Presentation is loading. Please wait.

Presentation is loading. Please wait.

Connect communicate collaborate Internet2 Global Summit 27 April 2015 Washington DCs User Community Driven Development in Trust and Identity Services Ann.

Published byGwendolyn Owens Modified over 8 years ago

Similar presentations

Presentation on theme: "Connect communicate collaborate Internet2 Global Summit 27 April 2015 Washington DCs User Community Driven Development in Trust and Identity Services Ann."— Presentation transcript:

1 connect communicate collaborate Internet2 Global Summit 27 April 2015 Washington DCs User Community Driven Development in Trust and Identity Services Ann Harding, SWITCH

2 connect communicate collaborate Agenda Trust and Identity Landscape GÉANT Research Community Engagement Pilots Conclusions AARC - Authentication and Authorisation for Research and Collaboration About AARC Goals Workplan Panel Bringing it all together – campus, eResearch and Federation

3 connect communicate collaborate Trust and Identity Landscape Where we are and how we got there.

4 connect communicate collaborate Identity Federation Use Case in a nutshell 4

5 connect communicate collaborate Tue, 29 Oct 2002 I2-NEWS: Over 20 Universities and Companies Successfully Test Privacy-Preserving Federated Web Authorization System "After two months of using Shibboleth to manage web course material at North Carolina State University, we saw an 80- to 85-percent drop in our help desk calls," said John Hopkins, physics instructor at Pennsylvania State University. "That's an incredible return, freeing up instructors and staff for other responsibilities.” Research and Education realised this early… 5

6 connect communicate collaborate Coverage grew 6

7 connect communicate collaborate And evolved the global trust and identity landscape 7 The eduGAIN service interconnects identity federations around the world, simplifying access to content, services and resources for the global research and education community

8 connect communicate collaborate eduGAIN and Federation coverage 8 30 eduGAIN Members 6 Joining eduGAIN 5 Candidate Federations 14 Other Federations 25 February 2015

9 connect communicate collaborate Commonly supported use cases 9 Journal Access e-Learning

10 connect communicate collaborate e-Research Driven Evolution 10 Crowd Intelligence Digital Research Big Data Acquisition Crowd Sourcing Crowd Funding, open Innovation Collaborative Design e-infrastructure Technology Conventional Computing Social Networks More People More Machines e-Science (Moore’s Law) (Scholars, citizens) HPC Big Compute Big Data Society Science 2.0 The Future Source: Professor David De Roure, Professor of e-Research at University of Oxford Trust and Identity Services

11 connect communicate collaborate Shared Challenges – FIM4R and TERENA AAA Study 11 Non-web- browser Homeless users Scalable, flexible attribute release Credential translation User friendliness Attribute aggregation Levels of Assurance Bridging Communities

12 connect communicate collaborate GÉANT Enabling Users Working with eResearch to drive Federated Identity Innovation

13 connect communicate collaborate The community 41 Partners 38 individual NRENs + NORDUnet + coordinating partners The company (DANTE+TERENA) GÉANT Association Owned by the community Coordinating partner for the project & Consortium Key functions in project coordination, backbone network ops, community coordination, user engagement The project GN3plus – 2 year project cycle, ends 30 April, GN4 to follow Network, Trust and Identity, Collaboration tools and Cloud research, development, operations and engagement activities Manpower delivered primarily by NRENs but also GÉANT Association c250 participants About GÉANT Why can GÉANT address these challenges? 13

14 connect communicate collaborate GÉANT Enabling Users Approach 14 Act as an expert partner for large, pan- European projects with AAI requirements & collaborate with international user communities to increase use of eduGAIN Coordinate a set of two or three projects between GÉANT and user communities, addressing their federated-identity concerns REFEDs/GÉANT calls for interested pilots 11 use cases received, 5 collaborations made

15 connect communicate collaborate Pilots - CERN 15 Use case: Add the CERN IdP and a selection of service to eduGAIN e.g. Indico GÉANT partner - SWITCH Service Development: SIRTFI - A Security Incident Response Trust Framework for Federated Identity CERN, the European Organization for Nuclear Research. Over 10,000 physicists from more than 60 countries collaborate to process LHC data.

