education federation CUC 2005, Dubrovnik High-quality Internet for higher education and research

Size: px
Start display at page:

Download "education federation CUC 2005, Dubrovnik High-quality Internet for higher education and research"

Transcription

1 eduroam: towards a pan-european research and education federation CUC 2005, Dubrovnik Klaas.Wierenga@surfnet.nl

2 Contents Introduction to federations Federations for education Network access: eduroam Application access Conclusions

3 Ingredients of an AAI (CUC 2004) Network Authentication Authorisation Login Administration (web)application

4 Buzzword of the day: Federations

5

6

7

8

9 Federations Federations enable the sharing of resources A federation is constituted by a set of agreements between peers In a federation agreement there needs to be a common language Federations can be part of bigger federations Federations can cooperate with other federations: confederations

10 Federations for education

11 First life was easy University of Dubrovnik Fysics Network Arts E-learning website Student Miro Social Sciences

12 Inter-faculty collaboration University of Dubrovnik Fysics Network Arts E-learning website Social Sciences Network Student Miro E-learning website Student Dubravko

13 Inter-institution collaboration University of Zagreb University of Dubrovnik Fysics Network Arts E-learning website Fysics Social Sciences Network E-learning website Network Student Miro Arts E-learning website Social Sciences Network Student Dubravko E-learning website

14 Life becomes easy again University of Dubrovnik SRCE Student Miro Resource

15 Federations for education Enable the sharing of educational resources Network Applications Online learning systems Require agreement on: Responsibilities Liability Technology Language

16 Federation for network access eduroam

17 Wireless LAN is unsafe tcpdump -n -i eth1 19:52: > : icmp: echo request 19:52: > : icmp: echo reply 19:52: > : icmp: echo request 19:52: > : icmp: echo reply 19:52: > : icmp: echo request 19:52: > : icmp: echo reply ^C

18 Users are mobile International connectivity University A WLAN Access Provider WLAN SURFnet backbone University B WLAN Access Provider GPRS/ UMTS Access Provider Cable Access Provider ADSL

19 Requirements Identify users uniquely at the edge of the network No session hijacking Enable guest usage Scalable Local user administration and authentication Easy to install and use At the most one-time installation by the user Open Secure

20 eduroam architecture Security based on 802.1X Integration with VLAN assignment Protection of credentials Provides basis for new wireless security standards WPA and i Authentication based on EAP Different authentication mechanisms possible by using EAP (Extensible Authentication prototcol) Username/password X.509 certificates SIM-cards Roaming based on RADIUS proxying Remote Authentication Dial In User Service Transport-protocol for authentication information Trust fabric based on: Technical: RADIUS hierarchy Policy: Documents/contracts that define the responsibilities of user, institution, NREN and the EduRoam federation

21 Secure access to the network with 802.1X Supplicant Authenticator RADIUS server (AP or switch) University A User DB jan@student.university_a.nl Internet Employee VLAN Commercial VLAN Student VLAN 802.1X signaling data (VLAN assigment)

22 eduroam Supplicant Authenticator (AP or switch) RADIUS server RADIUS server User DB University A Gast University B SURFnet piet@university_b.nl Employee VLAN Commercial VLAN Student VLAN signalling data Central RADIUS Proxy server Trust based on RADIUS plus policy documents 802.1X (VLAN assigment) User DB

23 Status of eduroam Over 400 institutions in Europe, Australia and Taiwan USA, Sweden, Belgium will follow shortly

24 Members TNC/CUC 2003: eduroam used for the first time at a conference

25 eduroam Provides global network roaming Strong technical foundation: RADIUS 802.1X Lingua Franca: EAP Needs ubiquity CARNet is ready for it, it s now up to you!

26 Federations for application access edugain

27 eduroam for application access? European Server.hr.ac.uk.nl carnet.hr Uva.nl Resource How do these applications communicate? How can you protect credentials?

28 Centralise authentication: A-Select Black box that: Accepts many authentication methods Interfaces with many applications

29 But There are more: PAPI FEIDE/Moria CAS PingID PERMIS SPOCP and Shibboleth Do the pieces of the puzzle fit?

30 Shibboleth SWITCH Allows institutions that belong to the same federation to share resources Lingua Franca: SAML

31 edugain Goal: to federate federations Web-services and SAML based As much as possible Shibboleth compatible 4 basic interactions: AuthnReq/Resp HLSReq/Resp AttrReq/Resp AuthZReq/Resp Defining parameters, protocols and profiles Existing solutions (Shibboleth, PAPI, A-Select etc.) will move to edugain

32 Conclusions

33 Conclusions To err is human, to federate is divine! Federation for network access: eduroam Federation for application access: edugain So: join and

34 use..

