1 / 9

Researcher ID

Researcher ID. September13 2013 Presented by Terry Smith - AAF Technical Manager . Researcher ID. The brief Creation of a test “sandbox” environment for the Researcher ID Populate an LDAP directory Based on Authn and Attributes from AAF or Social Authentication

dee
Download Presentation

Researcher ID

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Researcher ID September13 2013 Presented by Terry Smith - AAF Technical Manager

  2. Researcher ID • The brief • Creation of a test “sandbox” environment for the Researcher ID • Populate an LDAP directory • Based on Authn and Attributes from AAF or Social Authentication • Simple UI for Researchers to manage their Researcher ID (Passwords, etc) • Extend the accounts with Group membership, permissions and roles • Simple workflow that can be used by resource owners • Test against use cases provided by the RDSI Nodes • Determine what it will take to run as a production system

  3. Researcher ID Federated Authentication Social Authentication IdP IdP Identity IdP IdP AAF DS Provisioning & Account Management Account and Password Management Advanced account provisioning OAuth SAML AA SAML IdP RW RW RO RO RO Researcher ID Identity Store Master Replicas OU=Groups OU=People Node RO Replicas DN=email-address + AAF Core Attrs + MemberOf DN=Group Name Members=… Group Mgnt, Workflows and APIs RestAPI RestAPI WebUi WebUi VOOT VOOT LDAP LDAP Web Apps Federated and/or Social Authentication + Groups App LDAP or Oauth Authentication + Groups Server Access PAM-LDAP + Groups Server Access SSSD Single Sign-on Kerberos, PKI + Groups Node Applications & Resources

  4. Researcher ID Federated Authentication Social Authentication IdP IdP Identity IdP IdP AAF DS Provisioning & Account Management Account and Password Management Advanced account provisioning OAuth SAML AA SAML IdP RW RW RO RO RO Researcher ID Identity Store Master Replicas OU=Groups OU=People Node RO Replicas DN=email-address + AAF Core Attrs + MemberOf DN=Group Name Members=… Group Mgnt, Workflows and APIs RestAPI RestAPI WebUi WebUi VOOT VOOT LDAP LDAP Web Apps Federated and/or Social Authentication + Groups App LDAP or Oauth Authentication + Groups Server Access PAM-LDAP + Groups Server Access SSSD Single Sign-on Kerberos, PKI + Groups Node Applications & Resources

  5. Researcher ID Federated Authentication Social Authentication IdP IdP Identity IdP IdP AAF DS Provisioning & Account Management Account and Password Management Advanced account provisioning OAuth SAML AA SAML IdP RW RW RO RO RO Researcher ID Identity Store Master Replicas OU=Groups OU=People Node RO Replicas DN=email-address + AAF Core Attrs + MemberOf + Password DN=Group Name Members=… Group Mgnt, Workflows and APIs RestAPI RestAPI WebUi WebUi VOOT VOOT LDAP LDAP Web Apps Federated and/or Social Authentication + Groups App LDAP or Oauth Authentication + Groups Server Access PAM-LDAP + Groups Server Access SSSD Single Sign-on Kerberos, PKI + Groups Node Applications & Resources

  6. Researcher ID Federated Authentication Social Authentication IdP IdP Identity IdP IdP AAF DS Provisioning & Account Management Account and Password Management Advanced account provisioning OAuth SAML AA SAML IdP RW RW RO RO RO Researcher ID Identity Store Master Replicas OU=Groups OU=People Node RO Replicas DN=POSIX Username + AAF Core Attrs + MemberOf + Password + PosixAttrs DN=PosixGroupName Members=… + PosixAttrs Group Mgnt, Workflows and APIs RestAPI RestAPI WebUi WebUi VOOT VOOT LDAP LDAP Web Apps Federated and/or Social Authentication + Groups App LDAP or Oauth Authentication + Groups Server Access PAM-LDAP + Groups Server Access SSSD Single Sign-on Kerberos, PKI + Groups Node Applications & Resources

  7. Researcher ID Federated Authentication Social Authentication IdP IdP Identity IdP IdP AAF DS Provisioning & Account Management Account and Password Management Advanced account provisioning OAuth SAML AA SAML IdP RW RW RO RO RO Researcher ID Identity Store Master Replicas OU=Groups OU=People Node RO Replicas DN=POSIX Username + AAF Core Attrs + MemberOf + Password + PosixAttrs + Kerberos + PKI Certs DN=PosixGroupName Members=… + PosixAttrs RestAPI Group Mgnt, Workflows and APIs WebUi WebUi VOOT LDAP LDAP CA Kerberos Web Apps Federated and/or Social Authentication + Groups App LDAP or Oauth Authentication + Groups Server Access PAM-LDAP + Groups Server Access SSSD Single Sign-on Kerberos, PKI + Groups Node Applications & Resources

  8. Researcher ID The Use cases dictates the Schema and components that need to be included to build the Researcher ID Infrastructure. Next activity - Building an end to end pilot Researcher ID

  9. Researcher ID Possible Protocols and Services supported by the Researcher ID? NFS WebDav Globus Online SSH / SCP SFPT SIF Shares Aspera Grid FTP Web http

More Related