GN3plus JRA3 T1 Attribute and Group management in the AAI environment

Similar documents
Toward the Clouds, Together!

SA7 IaaS procurement

GN3+ SA3T3 / Multi-Domain-VPN service: Collaboration of NREN s NOC

VOPaaS Virtual Organisation Platform as a Service

Strategic approach to cloud computing deployment

Agenda. NRENs, GARR and GEANT in a nutshell SDN Activities Conclusion. Mauro Campanella Internet Festival, Pisa 9 Oct

GÉANT IaaS suppliers meeting Towards Pan-European Cloud Services. Utrecht October

Licia Florio Project Development Officer Identity Federations in Europe

Introduction to perfsonar

The GÉANT Network & GN3

The FEDERICA Project: creating cloud infrastructures

GN3+ JRA1 Network Architectures for Horizon 2020

GÉANT Open Service Description. High Performance Interconnectivity to Support Advanced Research

Security in Federated e-infrastructure

9360/15 FMA/AFG/cb 1 DG G 3 C

QoS Unterstützung in der neuen Generation von Weitverkehrsnetzen und erste Erfahrungen im europaweiten Einsatz

Connected College Gives Online Learning a Boost in Hertford. Europe s fastest education network takes revenue and collaboration into the cloud

Federation of trouble ticketing systems

Collaboration in the Cloud. Niels van Dijk, SURFnet, CAMP, Nov , San Francisco

The Case for NRENs John DYER

Trial of the Infinera PXM. Guy Roberts, Mian Usman

8970/15 FMA/AFG/cb 1 DG G 3 C

GLIF End to end architecture Green paper

Open Cloud exchange (OCX)

GÉANT2. Otto Kreiter Network Engineering & Planning, DANTE

Service Quality Management for multidomain network services. Pavle Vuletić, AMRES edupert videoconference, 20 July 2015

Quantum Telecommunications Networks. Dr Tim Whitley MD, Research and Innovation, BT

The NREN cloud strategy should be aligned with the European and national policies, but also with the strategies of the member institutions.

Infinera waves on a Ciena light system

DREAMER and GN4-JRA2 on GTS

Network performance monitoring Insight into perfsonar

GÉANT for HEAnet clients

DELIVERABLE. Grant Agreement number: Europeana Cloud: Unlocking Europe s Research via The Cloud

MPLS multi-domain services MD-VPN service

PCP and PPP trends and user stories in Europe

PIONIER the national fibre optic network for new generation services Artur Binczewski, Maciej Stroiński Poznań Supercomputing and Networking Center

EUK : South Korea: IoT joint research

VoIP Network Status in Portuguese R&E

CLOUD POWER. NREN collaboration in STF

Lightpath Planning and Monitoring

Section 1: Network monitoring based on flow measurement techniques

Text Analytics and Big Data

Carrier Class Transport Network Technologies: Summary of Initial Research

Hybrid Optical and Packet Infrastructure (HOPI) Project

Sofware Engineering, Services and Cloud Computing

DANCERT RFC2350 Description Date: Dissemination Level:

Intelligent Data Center Solutions

How can the Future Internet enable Smart Energy?

Title: A Client Middleware for Token-Based Unified Single Sign On to edugain

1 Executive Summary Document Structure Business Context... 6

Workprogramme

Next Generation Networks Convergence, evolution and roadmaps

Indian NERN: ERNET. Presented by : Meharban Singh, ERNET India

SICSA SDN Workshop Event Report

Board of Member States ERN implementation strategies

Zen Internet Case Study

perfsonar MDM updates for LHCONE: VRF monitoring, updated web UI, VM images

Emerging Software Defined Networking & Open APIs Ecosystem

ICT 6: Cloud computing

Three Case Studies in Access Management

THE RESEARCH INFRASTRUCTURES IN FP7

BT 21CN Network IPv6 Transformation

RNP Experiences and Expectations in Future Internet R&D

The world is going digital

Transcription:

GN3plus JRA3 T1 Attribute and Group management in the AAI environment Maarten Kremers, SURFnet Internet2 Technology Exchange 2014, Indianapolis, IN October 29 th 2014

GÉANT (GN3plus) - vital to the EU s e-infrastructure strategy Key Facts GN3plus Start date April 1 2013 Duration 24 months Total budget 84,283,018 EC contribution 41,800,000 Participants 250+ 41 Project Partners: 38 NRENs, DANTE, TERENA, NORDUnet (representing 5 Nordic countries)! GN3plus: extension and expansion to 3rd term of the successful GÉANT networking project, vital to the EU s e-infrastructure strategy.! GÉANT vision: to become the unified European Communications Commons - driving knowledge creation as the global hub for research networking excellence! GÉANT Mission: to deliver world-class services with the highest levels of operational excellence! Co-funded: by the EU and Europe s NRENs 2