35 Turn the puzzle Network Authentication Authorisation Login Administration (web)application

36 Into..

37 More information eduroam in SURFnet eduroam in Europa TERENA TF-Mobility Géant2 Joint Research Activity 5 (authorisation and roaming) (click on research) The unofficial IEEE security page

GN2 JRA5: Roaming and Authorisation

GN2 JRA5: Roaming and Authorisation GN2 JRA5: Roaming and Authorisation Jürgen Rauschenbach, DFN TF-NGN Athens 03/11/05 Introduction JRA5 builds a European Roaming Infrastructure (eduroamng) taking into account existing experience from the

More information

Cross-organisational roaming on wireless LANs based on the 802.1X framework Author:

Cross-organisational roaming on wireless LANs based on the 802.1X framework Author: Cross-organisational roaming on wireless LANs based on the 802.1X framework Author: Klaas Wierenga SURFnet bv P.O. Box 19035 3501 DA Utrecht The Netherlands e-mail: Klaas.Wierenga@SURFnet.nl Keywords:

More information

eduroam und andere Themen in GN2-JRA5

eduroam und andere Themen in GN2-JRA5 eduroam und andere Themen in GN2-JRA5 DFNRoaming Workshop Stuttgart 30 November 2006 Jürgen Rauschenbach, DFN-Verein, jrau@dfn.de Inhalt Das GÉANT2 Projekt JRA5 Visionen Was sind Föderationen? eduroam

More information

Connect. Communicate. Collaborate. GN2 JRA5 update. Jürgen Rauschenbach (DFN), JRA5 team 04/02/08 Marseille. JRA5 Team

Connect. Communicate. Collaborate. GN2 JRA5 update. Jürgen Rauschenbach (DFN), JRA5 team 04/02/08 Marseille. JRA5 Team GN2 JRA5 update Jürgen Rauschenbach (DFN), JRA5 team 04/02/08 Marseille eduroam Working on the eduroam database and a new dissemination look (maps) RadSec release 1.0 Beta is out - reasonable stable and

More information

The challenges of (non-)openness:

The challenges of (non-)openness: The challenges of (non-)openness: Trust and Identity in Research and Education. DEI 2018, Zagreb, April 2018 Ann Harding, SWITCH/GEANT @hardingar Who am I? Why am I here? Medieval History, Computer Science

More information

Introduction to eduroam

Introduction to eduroam Introduction to eduroam eduroam (education roaming) is the secure, world-wide roaming access service developed for the international research and education community. Poll Brief History eduroam initiative

More information

1.3 More information about eduroam is available at the relevant eduroam Service Provider (ESP) website detailed in Schedule 1 of this document.

1.3 More information about eduroam is available at the relevant eduroam Service Provider (ESP) website detailed in Schedule 1 of this document. 1.0 Background to this document 1.1 This document sets out guidelines that cover the control of the supply and receipt of Internet access for educational purposes, that is primarily (but not exclusively)

More information

ilight/gigapop eduroam Discussion Campus Network Engineering

ilight/gigapop eduroam Discussion Campus Network Engineering ilight/gigapop eduroam Discussion Campus Network Engineering By: James W. Dickerson Jr. May 10, 2017 What is eduroam?» eduroam (education roaming) is an international roaming service for users in research,

More information

Wireless access for Oxford University Staff on Oxfordshire NHS sites

Wireless access for Oxford University Staff on Oxfordshire NHS sites Wireless access for Oxford University Staff on Oxfordshire NHS sites Oxon Health Informatics Service (OHIS) Background and scope. OHIS design, configure, install and maintain all the network (wired and

More information

JRA5: Roaming and Authorisation

JRA5: Roaming and Authorisation JRA5: Roaming and Authorisation Jürgen Rauschenbach, DFN-Verein 7 th TF-EMC2 Meeting, Malaga 16 17 October 2006 Introduction JRA5 will build a European Roaming Infrastructure based on eduroam JRA5 will

More information

GÉANT Services Supporting International Networking and Collaboration

GÉANT Services Supporting International Networking and Collaboration GÉANT Services Supporting International Networking and Collaboration Karl Meyer December 2017 GÉANT Who we are and what we do To support collaboration and development amongst researchers, the dissemination

More information

Deliverable DJ Inter-NREN roaming technical specification document

Deliverable DJ Inter-NREN roaming technical specification document 22.06.06 Deliverable DJ5.1.4: Inter-NREN roaming technical specification document Deliverable DJ5.1.4 Contractual Date: 31/01/06 Actual Date: 22/06/06 Contract Number: 511082 Instrument type: Integrated

More information

GN2 JRA5: Roaming and Authorisation - recent results

GN2 JRA5: Roaming and Authorisation - recent results GN2 JRA5: Roaming and Authorisation - recent results Jürgen Rauschenbach (DFN), Klaas Wierenga (SURFnet), Diego Lopez (RedIRIS), Content Overview Roaming infrastructure AAI Structure and Partners JRA5

More information

Guide to Configuring eduroam Using the Aruba Wireless Controller and ClearPass RADIUS

Guide to Configuring eduroam Using the Aruba Wireless Controller and ClearPass RADIUS Guide to Configuring eduroam Using the Aruba Wireless Controller and ClearPass RADIUS Best Practice Document Produced by the UNINETT-led Campus Networking working group Authors: Tom Myren (UNINETT), John-Egil

