked stuff, for humans to find ● Secure our communication ● May log in where access is restricted ● Keep track of networked users and components and content and stuff ● Control privacy options

5 1 Middleware in action ● DNS: naming and resource discovery ● Multicast and traffic flow control ● Access control ● Authentication ● Authorization ● Accounting ● Policy and Quality of Service (QoS) ● Proxies: flow control, caching ● Transcoding and announcements

6 1 Authentication and Authorization ● Logging in ● Who are you? Authentication ● What are you allowed to do? Authorization and policy ● There is no single Public Key Infrastructure (PKI) ● Scaling trust is difficult ● Bootstrapping is hard ● Do we need better security? Really?

7 1 Nordunet2 ● Follow up on Nordunet which established the operational NORDUnet and put the Nordic countries on the network frontier ● http://www.nordunet2.org ● Focal areas ● Distance education and lifelong learning ● Tele Medicine ● Digital libraries ● Infraservices

8 1 Infraservices is middleware ● Infraservices projects ● Directories ● Transcoding, mobile support ● GRID ● Virtual Reality support ● AA and GNOMIS ● Test networks

9 1 GNOMIS ● The Greater Nordic Middleware Symposium: sharing the burden ● Finns have done large scale end user testing of PKI technology and smart cards ● Swedes have worked on server certificates and authorization ● Norwegians build user management systems integrated with authentication services

10 1 FEIDE: common academic electronic ID in Norway ● Building a common electronic ID ● Standard person/user information ● Standard resource information ● Enable easy login facilities ● Building blocks ● Username/password in schema ● Legal issues wrangled once ● PKI, possibly support for smart cards ● Common authentication service ● Establish a common authorization service

11 1 FEIDHE/HSTYA ● Investigate possibilities for implementing a smart card based electronic identification ● Testing smart cards in applications ● User authentication ● Digital signatures ● Deployment steps recommended ● Make related modifications to the user administration ● Deploy services relying on PKI ● Distribute smart cards to the users

12 1 SwUPKI ● Swedish University PKI ● PKI used (mostly) for server certificates ● 5 participating universities (so far) ● Sample policies available, easy to join ● Affordable certificates ● Operations and policy decisions are separated on top level Certification Authority

13 1 SPOCP test ● Simple Policy Control Project ● 5 swedish universities, Sunet and Uninett ● Testing policy control server for authorization ● Centralized authorization ● Support for Access Control List descriptions

14 1 How are universities different ● Heterogenous software ● Open solutions, no inside/outside (students inside are more dangerous than the outside), few firewalls ● Loosely coupled systems ● Some are large scale, most have transient user populations ● Hard to establish organizational policy that works for all (a professor may do as she wants)

15 1 How is university middleware similar ● Security issues are the same whereever you go ● Getting users to behave ● Protecting the prey: users and servers ● Keeping track of who is allowed to do what ● BUT: universities are similar to the Internet at large, not to enterprise networks

16 1 Summing up ● Nordic area is collaborating on solving middleware challenges ● Middleware makes networked life more complex ● Middleware is on its way ● Directories of information ● Software on servers and clients ● Policy and formal agreements ● We have work to do on the NRN level ● Contact: ● ingrid.melve@uninett.no, ingrid.melve@uninett.no ● gnomis@uninett.no

Download ppt "Middleware challenges to service providers, the Nordic view TERENA, 24.10.2002 Ingrid Melve, UNINETT."

Similar presentations

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.
Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
ELAG Trondheim 2004 1 Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.

ELAG Trondheim Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.

Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.

Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.
Digital Identities for Networks and Convergence Joao Girao, Amardeo Sarma.

Digital Identities for Networks and Convergence Joao Girao, Amardeo Sarma.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Understanding Active Directory

Understanding Active Directory
At their deskAt their desk In a branchIn a branch On the roadOn the road Protect data & PCsProtect data & PCs Built on Windows Vista foundation Easy.

At their deskAt their desk In a branchIn a branch On the roadOn the road Protect data & PCsProtect data & PCs Built on Windows Vista foundation Easy.
Network Shared Services. Shared Services –Network Authentication and Authorization Services –Exchange Network Discovery Service –Universal Description.

Network Shared Services. Shared Services –Network Authentication and Authorization Services –Exchange Network Discovery Service –Universal Description.
Lesson 17 – UNDERSTANDING OTHER NETWARE SERVICES.

Lesson 17 – UNDERSTANDING OTHER NETWARE SERVICES.
Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.

Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.
Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –

Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –
Public Key Infrastructure from the Most Trusted Name in e-Security.

Public Key Infrastructure from the Most Trusted Name in e-Security.
Public Key Infrastructure Ammar Hasayen 2013. ….

Public Key Infrastructure Ammar Hasayen ….
Windows 2003 and 802.1x Secure Wireless Deployments.

Windows 2003 and 802.1x Secure Wireless Deployments.
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.

Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.
Deploying a Certification Authority for Networks Security Prof. Dr. VICTOR-VALERIU PATRICIU Cdor.Prof. Dr. AUREL SERB Computer Engineering Department Military.

Deploying a Certification Authority for Networks Security Prof. Dr. VICTOR-VALERIU PATRICIU Cdor.Prof. Dr. AUREL SERB Computer Engineering Department Military.

Similar presentations

Ads by Google