1 / 13

News from CRU activities: Identity federation, eduroam, PKI, SCS, Sympa, security policies

Stay updated with the latest news from CRU activities including identity federation, eduroam, PKI, SCS, Sympa, and security policies. Learn about the 7th TF-EMC2 Meeting and the French Research & High Ed landscape.

gerardow
Download Presentation

News from CRU activities: Identity federation, eduroam, PKI, SCS, Sympa, security policies

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. News from CRU activities: Identity federation, eduroam, PKI, SCS, Sympa, security policies florent.guilleux @ cru.fr 7th TF-EMC2 Meeting, 16-17 October

  2. French Research & High Ed landscape CRU Universities (80) and other high ed schools (~120) UREC Research Middleware and other activities RENATER French Research and Education Network layers

  3. CRU federation CRU federation We hear about Shibboleth, PAPI, A-Select… CRU: comparison of Shib & LA Pilot federation Federations in productions Test federation 2002 2003 2004 2005 2006 uPortal-based portals: directory and CAS SSO deployment Government funding for universities cooperation on a regional level Government funding for national-level services for students

  4. CRU federation • Based on Shibboleth without centralized WAYF • One single federation targeted at the ~200 French high ed institutions (IdPs) • SPs: High Ed community, public & private sectors • Currently 11 IdPs (~10 coming soon) and 5 SPs

  5. CRU federation: current usage • Library resources (Elsevier, ABES) • On-line courses (on national and regional levels) • Wi-Fi access for roaming users (regional level, in cohabitation with eduroam) • Software distribution (3 coming SPs)

  6. CRU federation: next tasks • Operating a “virtual IdP” with basic group management for “exception” people and people whose institution does not belong to CRU federation yet • Better integration with the institution portals (how to bypass the WAYF) • Use of ShARPE and Autograph? • Which economic model?

  7. eduroam • CRU operates the eduroam service for RENATER community • Started in April 2006 • Currently 14 institutions • Main difficulty is administrative: make an university president sign the updated RENATER agreement

  8. eduroam: main tasks • Monitoring: quite close to the real use case • 802.1X & EAP, not only RADIUS level check • to check the availability of the service and if the institution authentication method works • www.eduroam.fr • Coming tasks • accounting (stats & traceability) • administrator training

  9. PKI • A PKI running since June 2003 • End-users certificates (~800) for web authentication • We are thinking about moving from X.509 end-users certificates authentication to federation/portal based authentication • Server certificates (~1400) more and more used: web servers, LDAPS, POPS, IMAPS, Shibboleth, Radius…

  10. SCS • Service opened in May 2006 • One difficulty: updating WHOIS records (and debugging institution naming issues!) • 50 institutions have subscribed to the service (proxy letter) and more are coming • ~260 certificates issued, institutions are very satisfied  • One centralized RA (4 operators) with tools to ease the validation of the requests

  11. SCS tool for RA operators • http://www.cru.fr/igc/scs/validation/ MIIBhzCB8QIBADBIMQswCQYDVQQGEwJGUjEcMBoGA1UEChMTVW5pdmVyc2l0ZSBk J0FuZ2VyczEbMBkGA1UEAxMScnB2LnVuaXYtYW5nZXJzLmZyMIGfMA0GCSqGSIb3 DQEBAQUAA4GNADCBiQKBgQC1JPNqbFuV2IxD5CRYm1yodSKFt/2jI9OBjOePqa1e B/HynCP41ppdt0n00uiLmps6RIE0lqsfZOrqBMydLc6AMh6wqe6+YiYqAXDVjMbn A8SrzR2p/oxNK+RFhgBprFYgJMow88m3C8RCTGg6sLUNV311Og5KIjfzVMatakNx sQIDAQABoAAwDQYJKoZIhvcNAQEEBQADgYEAhyxOZZZ5dLDlKR5FQZn3Xl4ZgxUl FxBoci/PInT5hwcoqOeENPgDIkcuEqh6Iz7oZrCRap0FMrAIq9mSfysSo/XJn+gP Vo4PhH02aluvOv/y76i4VhNGieZbe2VqSjDmg0NagRZnyIfd1b9pFsBW2f8FaG6a J7TEzcHYmWcZvl0=

  12. Latest news for Sympa mailing list software • Accessibility of the GUI for disabled people • SOAP interface extended • AuthN+AuthZ module for DokuWiki • New translations (Norwegian, Swedish) + English fixed • Sympa presentation at the "Jornadas Técnicas de RedIRIS JT06", 15th November Grenade, Spain

  13. Security policies • Strong need for well formed and practical security policies in French high ed institutions • CRU starts to help institutions to set up formal security policies • Currently in pilot phase with some universities, using EBIOS method

More Related