More information

Intro to Federated Iden2ty with eduroam and edugain

Intro to Federated Iden2ty with eduroam and edugain Intro to Federated Iden2ty with eduroam and edugain Brook Schofield edugain Product Manager GÉANT Virtually @ Eko- Konnect, Lagos, Nigeria 7 th October 2015 The computer lab Image URL: hqp://www.fox.temple.edu/cms_about-

More information

Federated Identities and Services: the CHAIN-REDS vision

Federated Identities and Services: the CHAIN-REDS vision Co-ordination & Harmonisation of Advanced e-infrastructures for Research and Education Data Sharing Federated Identities and Services: the CHAIN-REDS vision Federico Ruggieri, GARR/INFN Joint CHAIN-REDS/ELCIRA

More information

Federated Authentication for E-Infrastructures

Federated Authentication for E-Infrastructures Federated Authentication for E-Infrastructures A growing challenge for on-line e-infrastructures is to manage an increasing number of user accounts, ensuring that accounts are only used by their intended

More information

Exam HP2-Z32 Implementing HP MSM Wireless Networks Version: 7.1 [ Total Questions: 115 ]

Exam HP2-Z32 Implementing HP MSM Wireless Networks Version: 7.1 [ Total Questions: 115 ] s@lm@n HP Exam HP2-Z32 Implementing HP MSM Wireless Networks Version: 7.1 [ Total Questions: 115 ] HP HP2-Z32 : Practice Test Question No : 1 What is a proper use for an ingress VLAN in an HP MSM VSC?

More information

TERENA TF-ECS Activity 2 Overview of national activities and deployments

TERENA TF-ECS Activity 2 Overview of national activities and deployments TERENA TF-ECS Activity 2 Overview of national activities and deployments Author: Fabio Vena (SWITCH), contributions from all Version Author Modification Date 0.1 Fabio Vena Initial draft 2007.05.11. 0.2

More information

Scottish Wide Area Network (SWAN) update & Partnership Connectivity

Scottish Wide Area Network (SWAN) update & Partnership Connectivity Scottish Wide Area Network (SWAN) update & Partnership Connectivity Scotland NHS-HE Forum 27 th October, 2016 Andrew Howe, University of St Andrews Ron MacDonald, National Services Scotland Partnership

More information

GÉANT Community Programme

GÉANT Community Programme GÉANT Community Programme Building the community Klaas Wierenga Chief Community Support Officer GÉANT Information day, Tirana, 5 th April 1 Membership Association = very large community to serve GÉANT

More information

AARC. Christos Kanellopoulos AARC Architecture WP Leader GRNET. Authentication and Authorisation for Research and Collaboration

AARC. Christos Kanellopoulos AARC Architecture WP Leader GRNET. Authentication and Authorisation for Research and Collaboration Authentication and Authorisation for Research and Collaboration AARC Christos Kanellopoulos AARC Architecture WP Leader GRNET Open Day Event: Towards the European Open Science Cloud January 20, 2016 AARC

More information

Introduction to 802.1X Operations for Cisco Security Professionals (802.1X)

Introduction to 802.1X Operations for Cisco Security Professionals (802.1X) Introduction to 802.1X Operations for Cisco Security Professionals (802.1X) The goal of the course is to provide students with foundational knowledge in the capabilities and functions of the IEEE 802.1x

More information

Preliminary selection for inter-nren roaming. Version: 1.0

Preliminary selection for inter-nren roaming. Version: 1.0 Title: Preliminary selection for inter-nren roaming Version: 1.0 Published date: 19 th December 2003 Editors: James Sankar (UKERNA) Tim Chown (University of Southampton) Contributors: Klaas Wierenga (SURFnet)

More information

TERENA Technical Report. TF-Mobility. Inter-NREN roaming. Final Report. James Sankar UKERNA Klaas Wierenga - SURFnet

TERENA Technical Report. TF-Mobility. Inter-NREN roaming. Final Report. James Sankar UKERNA Klaas Wierenga - SURFnet TERENA Technical Report TF-Mobility Inter-NREN roaming Final Report James Sankar UKERNA Klaas Wierenga - SURFnet This report summarises the work of the TERENA Mobility Task Force that has been working

More information

New trends in Identity Management

New trends in Identity Management New trends in Identity Management Peter Gietz, DAASI International GmbH peter.gietz@daasi.de Track on Research and Education Networking in South East Europe, Yu Info 2007, Kopaionik, Serbia 14 March 2007

More information

EUMEDCONNECT3 and European R&E Developments

EUMEDCONNECT3 and European R&E Developments EUMEDCONNECT3 and European R&E Developments David West DANTE 17 September 2012 INTERNET2 Middle SIG, Abu Dhabi The Research and Education Network for the Mediterranean Covering GEANT Other regional network

