1 / 18

OpenConext Supporting Collaboration

OpenConext is an open-source middleware platform that enables secure federated authentication, centralized groups management, and attribute-based authorization for collaboration in the Dutch higher education and research community.

haynes
Download Presentation

OpenConext Supporting Collaboration

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. OpenConext • Supporting Collaboration Pieter van der Meulen Technical Product Manager

  2. SURFnet: the Dutch NREN • SURFnet is the Dutch National Research & Education Network (NREN) • Services, innovation, knowledge • Not for profit • Task organisation of Stichting SURF = ICT collaboration of higher education & research • A small operation serving a large community: • 85 employees • 160 connected institutions • 1 million end-users • Turnover 35 million Euro; 1/3 innovation subsidies SURFnet - We make innovation work

  3. OpenConext SURFnet - We make innovation work

  4. OpenConext • Middleware for building Collaboration Platforms • Open Source, Apache 2 License • Available since 2011 The Netherlands – SURFconext (SURFnet)A national Collaboration and Service delivery platform for Higher Education & Research 140 Identity Providers 430 Service Providers SURFnet - We make innovation work

  5. Collaboration Platform • Federated Authentication • Centralized Groups Federated Authentication Leverages secure, trusted authentication and Single Sign on for Campus and Cloud applications Centralized groups Used for Adhoc collaborations and institutional groups Group Provider Provide groups to service providers Receive group data from external group providers SURFnet - We make innovation work

  6. OpenConext SURFnet - We make innovation work

  7. Service Delivery Platform • Federated Authentication • Attribute based Authorization • National Procurement & Licencing Create Trusted Services By combining Identity Federation, privacy and data protection regulations and license deal in one contract between Service Provider and (all) Dutch institutions SURFnet - We make innovation work

  8. Services Dashboard SURFnet - We make innovation work

  9. Commercial Services SURFnet - We make innovation work

  10. eScience Services SURFnet - We make innovation work

  11. OpenConext Uses • AARnet– Shop front for services to E-Science organization • JISC – JISCM@il services SURFnet - We make innovation work

  12. Collaborative Organisations • Groups • Distributes Services • Attributes, roles and rights Groups are core to collaborationAny collaboration is based on groups. In modern eScience these groups are dynamic and international; Distributed ServicesCOs collaborate around distributes services. Managing and maintaining many SP IdP interconnections is tough; Attributes, roles and rightsRoles and rights are based on Attributes. COs need very different attributes as compared to the attributes provided by the IdPs. SURFnet - We make innovation work

  13. How OpenConext helps • Groups • Distributed Services • Attributes, roles and rights Centralized and external group providersOpenConext provides a centralized group provider and allows linking external group providers; Manage servicesCO SP(s) and IdP connections can be managed centrally, including Access Policies and Attribute Release Policies; AttributesCan be transformed and filtered SURFnet - We make innovation work

  14. Example Cases • Virtual Campus Hub • WeNMR Virtual Campus HubCreate a virtual education portal for a joint programme, consisting of applications made available by the partners involved in that programme, and to which all relevant users have seamless access; WeNMRBringing together research teams in the structural biology and life science area. The project offers a platform integrating services and streamlining the computational approaches necessary for data analysis and structural modelling. SURFnet - We make innovation work

  15. OpenConext - OpenSource • JANUS – SAML Metadata registration • https://github.com/janus-ssp/janus • SimpleSAMLphp Library • https://github.com/simplesamlphp • APIS – Oauth authorization server • https://github.com/OpenConextApps/apis SURFnet - We make innovation work

  16. OpenConext Roadmap • Separate Group management Application • Yet another group manager • Use APIS for Authorization • Add OpenID Connect • Allow Service Providers to use OpenID connect with OpenConext • Step-up authentication as-a-service • A Managed service for multi factor authentication using existing federation infrastructure SURFnet - We make innovation work

  17. Step-up authentication as a Service SURFnet - We make innovation work

  18. More information • SURFconext • OpenConext OpenConext is open for collaboration! OpenConexthttp://www.openconext.org SURFconext http://www.surf.nl/en/services-and-products/surfconext/index.html Pieter.vanderMeulen[at]surfnet.nl SURFnet - We make innovation work

More Related