1 / 7

CA-OPS Authentication Profiles

CA-OPS Authentication Profiles. Tony Genovese ATF team ESnet Lawrence Berkeley National Laboratory. Outline. Authentication Profiles Why authentication profiles? What is in it? General Federation document. Why Authentication Profiles?.

alec-mccullough
Download Presentation

CA-OPS Authentication Profiles

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CA-OPSAuthentication Profiles Tony Genovese ATF team ESnet Lawrence Berkeley National Laboratory

  2. Outline • Authentication Profiles • Why authentication profiles? • What is in it? • General Federation document TERENA TF-EMC2

  3. Why Authentication Profiles? • New Authentication services will fragment the current global trust model. • Yet, we must allow for innovations in Authentication services. • Classic PKI procrustean bed no longer works. • Currently a draft GGF informational doc. TERENA TF-EMC2

  4. Authentication Profile what is in it? • Authentication Services must provide basic information on: • The governance of authentication service. • A set of membership and operational requirements. • Publishing model that Relying parties can trust. TERENA TF-EMC2

  5. General Federation Document • Federation definition - description • General architecture • Identity management • Operational requirements • Site security. • Publication and repository responsibilities • Liability • Financial responsibilities • Audits and compliance • Privacy and confidentiality • Compromise and disaster recovery • Federation administration TERENA TF-EMC2

  6. New Federations that can be profiled • Any Federation with common AuthN services. • SIPS - Site Integrated Proxy services • KCA example • Site SSL support - Host certificate service • RAF - RADIUS Authentication Fabric • Active Credential Stores TERENA TF-EMC2

  7. Status of document • Mostly guidance material being added • Change name to reflect focus • Authentication Federations for Grids • Grid Federation template • Trust Federation setup • Being used by the Americas Grid PMA for chartering. TERENA TF-EMC2

More Related