Case Studies in Identity Management for Scientific Collaboration 2014 Technology Exchange Jim Basney CILogon This material is.

Slides:



Advertisements
Similar presentations
MyProxy Jim Basney Senior Research Scientist NCSA
Advertisements

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Contrail and Federated Identity Management
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE Tutorial Getting started with GILDA.
Information Resources and Communications University of California, Office of the President UCTrust David Walker Office of the President University of California.
U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign This material is based upon work supported by the National Science.
Federated Identity for Scientific Collaborations: Policy Issues Jim Basney 2 nd Workshop on Federated Identity Systems for Scientific.
Federated Access to US CyberInfrastructure Jim Basney CILogon This material is based upon work supported by the National Science Foundation.
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign InCommon and TeraGrid Campus Champions Jim Basney
Shibboleth Update a.k.a. “shibble-ware”
The E-Authentication Initiative An Overview Peter Alterman, Ph.D. Assistant CIO for e-Authentication, NIH and Chair, Federal PKI Policy Authority The E-Authentication.
CILogon and InCommon: Technical Update Jim Basney This material is based upon work supported by the National Science Foundation under grant numbers
National Computational Science National Center for Supercomputing Applications National Computational Science MyProxy: An Online Credential Repository.
Distributed Web Security for Science Gateways Jim Basney In collaboration with: Rion Dooley Jeff Gaynor
The InCommon Federation The U.S. Access and Identity Management Federation
Distributed Web Security for Science Gateways Jim Basney In collaboration with: Rion Dooley Jeff Gaynor
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign Secure Access to Research Infrastructure via the InCommon Federation.
CILogon OSG CA Mine Altunay Jim Basney TAGPMA Meeting Pittsburgh May 27, 2015.
TeraGrid Science Gateways: Scaling TeraGrid Access Aaron Shelmire¹, Jim Basney², Jim Marsteller¹, Von Welch²,
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
GridShib: Grid/Shibboleth Interoperability September 14, 2006 Washington, DC Tom Barton, Tim Freeman, Kate Keahey, Raj Kettimuthu, Tom Scavo, Frank Siebenlist,
Evolution of the Open Science Grid Authentication Model Kevin Hill Fermilab OSG Security Team.
Federated Environments and Incident Response: The Worst of Both Worlds? A TeraGrid Perspective Jim Basney Senior Research Scientist National Center for.
Federated Access to US CyberInfrastructure Jim Basney CILogon This material is based upon work supported by the National Science.
Identity Management in Open Science Grid Identity Management in Open Science Grid Challenges, Needs, and Future Directions Mine Altunay OSG Security Officer.
Shibboleth Akylbek Zhumabayev September Agenda Introduction Related Standards: SAML, WS-Trust, WS-Federation Overview: Shibboleth, GSI, GridShib.
Tutorial: Building Science Gateways TeraGrid 08 Tom Scavo, Jim Basney, Terry Fleury, Von Welch National Center for Supercomputing.
Access Control and Markup Languages Pages 183 – 187 in the CISSP 1.
Federated Authentication at NIH: Trusting External Credentials at Known Levels of Assurance Debbie Bucci and Peter Alterman November, 2009.
Leveraging the InCommon Federation to access the NSF TeraGrid Jim Basney Senior Research Scientist National Center for Supercomputing Applications University.
Connect. Communicate. Collaborate Universität Stuttgart A Client Middleware for Token- Based Unified Single Sign On to eduGAIN Sascha Neinert, University.
Identity Management in DEISA/PRACE Vincent RIBAILLIER, Federated Identity Workshop, CERN, June 9 th, 2011.
February, TRANSCEND SHIRO-CAS INTEGRATION ANALYSIS.
Challenges of Federated Authentication to TeraGrid and Open Science Grid Jim Basney
Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.
Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
EMI is partially funded by the European Commission under Grant Agreement RI Federated Grid Access Using EMI STS Henri Mikkonen Helsinki Institute.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.
Identity Management in Open Science Grid Identity Management in Open Science Grid Challenges, Needs, and Future Directions Mine Altunay, James Basney,
Hands on Security, Authentication and Authorization Virginia Martín-Rubio Pascual RedIRIS/Red.es Curso Grid y e-Ciencia.
EGI-InSPIRE RI Grid Training for Power Users EGI-InSPIRE N G I A E G I S Grid Training for Power Users Institute of Physics Belgrade.
Trusted Organizations In the grid world one single CA usually covers a predefined geographic region or administrative domain: – Organization – Country.
OSG Security: Updates on OSG CA & Federated Identities Mine Altunay, PhD OSG Security Team OSG AHM March 24, 2015.
1 Name of Meeting Location Date - Change in Slide Master Authentication & Authorization Technologies for LSST Data Access Jim Basney
Authentication and Authorisation for Research and Collaboration Peter Solagna, Nicolas EGI AAI integration experiences AARC Project.
Bringing Federated Identity to Grid Computing Dave Dykstra CISRC16 April 6, 2016.
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign This material is based upon work supported by the National Science.
The IGTF to eduGAIN Bridge
WLCG Update Hannah Short, CERN Computer Security.
RCauth.eu CILogon-like service in EGI and the EOSC
LIGO Identity and Access Management
EGI Updates Check-in Matthew Viljoen – EGI Foundation
Identity and Certificates
Identity Federations - Overview
Boosting AAI for research and collaboration
Discussion and Conclusion
NAAS 2.0 Features and Enhancements
Technical Approach Chris Louden Enspier
Pilots in AARC Arnout Terpstra (AARC2) / Paul van Dijk (AARC1)
AARC Blueprint Architecture and Pilots
HIMSS National Conference New Orleans Convention Center
RCauth.eu CILogon-like service in EGI and the EOSC
Community AAI with Check-In
Federated Environments and Incident Response: The Worst of Both Worlds
A Grid Authorization Model for Science Gateways
The SciTokens Authorization Model: JSON Web Tokens & OAuth
This material is based upon work supported by the National Science Foundation under Grant #XXXXXX. Any opinions, findings, and conclusions or recommendations.
Check-in Identity and Access Management solution that makes it easy to secure access to services and resources.
Presentation transcript:

