Presentation is loading. Please wait.

Presentation is loading. Please wait.

Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing Grant.

Similar presentations


Presentation on theme: "Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing Grant."— Presentation transcript:

1 Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing www.chain-project.eu proj-office@chain-project.eu Grant Agreement n. 306819 Federated Identities and Services: the CHAIN-REDS vision Federico Ruggieri, GARR/INFN Joint CHAIN-REDS/ELCIRA Workshop, Cancun, May 2014

2 Outline 2  Introduction  General information and CHAIN-REDS vision  Federated Identities and Services  Major achievements  The role of NRENs  Conclusions

3 Genesis II Regional e-Infrastructures Interoperability and easiness of access are issues 5

4 General information 4  Co-ordination & Harmonisation of Advanced eInfrastructures for Research and Education Data Sharing  Research Infrastructures – Support Action  Grant Agreement n. 306819  Total Costs of € 2.3 M  Max. EC contribution: € 1.52 M  Start date: 1 December 2012  Duration: 30 Months

5 Partners and roles 5  INFN (IT) – Coordinator  CIEMAT (ES) – WP4 Leader  GRNET (GR) – WP3 Leader  CESNET (CZ) – WP5 Leader  UBUNTUNET (MW) – Africa  CLARA (UR) – Latin America  IHEP (CN) – China  ASREN (DE) – Arab States  SIGMA ORIONIS (FR) – WP2 Leader  C-DAC (IN) – India

6 Project Strategic Vision CHAIN-REDS first periodic review, Madrid, January 2014 6  Promote and support technological and scientific collaboration across different eInfrastructures established and operated in various continents to facilitate their uptake and use by established and emerging Virtual Research Communities (VRCs) but also by single researchers  Not only disseminate, exchange and reinforce the best practices currently adopted in Europe and other continents, but also promote the progress of interoperability among different regional eInfrastructures  Study and define a path towards a global eInfrastructure ecosystem that will allow VRCs, research groups and even single researchers to access and efficiently use worldwide distributed resources

7 Action lines (1/2) Distributed Computing Infrastructure (WP3) DCI Provide ongoing support of the DCI road-map for intercontinental DCI collaboration, specified within the CHAIN project Regional Operation Centres (WP3) ROC Support stability of existing and emerging Regional Operation Centres. Cooperate with other projects & initiatives (e.g. AfricaConnect, TEIN3) to support the development of eInfrastructures and key VRCs in Africa, Asia, Latin America and the Middle-east Clouds for Research and Education (WP3) Cloud Support for coordination of Cloud developments for Research & Education with other regions (e.g. China, India, Latin America) 7

8 Action lines (2/2) Data Infrastructures and Repositories (WP4) Data Extend the CHAIN Knowledge Base with information on Data Infrastructures: collecting issues, best practices and identifying data repositories of direct interest for VRCs Support the study of data infrastructures for a target subset of VRCs (e.g. Agriculture, Climate Change, Health, Biomedicine, etc.) Science Gateways (WP5) SG Promote the usage of Science Gateways as a means for attracting new communities and promote the use of eInfrastructures for every researcher Federations of Identity Providers (WP5) IDF Foster the creation of Identity Federations in cooperation with Certification Authorities; promote and coordinate their usage. Support integration of different AA approaches 8

9 Collaborations 9 Data and Document Repositories Science Gateways Deployment of new IdPs Interperations and Interoperability Dissemination Policy development

10 How to check the personal Identity (Authentication) ? 10  Grid Infrastructures use X509 Digital Certificates  Highly secure system used also for computers and services  Requires a structure of Certification and Registration Authorities that cerify the identity and assign Certificates  Users need to go through a cerification process  Services need to manage and recognise certificates  Why not try to use the identity system of the organisation where the user is affiliated (Identity Providers – IdP) ?  The user already has a Username/Password or another systems he is familiar with.  The organisation can authenticate the user with many different methods: Us/Pw, Certificates, Smart Card, Fingerprint, etc.

11 11 Identity Federations in the world A lot of work still to be done 1,000’s Institutions 1,000’s Services >17 million people

12 Identity Federations (WP5) 12  BoF organised at TERENA conference  Analysis of the current and alternative AAI mechanisms with a state of the art in the regions addressed by the project – D5.1  Support for new IdPs

13 Services 13  Federations can’t be only made by IdPs  Service Providers (SP) are the other fundamental component  The success of an Identity Federation is not only in the number of IdPs but also in the number of SPs that provide services to the users and make the Federation attractive for new users

14 eduroam Service 14  WiFi access across several countries

15 GÈANT’s eduGAIN goes beyond EU 15 eduGAIN Member Joining eduGAIN Candidate Federation Existing/Pilot Federation Missing Federation

16 Authentication is not enough 16  Services require also to profile the users in order to decide what they are allowed to do (Authorisation).  How can we infer the user’s profile from his Authentication ?  We need more info attached to the confirmation of his/her identity. First Login (Registration) Create User Profile

17 17 Project’s Recommendations (D5.1)  Eduroam setup  Simple but efficient example of Federated Identity use  Make Eduroam available through all the regions  Identity provisioning  Setup and operate an IdP  Collect experience in setting up IdP (even if shared one)  Identity Management  An often missing piece of IdP setup  EU partners technology used as a starting point  Science Gateway as an IdP service  Certification Authority through IdP  Access to more “standard” services relying on certificates  Simple but useful example of a federated service  Agreement with Comodo for X.509 widely accepted certificates

18 18 CHAIN-REDS recommendations and those of the TERENA AAA Study The goal of the report has been broken down into two objectives: 1. A collection of users’ access requirements coming from different communities 2. A gap analysis of the existing AAIs used in the realm of research and education, the use-cases they support and the associated challenges

19 19 Agreement with Comodo 13 Organisations (11 NRENs); 46 domains validated Long-term agreement like TERENA TCS under discussion

20 20 The GrIDP “catch-all” Federation and its “open” and “social” IdPs

21 21 New IdPs (LA, Arab Region, sub-Saharan Africa) Many of these were deployed in strong collaboration with other projects like eI4Africa and ELCIRA

22 22 New Science Gateways (being) developed and supported by CHAIN-REDS in preparation

23 The role of NRENs 23  The NRENs are starting to offer services on top of the connectivity. This is a necessary evolution to address the needs of the users and increase the visibility of the NRENs towards the community.  The Identity Federations can favour the increase of the number of available service and users that can access them without having a different identification.  Several issues need still to be solved and NREN’s can contribute providing requirements, use cases and some software development in an OpenSource environment.  There is thus a Business Case for NRENs to work on in cooperation with EU and other Regions of the world

24 Conclusions 24  CHAIN-REDS project has successfully progressed during the first year  It has investigated the advantages and issues related to the Federations of Identity (Deliverable D5.1)  The project is actively collaborating with TERENA and promoting eduroam and eduGAIN  CHAIN-REDS has fostered the creation of new IdPs in the regions addressed by the project  The collaboration with ELCIRA in LA has been particularly significant

25 Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing www.chain-project.eu proj-office@chain-project.eu Grant Agreement n. 306819 Thank you ! www.chain-project.eu proj-office@chain-project.eu


Download ppt "Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing Grant."

Similar presentations


Ads by Google