GN3plus - Innovation through collaboration for delivery of advanced networking services! Building the GÉANT eco-system through development and delivery of a world-class networking service portfolio:! Flexible connectivity options & test-bed facilities! Performance tools & expertise! Advanced AAI, cloud and mobility services! Collaborative research into state-of-the-art technology! network architectures - mobility, cloud, sensor, scientifc content delivery, high-speed mobile! identity and trust technologies! paradigm shifts in service provisioning and management! influencing global standards development! Open Calls to widen the scope and agility for innovation Delivering innovative services to end users, their projects and institutions across Europe and beyond: secure access to the network and resources they need, when and where they want it. 3

Europe s 100Gbps Network - e-infrastructure for the data deluge! Latest transmission and switching technology! Routers with 100Gbps capability! Optical transmission platform designed to provide 500Gbps super-channels! 12,000km of dark fibre! Over 100,000km of leased capacity (including transatlantic connections)! 28 main sites covering European footprint 4

GÉANT Global Connectivity - at the heart of global research networking GÉANT connects 65 countries outside of Europe, reaching all continents through international partners 5

Delivering world-class services to R&E communities JRA1: Network Architectures for Horizon 2020 JRA2: Technology Testing for Specific Service Applications JRA3: Identity & Trust Technologies for GÉANT Services SA1: Core Backbone Services SA2: Testbeds as a Service SA3: Network Service Delivery SA4: Network Support Services SA5: Application Services SA7: Support to Clouds SA6: Service Management & Operations NA1: Management NA2: Communications & Promotion NA3: Status & Trends NA4: International & Business Devpt 6

Collaboration 7

What s already there? Is getting more and more members! Opt-in by default gaining momentum Code of Conduct / Entity Category 8

Federation in Country A Federation A Federation D Federation B Service Providers Federation C Identity Providers 9

Federation A Federation D A A A Federation B Federation C 10

? Federation A s for collaboration A A Federation D? A A Federation C Federation B? Groups 11

Federation A VO1 s Federation D Federation B VO2 s Federation C 12

What more to expect?! Bring your own Identity Social Identity, Trust frameworks Institution as AA Lifelong Learning, Author Identification Persistent ID, Researcher ID AuthZ in a federated and heterogeneous environment Loosening relation between ID and Attributes à Group Providers and AA s Separating AuthN & AuthZ User in Control 13

About JRA3-T1 GN3plus Project Joint Research Activity 3 à Identity and Trust Technologies Task 1 à Attributes and Groups in the cross institution environment SURFnet, CARNet, DFN, BADW-LRZ, GARR, NORDUnet, PSNC 14

Topics Group Management across organisations (using Grouper) Group Protocol (VOOT) AA: What s out there Studentness / Simple Validation Service 15

Group Management across organisations Use of centralised group management at the federation level for authorisation purposes Authorisation information a delegated to a specific system Leveraging Attributes Authorities using tools like Grouper 16

Group Management across organisations Proof of Concept using Grouper and 3 s Grouper as SAML AA implementation guide & Feasiblity report on the set-up available https://wiki.terena.org/display/gn3pjra3/grouper+in+a+cross +organisational+context 17

Virtual Organisation Orthogonal Technology (VOOT) VOOT Use Cases VOOT specification v1 Finalised draft, gathering review comments https://wiki.terena.org/display/gn3pjra3/voot+specifications VOOT Standardisation Engaging with IETF (SCIM WG) VOOT very close to SCIM (re)work to close the gap http://voot.uninett.no 18

VOOT Protocol (High-level) Information about me {BASE}/me! The groups that I am member of {BASE}/me/Groups! List of members of a group {BASE}/Groups/{GROUPID}/members! The role for a given combination of user and group. {BASE}/Roles/{GROUPID}/{USERID}! Querying for public groups {BASE}/Groups?search={SEARCH-TERM}! 19

AA: What is out there There are many kind of tools to support Collaboration Each having its own distinct strengths 20

AA: What is out there Heterogeneous environments Both Organisational and Technical Draft White paper together with HEXAA and PERUN on the problem space in the heterogeneous environment Fields for cooperation and standardization Creating an overview (end Q4 2014) 21

Simple Validation Service (inacademia.org) Validate Studentness Added value for services who collects there own attributes Usecases in the (non) educational world: discounts https://wiki.surfnet.nl/display/svs/ SimpleValidationService+Home 22

Simple Validation Service (inacademia.org) 23

More information: https://wiki.terena.org/display/gn3pjra3 (Federated login possible! ) www.geant.net www.twitter.com/geantnews www.facebook.com/geantnetwork www.youtube.com/geanttv 24

Thank you! Maarten Kremers maarten.kremers@surfnet.nl www.geant.net www.twitter.com/geantnews www.facebook.com/geantnetwork www.youtube.com/geanttv 25

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information