Authentication and Authorisation for Research and Collaboration Blueprint
Authentication and Authorisation for Research and Collaboration Blueprint and next steps Marcus Hardt Christos Kanellopoulos JRA 1. 2 Leader JRA 1 WP Leader KIT GRNET AARC AHM, Utrecht 24 -26, May 2016 https: //aarc-project. eu
The starting point • The scenario: • There is a technical architect of a research community • Her community is distributed internationally • Increasing number of services need authentication and authorization • Her job is to find a solution • She wants to focus on research and not reinvent the wheel • She starts googling • So, there are some solutions available, but… https: //aarc-project. eu 2
AARC: Analysis of User Communities and e-Infrastructure Providers https: //aarc-project. eu Attribute Release Attribute Aggregation User Friendliness SP Friendliness Credential translation Persistent Unique Id User Managed Information Credential Delegation Levels of Assurance Guest users Step-up Auth. N Best Practices Community based Auth. Z Non-webbrowser Social & e. Gov IDs Incident Response
The functional Components User Community Requirements https: //goo. gl/k. Sx. ENp aarc-project. eu https: //aarc-project. eu
AARC: Analysis of User Communities and e-Infrastructure Providers https: //aarc-project. eu Attribute Release Attribute Aggregation User Friendliness SP Friendliness Credential translation Persistent Unique Id User Managed Information Credential Delegation Levels of Assurance Guest users Step-up Auth. N Policies/Best Practices Community based Auth. Z Non-webbrowser Social & e. Gov IDs Incident Response
Blueprint: Current Status • Until end of March 16: Restructuring and Finalisation: • Move lengthy information into appendix • Move technical details and product related information into other deliverables • Red Thread Now: • We analysed requirements and (selected) infrastructures • From this we derive a high-level architecture (which is described) • However, even with a typical workflow we still experience some issues (described in more detail) • Stay tune for the next version https: //aarc-project. eu 6
What are the next steps • From the Do. W: • MJRA 1. 4 “First draft of the Blueprint Architecture” M 15 (July 2016) • DJRA 1. 2 “Blueprint Architecture” M 24 (April 2017) • What are the next steps? • Circulate current version to the stakeholders (RI, e-Infras, REFEDS etc) • Original plan was to do that much earlier • Address initial rounds of comments • Start incorporating input from MJRA 1. 3 and MJRA 1. 4 • Release MJRA 1. 4 https: //aarc-project. eu 7
From development to Pilot • EGI, EUDAT, ELIXIR already have implementations https: //aarc-project. eu 8
From development to Pilot • EGI, EUDAT, ELIXIR already have implementations • There already integration pilots going on (outside of AARC) https: //aarc-project. eu 9
From development to Pilot • EGI, EUDAT, ELIXIR already have implementations • There already integration pilots going on (outside of AARC) • Can/should we bring them in AARC? https: //aarc-project. eu 10
From development to Pilot • EGI, EUDAT, ELIXIR already have implementations • There already integration pilots going on (outside of AARC) • Can/should we bring them in AARC? • What AARC can provide? • • Infrastructure for pilots? (although this might not be needed) Access experts to discuss challenges/issues? Best practices that can assist interoperability and reusablity? “Marketplace” of tools and services? • Playground for testing new tools (or ideas) • ”Match making” between e-Infrastructures and research communities? https: //aarc-project. eu 11
- Slides: 11