More information

TF-EMC2 Meeting March Florence, Italy

TF-EMC2 Meeting March Florence, Italy TF-EMC2 Meeting 28-29 March Florence, Italy Introduction Diego opened the meeting and welcomed the participants. SCS updates Guy Guy gave an update on the SCS service. There were some recent changes within

More information

How to connect your device using eduroam

How to connect your device using eduroam How to connect your device using eduroam Banaras Hindu University is now fully covered under eduroam, a service with more than 70,000 member academic institutions worldwide. This service allows authorized

More information

Federated authentication for e-infrastructures

Federated authentication for e-infrastructures Federated authentication for e-infrastructures 5 September 2014 Federated Authentication for E-Infrastructures Jisc Published under the CC BY 4.0 licence creativecommons.org/licenses/by/4.0/ Contents Introduction

More information

Results from the EARNEST Technical Study

Results from the EARNEST Technical Study EARNEST Workshop, Amsterdam, 8 May 2007 Results from the EARNEST Technical Study Licia Florio, TERENA florio@terena.org Agenda Technical study Lower layers preliminary results Middleware preliminary results

More information

Extending Services with Federated Identity Management

Extending Services with Federated Identity Management Extending Services with Federated Identity Management Wes Hubert Information Technology Analyst Overview General Concepts Higher Education Federations eduroam InCommon Federation Infrastructure Trust Agreements

More information

National R&E Networks: Engines for innovation in research

National R&E Networks: Engines for innovation in research National R&E Networks: Engines for innovation in research Erik-Jan Bos EGI Technical Forum 2010 Amsterdam, The Netherlands September 15, 2010 Erik-Jan Bos - Chief Technology Officer at Dutch NREN SURFnet

More information

Your wireless network

Your wireless network Your wireless network How to ensure you are meeting Government security standards Cabinet Office best practice Wi-Fi guidelines Overview Cyber Security is a hot topic but where do you start? The Cabinet

More information

Unfortunately it was not possible to have people from GRID, so the scenario described in this reports is not complete.

Unfortunately it was not possible to have people from GRID, so the scenario described in this reports is not complete. AA Workshop Report 26-27 November, 2002 Stockholm, Sweden Programme The first workshop about authentication and authorization infrastructure, foreseen in the Terms of Reference of TF-AACE, was arranged

More information

AA Developers Meeting

AA Developers Meeting AA Developers Meeting Attendees Alan Robiette Ali Odaci Bob Morgan David Chadwick David Orrell Diego Lopez Ingrid Melve Licia Florio Lyn Norris Maarten Koopmans Roland Hedberg Thomas Lenggenhager Ton Verschuren

More information

Greek Research and Technology Network. Authentication & Authorization Infrastructure. Faidon Liambotis. grnet

Greek Research and Technology Network. Authentication & Authorization Infrastructure. Faidon Liambotis. grnet Greek Research and Technology Network Authentication & Authorization Infrastructure Faidon Liambotis faidon@.gr Networking Research and Education February 22 nd, 2011 1 Who am I? Servers & Services Engineer,

More information

Authentication and Security: IEEE 802.1x and protocols EAP based

Authentication and Security: IEEE 802.1x and protocols EAP based Authentication and Security: IEEE 802.1x and protocols EAP based Pietro Nicoletti Piero[at]studioreti.it 802-1-X-EAP-Eng - 1 P. Nicoletti: see note pag. 2 Copyright note These slides are protected by copyright

More information

New Windows build with WLAN access

New Windows build with WLAN access New Windows build with WLAN access SecRep 24 17-18 May 2016 Ahmed Benallegue/Hassan El Ghouizy/Priyan Ariyansinghe ECMWF network_services@ecmwf.int ECMWF May 19, 2016 Introduction Drivers for the new WLAN

More information

WP JRA1: Architectures for an integrated and interoperable AAI

WP JRA1: Architectures for an integrated and interoperable AAI Authentication and Authorisation for Research and Collaboration WP JRA1: Architectures for an integrated and interoperable AAI Christos Kanellopoulos Agenda Structure and administrative matters Objectives

More information

EAPlab the ultimate EAP testing facility developed within the SENSE project

EAPlab the ultimate EAP testing facility developed within the SENSE project EAPlab the ultimate EAP testing facility developed within the SENSE project Tomasz Wolniewicz (PSNC & Nicolaus Copernicus University) TF-MNM 16 Apr 2015 EAPlab what is it? Testing environment

More information

ITDUMPS QUESTION & ANSWER. Accurate study guides, High passing rate! IT dumps provides update free of charge in one year!