Case Studies in Identity Management for Scientific Collaboration 2014 Technology Exchange Jim Basney CILogon This material is based upon work supported by the National Science Foundation under grant numbers and and by the Department of Energy under award number DE-SC Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the United States Government or any agency thereof.

CILogonwww.cilogon.org CILogon – Provides personal digital certificates for access to cyberinfrastructure Uses federated authentication for user identification

CILogonwww.cilogon.org Federated Authentication Log on to CILogon using your campus (InCommon) or Google (OpenID) account

CILogonwww.cilogon.org Bridging InCommon and IGTF Translating mechanism and policy across higher education and grid trust federations

CILogonwww.cilogon.org Multiple Levels of Assurance CILogon Silver CA –InCommon Silver IDs –IGTF accredited February 2011 CILogon Basic CA –“Basic” InCommon IDs –IGTF accredited June 2014 Google Authenticator provides second authentication factor

CILogonwww.cilogon.org Multiple Interfaces SAML/OpenID Web Browser SSO –PKCS12 certificate download –Certificate issuance via OAuth –Coming Soon: OpenID Connect token issuance SAML ECP –Command-line certificate issuance

CILogonwww.cilogon.org ligo-proxy-init using SAML ECP $ ligo-proxy-init scott.koranda Your identity: Enter pass phrase for this identity: Creating proxy Done Your proxy is valid until: Mar 5 13:45: GMT $ grid-proxy-info -all subject : /DC=org/DC=cilogon/C=US/O=LIGO/CN=Scott Koranda issuer : /DC=org/DC=cilogon/C=US/O=CILogon/CN=CILogon Basic CA 1 identity : /DC=org/DC=cilogon/C=US/O=LIGO/CN=Scott Koranda type : end entity credential strength : 2048 bits path : /tmp/x509up_u1000 timeleft : 71:59:52 (3.0 days)

CILogonwww.cilogon.org Integrated with CyberInfrastructure

CILogonwww.cilogon.org Integrated with Globus

CILogonwww.cilogon.org Used by DOE KBase

CILogonwww.cilogon.org Used by OSG Connect

CILogonwww.cilogon.org Used by ATLAS Connect

CILogonwww.cilogon.org Integrated with Campus

CILogonwww.cilogon.org CILogon and XSEDE CILogon is –a component in the XSEDE architecture –following the XSEDE engineering process: architecture, design, and security reviews and operational acceptance tests XSEDE provides sustained operational support to CILogon users (ATLAS, DataONE, OOI, OSG, KBASE, LIGO, etc.) Including backup CILogon instance at NICS CILogon

InCommon R&S SP

CILogonwww.cilogon.org

CILogonwww.cilogon.org

CILogonwww.cilogon.org Replicating CILogon Internationally

CILogonwww.cilogon.org Thanks!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.