16 connect communicate collaborate Pilots - DARIAH 16 Digital Research Infrastructure for the Arts and Humanities. over 2000 users registered with the user management of DARIAH. Users highly distributed with little privileged access to IT. Use Case: Enabling federated access to all DARIAH services Enhancing attribute release by supporting the adoption of the GÉANT Data Protection Code of Conduct for Service Providers in EU/EEA. GÉANT Partner - DFN Service Development: White Paper – Options for Joining eduGAIN Enhanced Code of Conduct Deployment Open Letter to CIOs https://wiki.edugain.org/CoCoEndorse ment

17 connect communicate collaborate Pilots - Elixir 17 European infrastructure for biological information, supporting life science research and its translation to medicine, agriculture, bio industries and society. Many of the datasets in life sciences cannot be freely distributed due to ethical, legal, societal or intellectual property reasons. Use Case: Make the EGA portal service provider available via eduGAIN Make the REMS service provider available via eduGAIN Minimise the number of homeless users Identify ELIXIR’s requirements for Assurance vs. current federation capabilities GÉANT Partner – CSC (Finland) Service Development: https://wiki.edugain.org/isFederatedCheck /

18 connect communicate collaborate Pilots - ESA 18 The European Space Agency is Europe’s gateway to space. One of ESA’s branches is Earth Observation (EO). EO data is distributed via the use of ESA EO web application services to a worldwide user community that includes around 20,000 scientists. Use Case: Deployment of a test environment reproducing the Landsat data dissemination server as Service Provider in eduGAIN Deployment of a test environment reproducing the ESA EO Identity Provider in the Italian test federation. GÉANT Partner - GARR Service Development Improved documentation for a commercial outsourced provider to manage the pilot.

19 connect communicate collaborate Pilots - Umbrella 19 Umbrella is the pan-European authentication and authorisation platform for the photon and neutron research community. A total of more than 30,000 users visit these facilities annually, with 40%-60% of these visiting multiple facilities Use Case: Bridging of eduGAIN-Umbrella Linking user’s university identity to an Umbrella identity Non-browser access to facility servers. GÉANT Partner - SWITCH Service Development Moonshot pilot for non web SSO Account translation mechanism in Umbrella

20 connect communicate collaborate Listen carefully to the user requirements Ask the users to describe what they want to achieve, not what they want to get from you The research communities need to be properly resourced to run their parts Need to understand their identity management workflows before a solution Progress can be slow But collaboration is welcomed Chicken & egg scenario for deployment Aggregate demand and keep solutions manageable Sometimes the best solution for the research group is too specific for the general service How far can we disrupt the cost/benefit equation for everyone? Conclusions 20

21 connect communicate collaborate Report on pilots http://www.geant.net/Resources/Deliverables/Documents/D9-4_DS5-5- 1_Towards-Horizon-2020_The-Enabling-Users-Experience%20(3).pdf http://www.geant.net/Resources/Deliverables/Documents/D9-4_DS5-5- 1_Towards-Horizon-2020_The-Enabling-Users-Experience%20(3).pdf Market Analysis, Federation as a Service http://www.geant.net/Resources/White_Papers/Documents/MS83_MS5-4- 1_Federation-as-a-Service-Pilot-Service-Definition-and-Market- Analysis%20(2).pdf http://www.geant.net/Resources/White_Papers/Documents/MS83_MS5-4- 1_Federation-as-a-Service-Pilot-Service-Definition-and-Market- Analysis%20(2).pdf White paper for eResearch on how to join eduGAIN https://wiki.edugain.org/index.php?action=remote&title=- &mod=SecureFileStore&rf=getFile&f=/a/a1/Options-for-Joining-eduGAIN.pdf Further Reading 21

22 connect communicate collaborate Panel - Linking Campus and Research in Trust and Identity Panelists: Licia Florio, GÉANT Association Ann Harding, SWITCH Klara Jelinkova, CIO, Rice University Scott Koranda, LIGO Moderator: Gyöngyi Horváth, GÉANT Association

23 connect communicate collaborate Campus and Research A deliberately extreme example 23 The Research Community/SP view Our resources are ‘special’ are we need to know they are protected properly. We need to know that you have taken care to make sure the right people are registered and can give us all the tools and data we need. This should be the responsibility of the infrastructure providers, not projects. The Campus/IdP view Reasonable level of trust through federation – you know us. This change is EXPENSIVE and you are asking us to bear the cost. Different SPs want different things all the time. There are no clear use cases as to WHY you need this. What can federations and eduGAIN do to balance the equation?

