CILogon Federated Access to Science Services and Infrastructures Terry Fleury Jim Basney This material is based upon work supported by the National Science.
Download ReportTranscript CILogon Federated Access to Science Services and Infrastructures Terry Fleury Jim Basney This material is based upon work supported by the National Science.
CILogon Federated Access to Science Services and Infrastructures Terry Fleury <[email protected]> Jim Basney <[email protected]> This material is based upon work supported by the National Science Foundation under grant number 0943633. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation. CILogon Goal • Facilitate campus logon to CI – Leverage researchers’ existing credentials at their home institution – Ease credential management for researchers and CI providers • Bridge from: – Credentials issued by InCommon Federation (SAML) and OpenID Providers (OpenID) • Bridge to: – X.509 certificates that satisfy the requirements of CI projects CILogon 2 www.cilogon.org High-Level Overview Identity Providers User’s “Desktop” CILogon 10110 01001 10101 01001 OpenID X.509 Certificate SAML Id, IdP CILogon 3 www.cilogon.org X.509 Certificates • Three (3) Certificate Authorities (CAs) – Levels of Assurance – OpenID – Basic (All InCommon participants) – Silver (Using InCommon Silver Profile) • Subject DN contains Identifier – For OpenID • /DC=org/DC=cilogon/C=US/O=CILogon OpenID/CN=URLencodedIdentifier • E.g. /DC=org/DC=cilogon/C=US/O=CILogon OpenID/CN=https%3A%2F%2Fterrencegf.pip.verisignlabs.com%2F – For InCommon • /DC=org/DC=cilogon/C=US/O=OrganizationDisplayName/CN=displayName UID • E.g. /DC=org/DC=cilogon/C=US/O=ProtectNetwork/CN=Terrence Fleury A263 CILogon 4 www.cilogon.org Demonstration https://cilogon.org/ CILogon 5 www.cilogon.org Thank You For more information: www.cilogon.org [email protected] CILogon 6 www.cilogon.org