ITDUMPS QUESTION & ANSWER. Accurate study guides, High passing rate! IT dumps provides update free of charge in one year! ITDUMPS QUESTION & ANSWER Accurate study guides, High passing rate! IT dumps provides update free of charge in one year! HTTP://WWW.ITDUMPS.COM Exam : 200-105 Title : Interconnecting Cisco Networking Devices

More information

The IRISGrid Infrastructure Seamless Support for VOs. JRES2005, Marseille

The IRISGrid Infrastructure Seamless Support for VOs. JRES2005, Marseille The IRISGrid Infrastructure Seamless Support for VOs Virtual Organisations Why a support infrastructure s own and require resources Shared Collective Resource Resource Resource Resource Resource Resource

More information

Next-Generation Identity Federations. Andreas Åkre Solberg

Next-Generation Identity Federations. Andreas Åkre Solberg Next-Generation Identity Federations Andreas Åkre Solberg Identity Federations GÉANT3 JRA3 Task 2 Solving current challenges, and exploring next generation Identity Management Systems. 3 Research Activity

More information

Integration Guide. Eduroam

Integration Guide. Eduroam Integration Guide Eduroam Revised: 16 August 2017 About This Guide Guide Type Documented Integration WatchGuard or a Technology Partner has provided documentation demonstrating integration Guide Details

More information

GN3plus External Advisory Committee. White Paper on the Structure of GÉANT Research & Development

GN3plus External Advisory Committee. White Paper on the Structure of GÉANT Research & Development White Paper on the Structure of GÉANT Research & Development Executive Summary The External Advisory Committee (EAC) of GN3plus is a consultative and advisory body providing an external perspective to

More information

Managing the lifecycle of XACML delegation policies in federated environments

Managing the lifecycle of XACML delegation policies in federated environments Managing the lifecycle of XACML delegation policies in federated environments Manuel Sánchez, Óscar Cánovas, Gabriel López, Antonio F. Gómez-Skarmeta Abstract This paper presents an infrastructure that

More information

Contents. Windows 7 Instructions Windows 10 Instructions Android Instructions Mac OS Instructions ios Instructions...

Contents. Windows 7 Instructions Windows 10 Instructions Android Instructions Mac OS Instructions ios Instructions... The following provides instructions on how to connect to the SJCD-Secure Wireless Network from a variety of operating systems and devices. If you experience any difficulty with these instructions, please

More information

Mobility Workshop TERENA, Amsterdam March 06, Meeting report by: Licia FLORIO, TERENA March 12, Participants List

Mobility Workshop TERENA, Amsterdam March 06, Meeting report by: Licia FLORIO, TERENA March 12, Participants List Mobility Workshop TERENA, Amsterdam March 06, 2002 Meeting report by: Licia FLORIO, TERENA March 12, 2002 Participants List Carsten Bormann Universität Bremen TZI Valentino Cavalli TERENA Martin Dunmore

More information

Cisco Exam Questions and Answers (PDF) Cisco Exam Questions BrainDumps

Cisco Exam Questions and Answers (PDF) Cisco Exam Questions BrainDumps Cisco 300-375 Dumps with Valid 300-375 Exam Questions PDF [2018] The Cisco 300-375 Securing Cisco Wireless Enterprise Networks (WISECURE) exam is an ultimate source for professionals to retain their credentials

More information

EGI Check-in service. Secure and user-friendly federated authentication and authorisation

EGI Check-in service. Secure and user-friendly federated authentication and authorisation EGI Check-in service Secure and user-friendly federated authentication and authorisation EGI Check-in Secure and user-friendly federated authentication and authorisation Check-in provides a reliable and

More information

TechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003

TechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003 TechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003 Yuri Demchenko Outline TechSec WG liaison with CSIRT community! Results and developments

More information

Configure 802.1x Authentication with PEAP, ISE 2.1 and WLC 8.3

Configure 802.1x Authentication with PEAP, ISE 2.1 and WLC 8.3 Configure 802.1x Authentication with PEAP, ISE 2.1 and WLC 8.3 Contents Introduction Prerequisites Requirements Components Used Configure Network Diagram Configuration Declare RADIUS Server on WLC Create

More information

Integrating Federations in the International Grid Trust Fabric

Integrating Federations in the International Grid Trust Fabric Integrating Federations in the International Grid Trust Fabric David Groep Nikhef Dutch national institute for sub-atomic physics Grids, Eduroam, Federations Different terms, same issues How to provide

More information

Canadian Access Federation: Trust Assertion Document (TAD)

Canadian Access Federation: Trust Assertion Document (TAD) Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert authoritative and accurate identity attributes to resources being accessed, and that Participants

More information

ENHANCING PUBLIC WIFI SECURITY

ENHANCING PUBLIC WIFI SECURITY ENHANCING PUBLIC WIFI SECURITY A Technical Paper prepared for SCTE/ISBE by Ivan Ong Principal Engineer Comcast 1701 John F Kennedy Blvd Philadelphia, PA 19103 215-286-2493 Ivan_Ong@comcast.com 2017 SCTE-ISBE

More information

PROTECTED EXTENSIBLE AUTHENTICATION PROTOCOL

PROTECTED EXTENSIBLE AUTHENTICATION PROTOCOL Q&A PROTECTED EXTENSIBLE AUTHENTICATION PROTOCOL This document answers questions about Protected Extensible Authentication Protocol. OVERVIEW Q. What is Protected Extensible Authentication Protocol? A.

