110 likes | 218 Views
eduGAIN as a service (T3) in Multi-Domain User Applications (SA3). Valter Nordh, NORDUnet / GU NORDUnet conference, Köpenhamn , 16 Sep 2009. NORDUnet - eduGAIN. Welcome and introduction Agenda Basics of federations What is eduGAIN eduGAIN workforce, overview
E N D
eduGAIN as a service (T3) inMulti-Domain User Applications (SA3) Valter Nordh, NORDUnet / GU NORDUnet conference, Köpenhamn, 16 Sep 2009
NORDUnet - eduGAIN • Welcome and introduction • Agenda • Basics of federations • What is eduGAIN • eduGAIN workforce, overview • Business Case and Service Description • Use case selected • Policy issues • MDS - State of Affairs • Q&A
Basics of federations • What is a federation and what are the benefits? • Identity Providers (IdP) and Service Providers (SP) connected • Existing federations differ in many ways, technical, policy, target users etc • Most federations today connect using SAML • Web Single Sign-on (WebSSO) is a strong driver in federations • How much does an e-id cost to maintain/year?
Basics of federations • A federation simplifies the authentication process, but not necessarily the authorization-process • Two options for federations (simplified): A federation should by default offer attributes that the SP can use to take decisions (mostly authorisation decisions) A federation should only connect IdP and SP and leave all question about attributes to some one else (most often SP)
What is eduGAIN • eduGAIN started in GN2, under JRA5 and a pilot installation is running • During GN3 eduGAIN will focus on transition to a service • eduGAIN aims to connect federations in Europe • The more the merrier! • eduGAIN will initially restrict itself to WebSSO-support • eduGAIN will evolve over the coming years • eduGAIN does not aim for total attribute harmonisation!
eduGAIN workforce, overview • Valter Nordh, NORDUnet / SUNET / GU, Task leader • Juergen Rauschenbach, DFN, edugain-development • Mikael Linden, CSC, Policy issues • Support / information, TERENA, Brook Schofield • Operations? • Josh Howlett, JANET, Activity leader for SA3 • Licia Florio, TERENA, Activity leader JRA3
eduGAIN workforce, overview • SA3-T3, contribution from NRENSTERENA 1 BSAMRES 2 MV, ES, MRCARNET 1.0 MM, DVCESNET 1.2 INCYNET 0.8 ATNIIFI 1.0 KrB? , TF, AL, JaM?NORDUNET 4.3 VN,LJ, MiL? , LK, AnL? ( ~22%)PIONIER 3.5 LD, WoB? , TW, MW, ZOREDIRIS 1.6 CR, AD, JP, OC, GL, ASSURFNET 1.0 ??SWITCH 0.7 LH, TLDFN 0.8 JR, TK
Next step in eduGAIN • Five use cases have been selected. eduGAIN aims to focus on these (but not excluding others!) and build the first eduGAIN on top of these • CLARIN • Eduroam OTRS • Wiki.edugain.org • New wiki for GEANT3 (Microsoft Sharepoint) • Foodle • ->eduGAIN will initially only support webSSO
Policy issues for eduGAIN (some) • IdPs: higher education and research only? • SPs: higher education and research only? • eduGAIN participants; who may join? • Is data protection in or out of scope for eduGAIN? • Is it allowed to pass personally identifying information (PII) in eduGAIN? • The unique identifier in Europe? • trademarks and domain names: who registers and controls them?
MDS - State of Affairs • MDS, Metadata Distribution Service • Used on a technical level do distribute the involved metadata. • This is expected to develop under GN3 life with input from JRA3
Goal of this meeting, review • Get input on eduGAIN and present basic eduGAIN challanges • Demonstrate Business Case and Service Description • Show use cases • Get an understanding of policy and legal aspects of (inter) federations • See where we are regarding the MDS work • Questions