Transcript FIM use cases

Federated Identity Management for
Researchers –
A quick overview from GÉANT
BoF TNC 2014
20 May 2014
Dublin
The Starting Point –
FIM4R and TERENA AAA Study
30+ Research Infrastructures in Europe
Countless more “long tail” users
Connect | Communicate | Collaborate
Attribute
aggregation
User
friendliness
Credential
translation
Attribute
release
Levels of
Assurance
Homeless
users
Bridging
Communitie
s
Non-webbrowser
2
Three Collaborative Pilots –
User communities and GÉANT
“A connected
network of people,
information, tools,
and methodologies
for investigating,
exploring and
supporting work
across the broad
spectrum of the
digital humanities.”
Connect | Communicate | Collaborate
“Basic life science
information constitutes
a testament of human
and natural evolution
and advancement. As
such, this wealth of
knowledge should be
freely available for all
to access, study and
process”
“Umbrella is the
Federated Identity
Solution of the
Photon and
Neutron
Community,
enabling user
initiated transfacility access.”
3
DARIAH Experience
eduGAIN is the best approach to pan European
AAI for DARIAH but some time is needed to fulfil
all needs
DARIAH would like to see more entities available in
eduGAIN and reasonable attributes available
DARIAH has been able to meet many requirements
• Distributed user and privilege administration
• Policies that allow for integration into DFNAAI and eduGAIN
Combination of eduGAIN and community specific
• DARIAH homeless-IdP and attribute
authority
Connect | Communicate | Collaborate
4
ELIXIR Experience
Next phase of AAI in ELIXIR – blueprint for
discussion
• External IdPs via eduGAIN
• ELIXIR specific services for
authorisation (REMS), non web,
homeless users and community
management
Federated identity cross sector
collaboration:
REMS to be used by FI-CLARIN & FICESSDA
A pan-European approach to LoA would be
appreciated/necessary in the future
• Minimise ELIXIR-specific customisation
Connect | Communicate | Collaborate
5
Umbrella Experience
More opportunities for NREN/Research
Infrastructure Collaboration
• Security analysis discussion at FIM4R
Piloting with a wider community has benefits
• JANET/Diamond Light in UK
Moonshot Pilot
Confidentiality aspects critical for Umbrella high competition, especially structural
biology
• Authorisation is delegated to the
systems participating in Umbrella
Connect | Communicate | Collaborate
6
There’s plenty of work still to do for
everyone
Attributes - Release, consistency,
community specific and harmonisation
Levels of
Assurance
A long term issue
to be broken down
Understanding
security and
incident
response
Progress can be
slow initially
More experience,
work faster
Non web –
Early pilot not
novice user but
evolving more
Many other research communities
developing AAI requirements and
work
Connect | Communicate | Collaborate
7
The environment is right to do it
FIM4R /RDA
T&I Committee
Increased EC/public awareness of
security
Federations looking to do more
• Support of GÉANT Code of
Conduct
• Emerging ‘opt-out’ pilots for
eduGAIN
• REFEDs Federation Operator Best
Practicecommunities services
Research
appearing in national federations and
eduGAIN
• Knowledge gained with these
pilots helps support other
communities & plan service
Connect | Communicate | Collaborate
Ask us for help:
[email protected]
8
There are funding channels to do work
- Everyone with a piece of the problem
REFEDS
EINFRA Call
Policy
Best Practises
Operational
Practises
LoA
Federation
Harmonisation
Training on policies
Pilot Services
Support for R&E
communities
Identity
Harmonisation
eduGAIN
FaaS
Proof of
Concepts
Moonshot
Outreach
eduroam
Supporting Tools
Guest IdPs
Connect | Communicate | Collaborate
GÉANT
Research Work
Enabling Users
9
We need to talk about…
The right people
Skilled
Representing all points on the chain – IdP, Federation, Interfederation,
SPs, Researchers
With the right use cases
Not just ‘fix my
problem’
Scalable, realistic
In the right places
Reaching the IdPs?
Supporting ‘real’ R&E
Connect | Communicate | Collaborate
10
Thank you!
Join the BoF after today’s sessions for more about
e-Research and Federated Identity.
Connect | Communicate | Collaborate
www.geant.net
www.twitter.com/GEANTnews | www.facebook.com/GEANTnetwork | www.youtube.com/GEANTtv
Connect | Communicate | Collaborate
11