More information

Options for Joining edugain. Lukas Hämmerle, SWITCH DARIAH Workshop, Köln 18 October 2013

Options for Joining edugain. Lukas Hämmerle, SWITCH DARIAH Workshop, Köln 18 October 2013 Options for Joining edugain Lukas Hämmerle, SWITCH DARIAH Workshop, Köln 18 October 2013 Outline 1. GE ANT and the Enabling Users task 2. Options to Join edugain 3. Discussion 2 GÉANT (GN3plus) - vital

More information

The National Research and Education Network. Problems and Solutions

The National Research and Education Network. Problems and Solutions The National Research and Education Network. Problems and Solutions Vladimir Sahakyan Director of the Institute for Informatics and Automation Problems of the National Academy of Sciences of the Republic

More information

Advancing European R&E through collaboration

Advancing European R&E through collaboration Advancing European R&E through collaboration CESNET Conference Erik Huizer, GÉANT, 11 th December 2017 To support collaboration and development amongst researchers, the dissemination of information & knowledge,

More information

ACCP-V6.2Q&As. Aruba Certified Clearpass Professional v6.2. Pass Aruba ACCP-V6.2 Exam with 100% Guarantee

ACCP-V6.2Q&As. Aruba Certified Clearpass Professional v6.2. Pass Aruba ACCP-V6.2 Exam with 100% Guarantee ACCP-V6.2Q&As Aruba Certified Clearpass Professional v6.2 Pass Aruba ACCP-V6.2 Exam with 100% Guarantee Free Download Real Questions & Answers PDF and VCE file from: 100% Passing Guarantee 100% Money Back

More information

Introduction to eduroam

Introduction to eduroam SLIDE 1 - COPYRIGHT 2015 Introduction to eduroam LEARN eduroam Workshop 6 th May 2016 2 SLIDE 2 - COPYRIGHT 2015 Introduction Paul Hii Australia s National Research and Education Network (NREN) UC & Video

More information

GARR services for the biomedical community a NETWORK AND SERVICES FOR THE BIOMEDICAL COMMUNITY

GARR services for the biomedical community a NETWORK AND SERVICES FOR THE BIOMEDICAL COMMUNITY GARR services for the biomedical community a NETWORK AND SERVICES FOR THE BIOMEDICAL COMMUNITY SABRINA TOMASSINI Roma, 31/10/2018 EaP Connect e-health Workshop 2018 Project goals connect the research network

More information

Cookbook for Configuration of HP Wireless Equipment Best Practice Document

Cookbook for Configuration of HP Wireless Equipment Best Practice Document Cookbook for Configuration of HP Wireless Equipment Best Practice Document Produced by CESNET led working group on Network monitoring (CBPD125) Authors: Tomas Podermanski, Vladimir Zahorik March 2010 TERENA

More information

FPS BYOD Wireless Network

FPS BYOD Wireless Network FPS BYOD Wireless Network This document will help users connect their personally owned wireless devices to Framingham Public Schools BYOD wireless network. Visitors: If you have a visitor with a personal

More information

HP0-Y44. Implementing and Troubleshooting HP Wireless Networks.

HP0-Y44. Implementing and Troubleshooting HP Wireless Networks. HP HP0-Y44 Implementing and Troubleshooting HP Wireless Networks http://killexams.com/exam-detail/hp0-y44 C. The user s access list does not permit any traffic. D. The users egress VLAN does not match

More information

The following chart provides the breakdown of exam as to the weight of each section of the exam.

The following chart provides the breakdown of exam as to the weight of each section of the exam. Introduction The CWSP-205 exam, covering the 2015 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those

More information

Vendor: HP. Exam Code: HP2-Z32. Exam Name: Implementing HP MSM Wireless Networks. Version: Demo

Vendor: HP. Exam Code: HP2-Z32. Exam Name: Implementing HP MSM Wireless Networks. Version: Demo Vendor: HP Exam Code: HP2-Z32 Exam Name: Implementing HP MSM Wireless Networks Version: Demo QUESTION 1 A network administrator deploys several HP MSM APs and an HP MSM Controller. The APs discover the

More information

Network Security: WLAN Mobility. Tuomas Aura CS-E4300 Network security Aalto University, Autumn 2017

Network Security: WLAN Mobility. Tuomas Aura CS-E4300 Network security Aalto University, Autumn 2017 Network Security: WLAN Mobility Tuomas Aura CS-E4300 Network security Aalto University, Autumn 2017 Outline Link-layer mobility in WLAN Password-based authentication for WLAN Eduroam case study 2 LINK-LAYER

More information

EGI-InSPIRE. GridCertLib Shibboleth authentication for X.509 certificates and Grid proxies. Sergio Maffioletti

EGI-InSPIRE. GridCertLib Shibboleth authentication for X.509 certificates and Grid proxies. Sergio Maffioletti EGI-InSPIRE GridCertLib Shibboleth authentication for X.509 certificates and Grid proxies Sergio Maffioletti Grid Computing Competence Centre, University of Zurich http://www.gc3.uzh.ch/

