Presentation is loading. Please wait.

Presentation is loading. Please wait.

TrustTech - Task Overview (GN4-2 JRA3-T3)

Published byUrsula Tucker Modified over 6 years ago

Similar presentations

Presentation on theme: "TrustTech - Task Overview (GN4-2 JRA3-T3)"— Presentation transcript:

1 TrustTech - Task Overview (GN4-2 JRA3-T3)
Next-Gen T&I Technology Development Maarten Kremers (SURFnet) Tasklead TrustTech JRA3 Kick-off Zürich, July 2016

2 Next Generation T&I Technology Development
Introduction Next Generation T&I Technology Development “This Task integrates developments that go beyond or significantly disrupt the current models, technologies or approaches to trust and identity that are in operation in the eduGAIN platform.” “It aims to widen the engagement of federated identity approaches to other sectors, including e-Government and potential social identity providers, allowing greater engagement by individuals and citizen scientists in research.”

3 173 ManMonths / 14,4 ManYear / 5,4 FTE per Year
TrustTech People 24 persons 173 ManMonths / 14,4 ManYear / 5,4 FTE per Year People from: Austria, Czech Republic, Estonia, Finland, Germany, Greece, Ireland, Italy, Moldova, Norway, Spain, Sweden, Switzerland & The Netherlands

4 SubTasks T3.1 Federated identity, the next generation
Carry out development based on OpenID Connect (OIDC), specifically for extending the standard to make OIDC “federation and interfederation capable” (i.e. OIDC metadata, discovery, etc.), including engaging with and contributing to the IETF and developing a potential OIDC profile for eduGAIN. Making OpenID Connect work for federations (Based on proposal Roland, Rebecka & others) Standardize claims (REFEDS OIDCre workgroup) Reference implementation Specify OpenID Connect profile for eduGAIN Pilot, pilot, pilot Much interest in this topic, but standarization be a time consuming process

5 SubTasks T3.1 Federated identity, the next generation
Develop user-centric identity federation: user-managed access. Engage with federations on the principle of user-managed access, not only technically, but also reflecting the principle that the user is the resource owner and should therefore be in control of their own “data”. Develop pilots based on eduKEEP- and eduID-like approaches, currently at TRL 6–8 in various national developments, to enhance to scale for international interoperability. Best Current Practice for User centric Identity Federation based on reference architecture, policy/legal framework and interfed recommendations (prescriptive) and the overview of current activities in eduID-like approaches (descriptive) Pilot Advanced aspects? Migration path? : Great to have but complicated.

6 SubTasks T3.2 Two-factor authentication in eduGAIN
Develop procedures/metadata profiles for including two-factor support in eduGAIN. NOTE: not two-factor / MFA service itself. Building on on top of / reusing the work from the Incommon MFA WG

7 SubTasks T3.3 Services to support mobile federated identity
GN3plus and GN4-1 delivered research into technical facilities to support non-web use cases for rich client applications and mobile devices (using OpenID Connect and Moonshot). Service options for integrating these results in a service context for GÉANT will be developed, integrated into the harmonisation framework and piloted with eduGAIN to attain TRL 8. MoonShot enhancements (Portal) SDK for platforms to have safe federated login OpenID Connect, mobile and federation Goal is clear (added value service for eduGAIN), exact path to be determined.

8 SubTasks T3.4 Cross-sector interoperability (eduGAIN)
Identify and pilot methods to organise and incorporate eIDAS and social identities with eduGAIN. Collaborate with Task 2, since interoperability with government eID/eIDAS may also facilitate step-up assurance, and social identity may provide coverage for some homeless users (i.e. users without an account within a R&E federation). AARC results will be examined for adoption as they become available.   Update of eduPEPS (eIDAS to eduGAIN proxy) Recommendations for business model Pilot Step-up assurance service based on eIDAS (?), in collaboration with task 2 (RASP), based on recommendations of AARC. To be determined in due time. Social ID proxy service, satosa development? Too early to determine now.

9 Formal Milestones and Deliverables
Deliverable D9.3: Best Practice for User Centric Federated Identity Due M October 2017 Milestone M9.8: User Centric Federated Identity Business Case Due M October 2018

10 Division of Work

11 Dependencies Inside GN With JRA3 - task 2 (RASP) : Step-up / assurance based on a cross-sector federation (eIDAS) JRA3 and SA2 in general With AARC Step-up / assurance based on a cross-sector federation (eIDAS Others / Stakeholders (short list) REFEDS (especially OIDCre WG) eduGAIN OpenID Connect standardization people eIDAS And of course: Federations, Institutions and our Users !!

