Presentation is loading. Please wait.

Presentation is loading. Please wait.

OIDC Federation for Infrastructures

Published byAgus Iskandar Modified over 5 years ago

Similar presentations

Presentation on theme: "OIDC Federation for Infrastructures"— Presentation transcript:

1 OIDC Federation for Infrastructures
EUGridPMA 42 Prague, CZ

2 “establish common policies and guidelines that enable interoperable, global trust relations between providers of e-Infrastructures and cyber-infrastructures, identity providers” technology-agnostic assurance profiles (see IANA registry) with specific renderings – PKIX, Attribute Authorities, … How can we help support RI and e-Infrastructure use cases? technology bridges: TCS, RCauth.eu, IGTF-eduGAIN bridge, … native SAML R&E federation most effective through REFEDS now behind the bridges for research & collaboration, OIDC prominence!

3 OIDC Federation Task Force
The IGTF task force for OIDC Federation will identify specific objectives – I2 TechEx scope needs and requirements for R/E infrastructure OIDC Fed we will be doing that today! verify compatibility of IGTF Assurance Profile framework for ‘technology-agnosticity’ with OpenID Providers (proxies) and RPs test a OIDCFed scenario e.g. starting with use cases: WLCG, RCauth.eu, … ELIXIR, EGI CheckIn assess structure and needed meta-data in a ‘trust anchor service’, how to address RPDNC links it with dynamic client registration through ‘.well-known’ liaise with OIDC Fed efforts in AARC and GN*-*, and Roland Hedberg

4 Client ID and Client Secret
WaTTS service EGI MasterPortal MinE Credential Hosting … B2ACCESS, … SSH Proxy CLI Prometheus WebDAV portal mkProxy service Master Portal

5 OIDC Fed See spec by Roland Hedberg
scoped to the RP + Proxy case is not very complex, actually

6 OIDC Fed ‘policy’ IGTF “RP oriented” OIDC Fed can leverage existing framework connect RPs from infrastructures that are IGTF members (EGI, HPCI, OSG, WLCG, GEANT, PRAGMA, PRACE, XSEDE, …) and new IGTF RP members can join of course! Accreditation process and membership guidelines in place OPs in the federation (RI/EI IdP-SP-Proxies) use IGTF APs and Snctfi framework where needed RPs in the federation become the responsibility of their member representatives regional (‘national’) RP groups via their existing authority member for RP trust (more than today) re-use Sirtfi, WISE, and trust groups

7 Information sharing ACAMP session nodes (see Wiki)
do not over-complicate the initial set-up retain dynamics in the system by leveraging existing trust stick to OIDC core attributes makes life easier discovery – leave this for the RPs, but make our data available allow overlapping federations and be complementary (COIs) Keeping in touch (

8 Needs and Requirements
ELIXIR & Life Sciences AAI (Michal Prochazka) CILogon developments (Jim Basney) behind EGI Check-In (Nicolas Liampotis) Recommendations in AARC and GN*-* (Davide Vaghetti) WaTTS (Marcus Hardt) followed by a discussion on what tools we can use on the IGTF side (scripts, URL triggers) , what tools on the client side for auto-populating RPs (periodic cron jobs, scripts)

9

Download ppt "OIDC Federation for Infrastructures"

Similar presentations

EGI-InSPIRE RI-261323 EGI-InSPIRE EGI-InSPIRE RI-261323 AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
David Groep Nikhef Amsterdam PDP & Grid Evolving Assurance – IGTF LoA generalisation David Groep Interoperable Global Trust Federation IGTF Documents at.

David Groep Nikhef Amsterdam PDP & Grid Evolving Assurance – IGTF LoA generalisation David Groep Interoperable Global Trust Federation IGTF Documents at.
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org JRA3 2 nd EU Review Input David Groep NIKHEF.

INFSO-RI Enabling Grids for E-sciencE JRA3 2 nd EU Review Input David Groep NIKHEF.
Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.

Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
David Groep Nikhef Amsterdam PDP & Grid Evolving Assurance – going where? Collaborative, distributed, and generalized assurance beyond just identity authentication.

David Groep Nikhef Amsterdam PDP & Grid Evolving Assurance – going where? Collaborative, distributed, and generalized assurance beyond just identity authentication.
EResearchers Requirements the IGTF model of interoperable global trust and with a view towards FIM4R AAI Workshop Presenter: David Groep, Nikhef.

EResearchers Requirements the IGTF model of interoperable global trust and with a view towards FIM4R AAI Workshop Presenter: David Groep, Nikhef.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration David Kelsey AARC AHM Milan And mechanisms NA3 Task 4 – Scalable.

Authentication and Authorisation for Research and Collaboration David Kelsey AARC AHM Milan And mechanisms NA3 Task 4 – Scalable.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration Peter Solagna Milano, AARC General meeting Current status and plans.

Authentication and Authorisation for Research and Collaboration Peter Solagna Milano, AARC General meeting Current status and plans.
Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.

Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.
Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.
Networks ∙ Services ∙ People Thomas Bärecke Journée Fédération, Paris Collaboration européenne GÉANT SA5 03/07/2015 SA5 T5 team

Networks ∙ Services ∙ People Thomas Bärecke Journée Fédération, Paris Collaboration européenne GÉANT SA5 03/07/2015 SA5 T5 team
European Grid Initiative AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

European Grid Initiative AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
David Groep Nikhef Amsterdam PDP & Grid AARC Authentication and Authorisation for Research and Collaboration an impression of the road ahead.

David Groep Nikhef Amsterdam PDP & Grid AARC Authentication and Authorisation for Research and Collaboration an impression of the road ahead.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration Peter Solagna, Davide Vaghetti, et al. Topics for PY2 activities.

Authentication and Authorisation for Research and Collaboration Peter Solagna, Davide Vaghetti, et al. Topics for PY2 activities.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration Peter Solagna, Nicolas EGI AAI integration experiences AARC Project.

Authentication and Authorisation for Research and Collaboration Peter Solagna, Nicolas EGI AAI integration experiences AARC Project.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration AARC/CORBEL Workshop for Life Sciences AAI AARC Draft Blueprint.

Authentication and Authorisation for Research and Collaboration AARC/CORBEL Workshop for Life Sciences AAI AARC Draft Blueprint.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration Taipei - Taiwan Mechanisms of Interfederation 13th March 2016 Alessandra.

Authentication and Authorisation for Research and Collaboration Taipei - Taiwan Mechanisms of Interfederation 13th March 2016 Alessandra.
Security in the wider world David Kelsey (STFC-RAL) GridPP37 – Ambleside 2 Sep 2016.

Security in the wider world David Kelsey (STFC-RAL) GridPP37 – Ambleside 2 Sep 2016.
SCI & Sirtfi David Kelsey (STFC-RAL) EGI Conference, Lisbon 19 May 2015.

SCI & Sirtfi David Kelsey (STFC-RAL) EGI Conference, Lisbon 19 May 2015.

Similar presentations

Ads by Google