More information

Policy Management and Inter-domain Mobility for eduroam through virtual Access Points (vaps)

Policy Management and Inter-domain Mobility for eduroam through virtual Access Points (vaps) Policy Management and Inter-domain Mobility for eduroam through virtual Access Points (vaps) Daniel Camps-Mur (daniel.camps@i2cat.net), I2CAT Foundation, ES Ilker Demirkol (ilker.demirkol@entel.upc.edu),

More information

COPYRIGHTED MATERIAL. Contents

COPYRIGHTED MATERIAL. Contents Contents Foreword Introduction xxv xxvii Assessment Test xxxviii Chapter 1 WLAN Security Overview 1 Standards Organizations 3 International Organization for Standardization (ISO) 3 Institute of Electrical

More information

2010 Kerberos Conference

2010 Kerberos Conference 2010 Kerberos Conference MIT, Cambridge 26-27 October, 2010 Josh Howlett, Strategic Projects Leader, JANET(UK) & Sam Hartman, Painless Security LLC Contents Background Use-cases Brief overview of architecture

More information

Reference Card: How to connect Windows 7 to UniWireless

Reference Card: How to connect Windows 7 to UniWireless Reference Card: How to connect Windows 7 to UniWireless Important Information Windows 7 is not supported by ITS. These instructions provided are only a guide and do not provide any troubleshooting assistance.

More information

Release Notes for the Nortel Networks Wireless LAN Mobile Adapter 2201 Release

Release Notes for the Nortel Networks Wireless LAN Mobile Adapter 2201 Release Part No. 216582-A April 2004 4655 Great America Parkway Santa Clara, CA 95054 Release Notes for the Nortel Networks Wireless LAN Mobile Adapter 2201 Release 1.1.0.0 *216582-A* 2 Copyright 2004 Nortel Networks

More information

Moonshot. Workshop on Federated Identity and (OpenStack) Cloud Services - SWITCH

Moonshot. Workshop on Federated Identity and (OpenStack) Cloud Services - SWITCH Moonshot Workshop on Federated Identity and (OpenStack) Cloud Services - SWITCH 2 ABFAB - Federated access beyond web Why?» You ve heard of eduroam Federated network access» You ve heard of Shibboleth,

More information

Goal. TeraGrid. Challenges. Federated Login to TeraGrid

Goal. TeraGrid. Challenges. Federated Login to TeraGrid Goal Federated Login to Jim Basney Terry Fleury Von Welch Enable researchers to use the authentication method of their home organization for access to Researchers don t need to use -specific credentials

More information

Collaborative Technologies and Enterprise Middleware:

Collaborative Technologies and Enterprise Middleware: Collaborative Technologies and Enterprise Middleware: A View of the Next Few Years A Day in the Life of Jean Blue Chair: OOPS! After the break, we will have Session 2D: Middleware Authentication (instead

More information

Canadian Access Federation: Trust Assertion Document (TAD)

Canadian Access Federation: Trust Assertion Document (TAD) Participant Name: St. Thomas University Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert

More information

Wireless Integration Overview

Wireless Integration Overview Version: 4.1.1 Date: 12/28/2010 Copyright Notice Copyright 2010 by Bradford Networks, Inc. All rights reserved worldwide. Use, duplication, or disclosure by the United States government is subject to the

More information

A collaboration overview: From TF-VSS to GN2 SA6

A collaboration overview: From TF-VSS to GN2 SA6 A collaboration overview: From TF-VSS to GN2 SA6 András Kovács, NIIF/HUNGARNET GN3 SA3-T4 educonf Workshop, Lisbon 19 October 2010 Introduction a bit of history National VC services: Endpoint deployment:

More information

AARC Blueprint Architecture

AARC Blueprint Architecture AARC Blueprint Architecture Published Date: 18-04-2017 Revision: 1.0 Work Package: Document Code: Document URL: JRA1 AARC-BPA-2017 https://aarc-project.eu/blueprint-architecture AARC Blueprint Architecture

More information

Introduction to Identity Management Systems

Introduction to Identity Management Systems Introduction to Identity Management Systems Ajay Daryanani Middleware Engineer, RedIRIS / Red.es Kopaonik, 13th March 2007 1 1 Outline 1. Reasons for IdM 2. IdM Roadmap 3. Definitions 4. Components and

More information

AARC Overview. Licia Florio, David Groep. 21 Jan presented by David Groep, Nikhef.

