Guests and Collaborators Internet 2 Spring Member Meeting
Stanford Guest System
Before SUNetIDs issued to faculty, staff & students Others can get sponsored SUNetIDs Sponsor must have signature authority Sponsorship must be renewed annually Sponsorship can be transferred
After Sponsored SUNetIDs still available Still needed for non-web access Self-register and bulk invite guest IDs Stanford users grant entitlements to guests No guest attributes released outside Stanford
Design Based on existing infrastructure New guest KDC, WebLogin & IdP services Reusing existing directory services Some changes to account management tools Services providers can choose WebLogin or IdP
NSF Virtual Organization Proposal
Proposal Internet2 proposal for NSF funding Grouper extension work Signet extension work Virtual Organization Toolkit Prototype VO Service Center Currently awaiting NSF decision (Summer)
VO Technology
VO Toolkit Goals AuthN done at users’ home org Small set of “enhanced” apps Blog, wiki, mailing list Group and privilege management integrated with apps feedback to Grouper & Signet projects
Service Center Goals Just a prototype Service to create, host and manage VOs Federated access Packaged for others to run too Easily deployable - Virtual Appliance?
Questions Lots of unanswered questions How do VOs identify users to other services? What attributes can VOs store or propagate Where does it run? Life cycle management? User directory?
Questions, Comments & Suggestions Scotty.Logan@Stanford.EDU Bruce.Vincent@Stanford.EDU