AARC Overview. Licia Florio, David Groep. 21 Jan presented by David Groep, Nikhef.

Similar documents
AARC. Christos Kanellopoulos AARC Architecture WP Leader GRNET. Authentication and Authorisation for Research and Collaboration

WP JRA1: Architectures for an integrated and interoperable AAI

WP3: Policy and Best Practice Harmonisation

Scalable Negotiator for a Community Trust Framework in Federated Infrastructures (Snctfi)

EGI Check-in service. Secure and user-friendly federated authentication and authorisation

The challenges of (non-)openness:

eidas cross-sector interoperability

Can R&E federations trust Research Infrastructures? - The Snctfi Trust Framework

Pilots to support guest users solutions

Recommendations on the grouping of entities and their deployment mechanisms in scalable policy negotiation

Policy and Best Practice Harmonisation ( NA3 ) from the present to the future

Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014

AARC Blueprint Architecture

Deliverable DJRA1.1. Use-Cases for Interoperable Cross- Infrastructure AAI

AAI in EGI Current status

GÉANT Community Programme

Deliverable D3.3 Requirements Gathering from e- Infrastructures

Sustainability in Federated Identity Services - Global and Local

European Open Science Cloud

Identity Harmonisation. Nicole Harris REFEDS Coordinator GÉANT.

REFEDS Minutes, 22 April 2012

Federated Identities and Services: the CHAIN-REDS vision

The EGI AAI CheckIn Service

Connect. Communicate. Collaborate. GN2 JRA5 update. Jürgen Rauschenbach (DFN), JRA5 team 04/02/08 Marseille. JRA5 Team

JRA5: Roaming and Authorisation

An introduc/on to Sir0i

RCauth.eu / MasterPortal update

Deliverable DSA1.4: Pilots to improve access to R&E-relevant resources

REFEDS Year End Report 2015

Federated Authentication for E-Infrastructures

Options for Joining edugain. Lukas Hämmerle, SWITCH DARIAH Workshop, Köln 18 October 2013

TRUST IDENTITY. Trusted Relationships for Access Management: AND. The InCommon Model

Federated Identity Management for Research Collaborations. Bob Jones IT dept CERN 29 October 2013

GN3plus External Advisory Committee. White Paper on the Structure of GÉANT Research & Development

GN2 JRA5: Roaming and Authorisation

European Pilot Production Network EPPN Planning and Activities

Sirtfi for Security Incidents in a Federated Context. Tom Barton, UChicago & Internet2

Helix Nebula The Science Cloud

Federal-State Connections: Opportunities for Coordination and Collaboration

EUDAT. Towards a pan-european Collaborative Data Infrastructure. Damien Lecarpentier CSC-IT Center for Science, Finland EUDAT User Forum, Barcelona

The adoption of cloud services

GÉANT and other projects Update

On the EGI Operational Level Agreement Framework

EUDAT. Towards a pan-european Collaborative Data Infrastructure

Towards Horizon The Enabling Users

DARIAH-AAI. DASISH AAI Meeting. Nijmegen, March 9th,

Milestone MS83 (DS5.4.1): Federation as a Service - Market Analysis and Pilot Service Definition

2. HDF AAI Meeting -- Demo Slides

EU Liaison Update. General Assembly. Matthew Scott & Edit Herczog. Reference : GA(18)021. Trondheim. 14 June 2018

GRIDS INTRODUCTION TO GRID INFRASTRUCTURES. Fabrizio Gagliardi

EUDAT and Cloud Services

Accelerating Cloud Adoption

In Section 4 we discuss the proposed architecture and analyse how it can match the identified 2

The CHAIN-REDS Project

Open Science Commons: A Participatory Model for the Open Science Cloud

DARIAH Update. 9th FIM4R Workshop. Vienna, Novemer 30, Peter Gietz, DAASI International GmbH.

Deliverable D3.5 Harmonised e-authentication architecture in collaboration with STORK platform (M40) ATTPS. Achieving The Trust Paradigm Shift

Italy - Information Day: 2012 FP7 Space WP and 5th Call. Peter Breger Space Research and Development Unit

GN4-2 SA2 Kick-Off Meeting Amsterdam/NL 30/

GÉANT-TrustBroker project overview

GÉANT Mission and Services

Deliverable D14.1 (DJ3.0.1) Report on the Achievements and Recommendations for any Future Work

The EUReID Observatory. Brussels 2009_09_29

Third public workshop of the Amsterdam Group and CODECS European Framework for C-ITS Deployment

Géant-TrustBroker Dynamic inter-federation identity management

GN2 JRA5: Roaming and Authorisation - recent results

NIS Standardisation ENISA view

CEF e-invoicing. Presentation to the European Multi- Stakeholder Forum on e-invoicing. DIGIT Directorate-General for Informatics.