Download ppt "Connect communicate collaborate Internet2 Global Summit 27 April 2015 Washington DCs User Community Driven Development in Trust and Identity Services Ann."

Similar presentations

EGI-InSPIRE RI-261323 EGI-InSPIRE EGI-InSPIRE RI-261323 AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Federated Identity Management for Researchers – A quick overview from GÉANT BoF TNC 2014 20 May 2014 Dublin.

Federated Identity Management for Researchers – A quick overview from GÉANT BoF TNC May 2014 Dublin.
EduGAIN – Are we there yet? Lukas Hämmerle (ghost writer, Brook Schofield) FIM4R, Helsinki – 2 October 2013.

EduGAIN – Are we there yet? Lukas Hämmerle (ghost writer, Brook Schofield) FIM4R, Helsinki – 2 October 2013.
Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI TF, AAI workshop 19 Sep 2012.

Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI TF, AAI workshop 19 Sep 2012.
FIM-ig Federated Identity Management Interest Group.

FIM-ig Federated Identity Management Interest Group.
ESA EO Federated Identity Management Initiatives A. Baldi ESA: M. Leonardi RHEA:

ESA EO Federated Identity Management Initiatives A. Baldi ESA: M. Leonardi RHEA:
EUROPEAN IDENTITY STRATEGY 1 NICOLE HARRIS e-Infrastructure Summer Workshops, Federated Identity Technology.

EUROPEAN IDENTITY STRATEGY 1 NICOLE HARRIS e-Infrastructure Summer Workshops, Federated Identity Technology.
Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.

Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.
John Dyer Business & Technology Strategist TERENA Business & Technology Strategist December 2013 European NRENs Evolution.

John Dyer Business & Technology Strategist TERENA Business & Technology Strategist December 2013 European NRENs Evolution.
Www.egi.eu EGI-Engage www.egi.eu EGI-Engage Engaging the EGI Community towards an Open Science Commons Project Overview 9/14/2015 EGI-Engage: a project.

EGI-Engage EGI-Engage Engaging the EGI Community towards an Open Science Commons Project Overview 9/14/2015 EGI-Engage: a project.
BoF: Federated Identity Management for Researchers David Kelsey (STFC-RAL) TNC2014, Dublin 20 May 2014.

BoF: Federated Identity Management for Researchers David Kelsey (STFC-RAL) TNC2014, Dublin 20 May 2014.
Authentication and Authorization in a federated environment Jules Wolfrat (SARA)

Authentication and Authorization in a federated environment Jules Wolfrat (SARA)
Www.geant.org AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.

AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.
Advanced Computing Services for Research Organisations Bob Jones Head of openlab IT dept CERN This document produced by Members of the Helix Nebula consortium.

Advanced Computing Services for Research Organisations Bob Jones Head of openlab IT dept CERN This document produced by Members of the Helix Nebula consortium.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
Updates Licia Florio, TERENA REFEDS Meeting 5 Sept 2012.

Updates Licia Florio, TERENA REFEDS Meeting 5 Sept 2012.
Connect communicate collaborate GÉANT3plus Enabling Users Pilots Lukas Hämmerle Task Leader Enabling Users

Connect communicate collaborate GÉANT3plus Enabling Users Pilots Lukas Hämmerle Task Leader "Enabling Users"
Authentication and Authorisation for Research and Collaboration Licia Florio (GÉANT) Christos Kanellopoulos (GRNET) Service orientation.

Authentication and Authorisation for Research and Collaboration Licia Florio (GÉANT) Christos Kanellopoulos (GRNET) Service orientation.
European Life Sciences Infrastructure for Biological Information www.elixir-europe.org Life science community update for the 7 th Federated Identity Management.

European Life Sciences Infrastructure for Biological Information Life science community update for the 7 th Federated Identity Management.
Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI CF, FIM workshop 11 Apr 2013.

Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI CF, FIM workshop 11 Apr 2013.

Similar presentations

Ads by Google