AARC Overview. Licia Florio, David Groep. 21 Jan presented by David Groep, Nikhef. AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef AARC? Authentication and Authorisation for Research and Collaboration support the collaboration model across institutional

More information

Federated access to e-infrastructures worldwide

Federated access to e-infrastructures worldwide Federated access to e-infrastructures worldwide Marco Fargetta, INFN Catania - Italy (marco.fargetta@ct.infn.it) DCIs developed in the last decade 2 Evolution Research organisations are moving to cloud

More information

TopGlobal MB8000 Hotspots Solution

TopGlobal MB8000 Hotspots Solution MB8000 s MB8000 is a mobile/portable wireless communication gateway. It combines the best of Wi-Fi technology and 2.5G/3G mobile communication technology. WISP can deploy their wireless hotspots with MB8000

More information

Marko Bonač, Tomi Dolenc Academic and Research Network of Slovenia

Marko Bonač, Tomi Dolenc Academic and Research Network of Slovenia NREN Services for Schools in Slovenia Marko Bonač, Tomi Dolenc Academic and Research Network of Slovenia tomi.dolenc@arnes.si marko.bonac@arnes.si ARNES services for schools Connectivity Access network

More information

How to connect to Wi-Fi

How to connect to Wi-Fi 41 How to connect to Wi-Fi LSBU uses the eduroam service to connect Wi-Fi devices. Once you are set up you will automatically be connected whenever you are in range. Wireless Internet access is available

More information

Introducing Shibboleth. Sebastian Rieger

Introducing Shibboleth. Sebastian Rieger Introducing Shibboleth Sebastian Rieger sebastian.rieger@gwdg.de Gesellschaft für wissenschaftliche Datenverarbeitung mbh Göttingen, Germany CLARIN AAI Hands On Workshop, 25.02.2009, Oxford eresearch Center

More information

Diamond Moonshot Pilot Participation

Diamond Moonshot Pilot Participation Diamond Moonshot Pilot Participation Presentation to Networkshop43 Bill Pulford, Scientific I.T. Coordinator Diamond Light Source Exeter, April 1st 2015 Acknowledgements Stefan Paetow (Janet/UK), DLS System

More information

P ART 3. Configuring the Infrastructure

P ART 3. Configuring the Infrastructure P ART 3 Configuring the Infrastructure CHAPTER 8 Summary of Configuring the Infrastructure Revised: August 7, 2013 This part of the CVD section discusses the different infrastructure components that are

More information

Cisco Securing Cisco Wireless Enterprise Networks (WISECURE) Download Full Version :

Cisco Securing Cisco Wireless Enterprise Networks (WISECURE) Download Full Version : Cisco 300-375 Securing Cisco Wireless Enterprise Networks (WISECURE) Download Full Version : https://killexams.com/pass4sure/exam-detail/300-375 QUESTION: 42 Which two considerations must a network engineer

More information

Federated access service authorization

Federated access service authorization Federated access service authorization MIKKO NIIRANEN and PREETIDA VINAYAKRAY-JANI Nokia Reseach Center Itämerenkatu 11-13 00180 Helsinki FINLAND Abstract: - The increasing variety of access technologies

More information

Using tunnels and three party authentication to improve roaming security

Using tunnels and three party authentication to improve roaming security Supported by the Walloon Region Using tunnels and three party authentication to improve roaming security Damien LEROY UCLouvain - Belgium IP Networking Lab - http://inl.info.ucl.ac.be BELNET Security Conference

More information

Abstract. Overview of eduroam

Abstract. Overview of eduroam Development of KREOENT-based Wi-Fi Service for International Roaming Services Abstract 1 Jinoh Cho, 2 Hyunhun Cho, 3 Jinhyung Park, 4 Gihwan Cho, Corresponding author 1,2,3 Korea Institute of Science and

More information

How To use 802.1x VLAN assignment

How To use 802.1x VLAN assignment How To use 802.1x VLAN assignment Introduction In a network environment that contains multiple VLANs, it can be very desirable for roaming users to be assigned to the same VLAN, no matter at which point

More information

802.1X: Background, Theory & Implementation

802.1X: Background, Theory & Implementation Customized for NCET Conference 2007 802.1X: Background, Theory & Implementation March 16, 2007 Presented by: Jennifer Jabbusch, CISSP, HP MASE, CAD Mike McPherson, HP ProCurve Neal Hamilton, HP ProCurve

More information

Sustainability in Federated Identity Services - Global and Local

Sustainability in Federated Identity Services - Global and Local Sustainability in Federated Identity Services - Global and Local What works and what doesn t with eduroam and edugain Ann Harding @hardingar Activity Lead, Trust & Identity Development, GÉANT Person who

More information

Cisco RV 120W Wireless-N VPN Firewall

Cisco RV 120W Wireless-N VPN Firewall Cisco RV 120W Wireless-N VPN Firewall Take Basic Connectivity to a New Level The Cisco RV 120W Wireless-N VPN Firewall combines highly secure connectivity to the Internet as well as from other locations

More information

Cisco 4400 Series Wireless LAN Controllers PEAP Under Unified Wireless Networks with Microsoft Internet Authentication Service (IAS)

Cisco 4400 Series Wireless LAN Controllers PEAP Under Unified Wireless Networks with Microsoft Internet Authentication Service (IAS) Cisco 4400 Series Wireless LAN Controllers PEAP Under Unified Wireless Networks with Microsoft Internet Authentication Service (IAS) HOME SUPPORT PRODUCT SUPPORT WIRELESS CISCO 4400 SERIES WIRELESS LAN

More information