GÉANT: Supporting R&E Collaboration

Deliverable D9.3 Best Practice for User-Centric Federated Identity

InfraStructure for the European Network for Earth System modelling. From «IS-ENES» to IS-ENES2

EUMEDCONNECT3 and European R&E Developments

Sub-national dimensions of INSPIRE

Higher Education PKI Initiatives

Federated authentication for e-infrastructures

User Community Driven Development in Trust and Identity Services

1. Publishable Summary

EISAS Enhanced Roadmap 2012

e-infrastructures in Horizon 2020 e-infrastructures for data and computing

CONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT APRIL, SKOPJE

Interconnected NRENs in Europe & GÉANT: Mission & Governance Issues

GÉANT3 Services. Ann Harding, SWITCH TNC Connectivity and Monitoring Services by and for NRENs. connect communicate collaborate

Research Infrastructures and Horizon 2020

Management der Virtuellen Organisation DARIAH im Rahmen von Shibboleth- basierten Föderationen. 58. DFN- Betriebstagung, Berlin, 12.3.

e-infrastructure: objectives and strategy in FP7

Attribute Release Update

UCD Centre for Cybersecurity & Cybercrime Investigation

EGI AAI Platform Architecture and Roadmap

Deliverable D8.4 Certificate Transparency Log v2.0 Production Service

EUDAT - Open Data Services for Research

EGI federated e-infrastructure, a building block for the Open Science Commons

Third public workshop of the Amsterdam Group and CODECS C-ITS Deployment in Europe: Common Security and Certificate Policy

ehealth Ministerial Conference 2013 Dublin May 2013 Irish Presidency Declaration

Deliverable DS2.1.1: Multi-Domain Service Architecture

AARC Assurance Profiles

Governance and Financial Schemes for the EOSC

TERENA, the NRENs, GÉANT & promoting Campus Best Practice

Trust and Identity Services an introduction

GÉANT2 Security: Year 1 (aka JRA2)

INFRASTRUCTURES DE RECHERCHE WORK PROGRAMME

Transcription:

AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef

AARC? Authentication and Authorisation for Research and Collaboration support the collaboration model across institutional and sector borders advance mechanisms that will improve the experience for users guarantee their privacy and security build on the very many existing and evolving components ESFRI clusters, edugain, national AAI federations, NGIs, IGTF, SCI, SirTFi, design, test and pilot any missing components integrate them with existing working flows 2

AARC Authentication and Authorisation for Research and Collaboration Two-year project 19 funded plus 2 unfunded Coordinated by the Amsterdam Office NRENs, e-infrastructure providers and Libraries as equal partners About 3M euro budget Expecting starting date 1 May, 2015 3

AARC - Goals OUTREACH and TRAINING To lower entry barriers for organisations to join national federations To improve penetration of federated access TECHNICAL and POLICY Work To develop an integrated AAI built on production services (i.e. edugain) To define an incident response framework to work in a federated context To agree on a LoA baseline for the R&E community To pilot new components and best practices guidelines in existing production services 4

AARC Strengths and Challenges AARC Strength: Consortium with NRENs, Libraries, e-researchers and campuses Good opportunity to work together as a team Consensus among different groups to work together AARC Challenges: Address technical challenges to satisfy most of the communities Scale the training to EU dimension Deliver best practises in an implementable way Scope the pilots to address use-cases and test results from other WPs in AARC 5

AARC Work Packages NA1 (GEANT Ass.) Overall Management NA3 (Nikhef) To define scalable policies and operational models for the integrated AAI JRA1 (GRNET) To research on technologies to deliver the design of the integrated AAI SA1 (SURFnet) To pilot key components of the integrated AAI NA2 (GEANT Ass.) To train, disseminate and reach out Liaison with other relevant user communities, e-infrastructures and international relevant AAI activities 6

Training Activities Training for IdPs Directly focusing on research use cases, engaging their local researchers and their requirements Encourage them to harmonize through best practices Expand coverage of national identity federations, supporting institutions with low levels of technical or organisational preparedness Architectures for integrated/interoperable AAI technical elements needed for the integrated AAI: attribute frameworks and deployable web & non-web technologies Support for guest IdPs Risk-based models for AAI solutions GÉANT, Alessandra Scicchitano GRNET, Christos Kanellopoulos

Technical pilots Pilots on integrated R&E AAI Introduction of attribute management services Access to R&E + commercial services Guest services Build PoCs together with the community SURFnet, Paul van Dijk Demonstrate production-worthy pilots that have a sustainability model e.g. adoption by the GEANT services activity, run by the research community, or by the e-infrastructures Facilitate researchers to collaborate in a secure and trusted virtual research environment

Policy and best practice harmonization Policy and Best Practices harmonisation collate a level of assurance framework for SPs: where we already have DP CoC, R&S EC for IdPs: express reasonably achievable assurances for AAs and communities: a new domain consistent handling of security incidents (in edugain &c) scalable policy expression and negotiation identify policies needed for attribute aggregation policy & security to enable the integration of attribute providers and of credential translation services support models for (inter)federated access (i.e. how are we going to sustain something scalable once AARC is over? guidelines to enable exchange of accounting data Nikhef, DavidG

Liaisons with other groups AARC Research on scalable policy models (LoA, incident response, etc.) REFEDS/ FIM4R/RDA/ EUDAT Pilots (Guest IdPs, Attribute providers, etc.;) Training/Outreach ESFRI Clusters/ GÉANT/EGI/ Libraries, ins tu ons, resource providers, etc.; 10

Approach Use existing e- infrastructures in the delivery chain Deliver a cross-discipline framework built on federated access Liaison with existing e- Infras, communities and initiatives 11

Main Topics of Synergy LoA Incident handling in federations Policies between identity providers, attribute providers and service providers to facilitate service delivery many of the communities here could be interested in either the pilots, the sustainability model, or all of AARC, of course! 12

AARC/REFEDS/GN4 Working together AARC Requirements REFEDS Anchored in real use cases Pilot AARC technical and policy findings Training Pre-existing design work Federation Operators expertise Validate AARC finding GN4 Develop business case (P1) Costing Supply chain Pilot the deployment (P2) edugain Incorporate (P2, P3) 13

Where are we now Grant agreement preparation started: 04/02/2015: first version of the grant agreement data 25/02/2015: signature of the participants certified declarations 14/04/2015: Deadline foreseen for the signature of the grant agreement Expected to start on 1 st May 2015 14

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback