Presentation is loading. Please wait.

Presentation is loading. Please wait.

CA-OPS Authentication Profiles Tony Genovese ATF team ESnet Lawrence Berkeley National Laboratory.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "CA-OPS Authentication Profiles Tony Genovese ATF team ESnet Lawrence Berkeley National Laboratory."— Presentation transcript:

1 CA-OPS Authentication Profiles Tony Genovese ATF team ESnet Lawrence Berkeley National Laboratory

2 February 2005 TERENA TF-EMC2 1 Outline Authentication Profiles Authentication Profiles Why authentication profiles?Why authentication profiles? What is in it?What is in it? General Federation documentGeneral Federation document

3 February 2005 TERENA TF-EMC2 2 Why Authentication Profiles? New Authentication services will fragment the current global trust model. New Authentication services will fragment the current global trust model. Yet, we must allow for innovations in Authentication services. Yet, we must allow for innovations in Authentication services. Classic PKI procrustean bed no longer works.Classic PKI procrustean bed no longer works. Currently a draft GGF informational doc. Currently a draft GGF informational doc.

4 February 2005 TERENA TF-EMC2 3 Authentication Profile what is in it? Authentication Services must provide basic information on: Authentication Services must provide basic information on: The governance of authentication service.The governance of authentication service. A set of membership and operational requirements.A set of membership and operational requirements. Publishing model that Relying parties can trust.Publishing model that Relying parties can trust.

5 February 2005 TERENA TF-EMC2 4 General Federation Document 1. Federation definition - description 2. General architecture 3. Identity management 4. Operational requirements 5. Site security. 6. Publication and repository responsibilities 7. Liability 8. Financial responsibilities 9. Audits and compliance 10. Privacy and confidentiality 11. Compromise and disaster recovery 12. Federation administration

6 February 2005 TERENA TF-EMC2 5 New Federations that can be profiled Any Federation with common AuthN services. Any Federation with common AuthN services. SIPS - Site Integrated Proxy services SIPS - Site Integrated Proxy services KCA exampleKCA example Site SSL support - Host certificate service Site SSL support - Host certificate service RAF - RADIUS Authentication Fabric RAF - RADIUS Authentication Fabric Active Credential Stores Active Credential Stores

7 February 2005 TERENA TF-EMC2 6 Status of document Mostly guidance material being added Mostly guidance material being added Change name to reflect focus Change name to reflect focus Authentication Federations for GridsAuthentication Federations for Grids Grid Federation templateGrid Federation template Trust Federation setupTrust Federation setup Being used by the Americas Grid PMA for chartering. Being used by the Americas Grid PMA for chartering.

Download ppt "CA-OPS Authentication Profiles Tony Genovese ATF team ESnet Lawrence Berkeley National Laboratory."

Similar presentations

RPKI Standards Activity Geoff Huston APNIC February 2010.

RPKI Standards Activity Geoff Huston APNIC February 2010.
GridShib Tom Barton, U Chicago. 2 Grid Computing Distributed computing and/or data resources Heterogeneous computing & storage environments Interfaces.

GridShib Tom Barton, U Chicago. 2 Grid Computing Distributed computing and/or data resources Heterogeneous computing & storage environments Interfaces.
Usage of PGP in TACAR 19th OGF Meeting Chapel Hill, USA February 1, 2007 Licia Florio Project Development Officer

Usage of PGP in TACAR 19th OGF Meeting Chapel Hill, USA February 1, 2007 Licia Florio Project Development Officer
International Grid Trust Federation Session GGF 20 Manchester, UK Wednesday, May 9 2007 CAOPS-WG session #2.

International Grid Trust Federation Session GGF 20 Manchester, UK Wednesday, May CAOPS-WG session #2.
© 2006 Open Grid Forum Security Area OGF19 Standard All Hands.

© 2006 Open Grid Forum Security Area OGF19 Standard All Hands.
© 2007 Open Grid Forum CAOPS-WG Christos Kanellopoulos - Yoshio Tanaka Security Area coordination & outreach OGF25, Catania March 2 nd – 3 rd, 2009.

© 2007 Open Grid Forum CAOPS-WG Christos Kanellopoulos - Yoshio Tanaka Security Area coordination & outreach OGF25, Catania March 2 nd – 3 rd, 2009.
EGI-InSPIRE RI-261323 EGI-InSPIRE EGI-InSPIRE RI-261323 AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.
Www.DOEGrids.org www.DOEGrids.org DOE’s PKI service for Grids www.DOEGrids.org Tony J. Genovese Malaga, Spain November 2003.

DOE’s PKI service for Grids Tony J. Genovese Malaga, Spain November 2003.
Identity Federation Rules and Process Linda Elliott President, PingID Network Electronic Authentication Partnership Washington, DC February 12, 2004.

Identity Federation Rules and Process Linda Elliott President, PingID Network Electronic Authentication Partnership Washington, DC February 12, 2004.
GRID Security Infrastructure: Overview and problems PKI-COORD Meeting, Amsterdam November 26, 2001 Yuri Demchenko.

GRID Security Infrastructure: Overview and problems PKI-COORD Meeting, Amsterdam November 26, 2001 Yuri Demchenko.
Donkey Project Introduction and ideas around February 21, 2003 Yuri Demchenko.

Donkey Project Introduction and ideas around February 21, 2003 Yuri Demchenko.
Experience Building and Supporting Secure Ad Hoc Collaborations Deb Agarwal Lawrence Berkeley National Laboratory Ad Hoc Collaboration - Internet2 Fall.

Experience Building and Supporting Secure Ad Hoc Collaborations Deb Agarwal Lawrence Berkeley National Laboratory Ad Hoc Collaboration - Internet2 Fall.
National Institute of Advanced Industrial Science and Technology Proposals for auditing Yoshio Tanaka Grid Technology Research.

National Institute of Advanced Industrial Science and Technology Proposals for auditing Yoshio Tanaka Grid Technology Research.
Federation of Campus PKI and Grid PKI for Academic GOC Management Conformable to APGrid PMA National Institute of Informatics, JAPAN Toshiyuki Kataoka,

Federation of Campus PKI and Grid PKI for Academic GOC Management Conformable to APGrid PMA National Institute of Informatics, JAPAN Toshiyuki Kataoka,
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org JRA3 2 nd EU Review Input David Groep NIKHEF.

INFSO-RI Enabling Grids for E-sciencE JRA3 2 nd EU Review Input David Groep NIKHEF.
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
TF-EMC2 February 2006, Zagreb Deploying Authorization Mechanisms for Federated Services in the EDUROAM Architecture (DAME) -Technical Project Proposal-

TF-EMC2 February 2006, Zagreb Deploying Authorization Mechanisms for Federated Services in the EDUROAM Architecture (DAME) -Technical Project Proposal-
DGC Paris 4.03.02 Community Authorization Service (CAS) and EDG Presentation by the Globus CAS team & Peter Kunszt, WP2.

DGC Paris Community Authorization Service (CAS) and EDG Presentation by the Globus CAS team & Peter Kunszt, WP2.
NRENs supporting Grids using current Grid technology TERENA NREN-GRID Workshop Amsterdam 2005-10-17 Milan Sova CESNET.

NRENs supporting Grids using current Grid technology TERENA NREN-GRID Workshop Amsterdam Milan Sova CESNET.

Similar presentations

Ads by Google