Presentation is loading. Please wait.

Presentation is loading. Please wait.

Bring the WLCG federation Home

Published byBlanche Turner Modified over 6 years ago

Similar presentations

Presentation on theme: "Bring the WLCG federation Home"— Presentation transcript:

1 Bring the WLCG federation Home
Extending your trust options beyond bottom-up identity by collaborating with global Research and Scholarship With support from the Authentication and Authorization for Research and Collaboration project Trust Anchor Distribution evolution supported by EGI ENGAGE

2 You all remember the bad old days …

3 And now we have this! WLCG FIM4R pilot
background: eduGAIN connected federations as of November 2014 – Brooke Schofield, TERENA

4 Evolution of Trust – from 1995 to 2020?
Every institute trusts only its own database you can trace everyone, but you get to manage all the accounts passwords are all over - and users pick the same everywhere Distributed global trust – independent third parties identification and identity vetting by CAs, a limited number but accessible to all users everywhere on their own inititiative Easing trust building – mixing assurance from different places extend identification by also leveraging your home organisation

5 Evolving for 2020! Getting to distributed global trust for open innovation, open science, open to the world how far can we push federated authentication? A single account for all your services, single sign-on for everything: from data analysis to wikis, and from file sending, and date picking to expense claims But … institutions vary a lot is your home university ready to identify you to the world? does it even want to tell WLCG who you are? ready to help you already today? Or does it need work? is it ready to help the others, sites and operators, in case of incidents? FIM4R

6 #1: Leverage the CERN User Office
Your trusty CA distribution as of next month: now with the CERN LCG IOTA CA supporting the WebFTS pilot

7 More than a pilot – a new way of life!
wLCG leverages major open science infrastructures it must work alongside more dynamic communities on the same infrastructure without separating services besides the ‘CERN LCG IOTA CA’ there will be more generic identity providers from all over the world services must be able to trust just-a-unique-name CAs for only highly-managed VOs like LCG, but not for other VOs This needs a decision in software – on CA+VO combination this software is getting there for many areas you all should encourage software providers to implement and deploy such new software in production ASAP

8 Open Science, Open to the World? Ready?
Old innovations now just seem a given: think of eduroam™ On the way…it may be bumpy! Federated access means you’ll rely on your institute a lot more Some things become easier (web) others more complicated (CLI) Meanwhile, there’ll be lot of bridging and new things to learn But: aligning with the world will bring usability benefits, and enable scenarios that for next years’ students will be their ‘natural habitat’!

9 But What Should I Do?? Ask your home organisation to join or opt-in to eduGAIN still no federation? In an eduGAIN country? Ask your local IT to join the national federation, or set up identity management! Ask them to release attributes there’s a basic set that is needed, called “Research and Scholarship” they should join that scheme Ask them to collaborate in incident response and tell us so by joining the SirTFi programme – it’s self- asserted, and we will trust them if they say so – but it means that sites and response teams know they’re able to act OK

Download ppt "Bring the WLCG federation Home"

Similar presentations

EGI-InSPIRE RI-261323 EGI-InSPIRE EGI-InSPIRE RI-261323 AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI TF, AAI workshop 19 Sep 2012.

Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI TF, AAI workshop 19 Sep 2012.
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org JRA3 2 nd EU Review Input David Groep NIKHEF.

INFSO-RI Enabling Grids for E-sciencE JRA3 2 nd EU Review Input David Groep NIKHEF.
WebFTS as a first WLCG/HEP FIM pilot

WebFTS as a first WLCG/HEP FIM pilot
Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.

Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.
Trust and Security for FIM (Sirtfi/SCI) David Kelsey (STFC-RAL) FIM4R at CERN 4 Feb 2015.

Trust and Security for FIM (Sirtfi/SCI) David Kelsey (STFC-RAL) FIM4R at CERN 4 Feb 2015.
New Developments in Authentication and Access Management Alan Robiette JISC Development Group JISC-NSF-DLI2 Meeting, 2002.

New Developments in Authentication and Access Management Alan Robiette JISC Development Group JISC-NSF-DLI2 Meeting, 2002.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
EResearchers Requirements the IGTF model of interoperable global trust and with a view towards FIM4R AAI Workshop Presenter: David Groep, Nikhef.

EResearchers Requirements the IGTF model of interoperable global trust and with a view towards FIM4R AAI Workshop Presenter: David Groep, Nikhef.
WebFTS File Transfer Web Interface for FTS3 Andrea Manzi On behalf of the FTS team Workshop on Cloud Services for File Synchronisation and Sharing.

WebFTS File Transfer Web Interface for FTS3 Andrea Manzi On behalf of the FTS team Workshop on Cloud Services for File Synchronisation and Sharing.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration Peter Solagna Milano, AARC General meeting Current status and plans.

Authentication and Authorisation for Research and Collaboration Peter Solagna Milano, AARC General meeting Current status and plans.
Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.

Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.
Www.egi.eu EGI-InSPIRE RI-261323 EGI www.egi.eu EGI-InSPIRE RI-261323 Establishing Identity in EGI the authentication trust fabric of the IGTF and EUGridPMA.

EGI-InSPIRE RI EGI EGI-InSPIRE RI Establishing Identity in EGI the authentication trust fabric of the IGTF and EUGridPMA.
Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.
Networks ∙ Services ∙ People Thomas Bärecke Journée Fédération, Paris Collaboration européenne GÉANT SA5 03/07/2015 SA5 T5 team

Networks ∙ Services ∙ People Thomas Bärecke Journée Fédération, Paris Collaboration européenne GÉANT SA5 03/07/2015 SA5 T5 team
David Groep Nikhef Amsterdam PDP & Grid Bring the WLCG federation Home Extending your trust options beyond bottom-up identity by collaborating with global.

David Groep Nikhef Amsterdam PDP & Grid Bring the WLCG federation Home Extending your trust options beyond bottom-up identity by collaborating with global.
INTRODUCTION TO IDENTITY FEDERATIONS Heather Flanagan, NSRC.

INTRODUCTION TO IDENTITY FEDERATIONS Heather Flanagan, NSRC.
Kipper – a Grid bridge to Identity Federation Andrey Kiryanov.

Kipper – a Grid bridge to Identity Federation Andrey Kiryanov.
Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 Enabling SSO capabilities in the EGI Cloud services Peter Solagna – EGI.eu.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Enabling SSO capabilities in the EGI Cloud services Peter Solagna – EGI.eu.
CERN IT Department CH-1211 Geneva 23 Switzerland www.cern.ch/i t OIS Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland.

CERN IT Department CH-1211 Geneva 23 Switzerland t OIS Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland.

Similar presentations

Ads by Google