Presentation is loading. Please wait.

Presentation is loading. Please wait.

Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration Mikael Linden AARC all hands Milan Authentication and Authorisation.

Published byPercival Fowler Modified over 8 years ago

Similar presentations

Presentation on theme: "Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration Mikael Linden AARC all hands Milan Authentication and Authorisation."— Presentation transcript:

1 https://aarc-project.eu Authentication and Authorisation for Research and Collaboration Mikael Linden AARC all hands Milan Authentication and Authorisation for Research and Collaboration NA3.1 LoA status 2-3 Nov 2015 3.1 task leader

2 https://aarc-project.eu Work done in parallel with GN4p1 SA5 T1 (=> IdP contacts) Interview template: https://wiki.geant.org/x/GgLkAghttps://wiki.geant.org/x/GgLkAg Interviews (1-1.5 hours, Skype) EGI – David G PRACE – Jules W CLARIN – Martin M ELIXIR – Ilkka L Photon/neutron – Mirjam van D Pending DARIAH – Peter G WLGC – Romain W /Hannah S Anyone missing? Interview results: https://wiki.geant.org/x/nQHbAghttps://wiki.geant.org/x/nQHbAg 2 Level of assurance Research community interviews done

3 https://aarc-project.eu MNA3.1: “Recommendation on minimal assurance level relevant for low-risk research use cases” Accounts belong to a known individual (i.e. no shared accounts) Persistent identifiers (i.e. are not re-assigned) Documented identity vetting (not necessarily F2F) Password authN (with some good practices) Departing user’s account closes/ePA changes promptly Self-assessment (supported with specific guidelines) Questions to the floor: Do we want to include incident response stuff (NA3.2) here? Do we want to include attribute release requirements? Do we want to include wider information security requirements? 3 Early findings (for the milestone MNA3.1 in 11/2015)

4 https://aarc-project.eu We (who is we? SA1? JRA1?) develop and pilot a tool which Is an eduGAIN SP to which any eduGAIN IdP admin can log in Presents structured self-assessment questions to the IdP/IdM admin Quantitive: (”do accounts belong to an individual”) Qualitative: (”explain how you ensure accounts belong to an individual”) Publishes the results for anyone to read Evaluates if the LoA minimum is fulfilled Spits an Entity Category tag to eduGAIN metadata for the IdP Can we do that centrally? Asks the IdP admin to re-evaluate every year Can assist in the LoA peer-review If peer review becomes a requirement e.g. for a higher LoA level 4 Idea: How to assist IdPs to do the LoA self-assessment

5 https://aarc-project.eu 5 c.f. Surfnet’s IdM maturity scan for Dutch Home Organisations

6 https://aarc-project.eu © GÉANT on behalf of the AARC project. The work leading to these results has received funding from the European Union’s Horizon 2020 research and innovation programme under Grant Agreement No. 653965 (AARC). Thank you Any Questions? https://aarc-project.eu Mikael.linden@csc.fi

Download ppt "Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration Mikael Linden AARC all hands Milan Authentication and Authorisation."

Similar presentations

Www.geant.org AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.

AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.
Authentication and Authorisation for Research and Collaboration Licia Florio (GÉANT) Christos Kanellopoulos (GRNET) Service orientation.

Authentication and Authorisation for Research and Collaboration Licia Florio (GÉANT) Christos Kanellopoulos (GRNET) Service orientation.
European Life Sciences Infrastructure for Biological Information www.elixir-europe.org Life science community update for the 7 th Federated Identity Management.

European Life Sciences Infrastructure for Biological Information Life science community update for the 7 th Federated Identity Management.
Campus Identity Management Requirements (=IAP) REFEDs meeting 7.6.2009 Mikael Linden,

Campus Identity Management Requirements (=IAP) REFEDs meeting Mikael Linden,
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration Pilots on the Integrated R&E AAI Paul van Dijk, Activity Lead Pilots.

Authentication and Authorisation for Research and Collaboration Pilots on the Integrated R&E AAI Paul van Dijk, Activity Lead Pilots.
Federations round table Haka federation of Finland EuroCAMP 17.4.2007 Mikael Linden CSC, the Finnish IT Center for Science.

Federations round table Haka federation of Finland EuroCAMP Mikael Linden CSC, the Finnish IT Center for Science.
Innovation through participation eduGAIN interfederation service for research and education Cern FedID workshop in RAL, UK 2-3 Nov 2011 Mikael Linden,

Innovation through participation eduGAIN interfederation service for research and education Cern FedID workshop in RAL, UK 2-3 Nov 2011 Mikael Linden,
Authentication and Authorisation for Research and Collaboration Licia Florio REFEDS Meeting The AARC Project I2 Technology Exchange.

Authentication and Authorisation for Research and Collaboration Licia Florio REFEDS Meeting The AARC Project I2 Technology Exchange.
Authentication and Authorisation for Research and Collaboration Licia Florio AARC Workshop The AARC Project Brussels, 26 October.

Authentication and Authorisation for Research and Collaboration Licia Florio AARC Workshop The AARC Project Brussels, 26 October.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration David Kelsey AARC AHM Milan And mechanisms NA3 Task 4 – Scalable.

Authentication and Authorisation for Research and Collaboration David Kelsey AARC AHM Milan And mechanisms NA3 Task 4 – Scalable.
Innovation through participation eduGAIN policy: A worm report TF-EMC2 Vienna 17.2.2010 Mikael Linden, CSC The worm farmer.

Innovation through participation eduGAIN policy: A worm report TF-EMC2 Vienna Mikael Linden, CSC The worm farmer.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration Peter Solagna Milano, AARC General meeting Current status and plans.

Authentication and Authorisation for Research and Collaboration Peter Solagna Milano, AARC General meeting Current status and plans.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration Niels van Dijk AARC General Meeting Authentication and Authorisation.

Authentication and Authorisation for Research and Collaboration Niels van Dijk AARC General Meeting Authentication and Authorisation.
Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos GRNET Proposed Pilots for Libraries and eGov.

Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos GRNET Proposed Pilots for Libraries and eGov.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration Michał Jankowski, Maciej Brzeźniak AARC General Meeting, Milan.

Authentication and Authorisation for Research and Collaboration Michał Jankowski, Maciej Brzeźniak AARC General Meeting, Milan.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration AARC general meeting in Milan, November 3 Authentication and Authorisation.

Authentication and Authorisation for Research and Collaboration AARC general meeting in Milan, November 3 Authentication and Authorisation.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration NA2 meeting in Brussels, October 26 Authentication and Authorisation.

Authentication and Authorisation for Research and Collaboration NA2 meeting in Brussels, October 26 Authentication and Authorisation.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration Milan, Italy Training and Outreach Authentication and Authorisation.

Authentication and Authorisation for Research and Collaboration Milan, Italy Training and Outreach Authentication and Authorisation.
JRA1.4 Models for implementing Attribute Providers and Token Translation Services Andrea Biancini.

JRA1.4 Models for implementing Attribute Providers and Token Translation Services Andrea Biancini.
Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos https://wiki.geant.org/display/AARC/AARC+Architecture+-+private.

Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos

Similar presentations

Ads by Google