12 More information Wiki:

13

Download ppt "TrustTech - Task Overview (GN4-2 JRA3-T3)"

Similar presentations

The European Activities of BR Communication e-CODEX e-Justice Communication via Online Data Exchange Bucharest, June 14 th 2013.

The European Activities of BR Communication e-CODEX e-Justice Communication via Online Data Exchange Bucharest, June 14 th 2013.
Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.

Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.
Federated Identity Management in New Zealand Sat Mandri Service Manager TNC15 REFEDs Meeting, 14 th June 2015.

Federated Identity Management in New Zealand Sat Mandri Service Manager TNC15 REFEDs Meeting, 14 th June 2015.
The importance of being ERIC Developments in cross-European data sharing.

The importance of being ERIC Developments in cross-European data sharing.
Www.geant.org AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.

AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
C ross-European data sharing made easy 2012-03-28 EDAF Luxembourg.

C ross-European data sharing made easy EDAF Luxembourg.
Connect communicate collaborate GÉANT3plus Enabling Users Pilots Lukas Hämmerle Task Leader Enabling Users

Connect communicate collaborate GÉANT3plus Enabling Users Pilots Lukas Hämmerle Task Leader "Enabling Users"
Openid Connect https://store.theartofservice.com/the-openid-connect-toolkit.html.

Openid Connect
Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI CF, FIM workshop 11 Apr 2013.

Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI CF, FIM workshop 11 Apr 2013.
Géant-TrustBroker project overview Slides assembled by the Géant-TrustBroker team at Leibniz Supercomputing Centre, Germany for a short presentation by.

Géant-TrustBroker project overview Slides assembled by the Géant-TrustBroker team at Leibniz Supercomputing Centre, Germany for a short presentation by.
Géant-TrustBroker Project Overview Daniela Pöhn 7 th FIM4R meeting Frascati, Italy April 24 th, 2014.

Géant-TrustBroker Project Overview Daniela Pöhn 7 th FIM4R meeting Frascati, Italy April 24 th, 2014.
Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.

Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.
Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos Open Day Event: Towards the European Open.

Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos Open Day Event: Towards the European Open.
NREN Trust and Identity Strategy Ann Harding, SWITCH Cambridge July 2014.

NREN Trust and Identity Strategy Ann Harding, SWITCH Cambridge July 2014.
Networks ∙ Services ∙ People Thomas Bärecke Journée Fédération, Paris Collaboration européenne GÉANT SA5 03/07/2015 SA5 T5 team

Networks ∙ Services ∙ People Thomas Bärecke Journée Fédération, Paris Collaboration européenne GÉANT SA5 03/07/2015 SA5 T5 team
Connect communicate collaborate Trust & Identity EC meets GÉANT 19 June 2014 Brussels Valter Nordh, NORDUnet Federation as a Service Task Leader Trust.

Connect communicate collaborate Trust & Identity EC meets GÉANT 19 June 2014 Brussels Valter Nordh, NORDUnet Federation as a Service Task Leader Trust.
Networks ∙ Services ∙ People www.geant.org Marina Adomeit FIM4R meeting Virtual Organisation Platform as a Service VOPaaS Nov 30, 2015, Austria Task Leader,

Networks ∙ Services ∙ People Marina Adomeit FIM4R meeting Virtual Organisation Platform as a Service VOPaaS Nov 30, 2015, Austria Task Leader,
Networks ∙ Services ∙ People www.geant.org Ann Harding eduGAIN Town Hall eduGAIN in the GÉANT Project 1.12.2015 Activity Leader GÉANT Trust and Identity.

Networks ∙ Services ∙ People Ann Harding eduGAIN Town Hall eduGAIN in the GÉANT Project Activity Leader GÉANT Trust and Identity.
Connect communicate collaborate Case Studies in Federated Identity Management for Research Communities Ann Harding, SWITCH/GN3plus Peter Gietz, DAASI International.

Connect communicate collaborate Case Studies in Federated Identity Management for Research Communities Ann Harding, SWITCH/GN3plus Peter Gietz, DAASI International.

Similar presentations

Ads by Google