1 / 14

A2Z – Akenti Access to zetoc

This project aims to implement and evaluate Akenti, a secure access management system, in the JISC service environment for zetoc. The goal is to enable "grid-enabled" access to the zetoc service and identify implementation issues for JISC service providers.

hinze
Download Presentation

A2Z – Akenti Access to zetoc

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A2Z – Akenti Access to zetoc Ross MacIntyre

  2. Project Aims • Implement & Evaluate Akenti in a JISC service environment (zetoc) • ‘Grid-enable’ the zetoc service & demonstrate accessibility from e-Science project (myGrid) • Identify associated implementation issues for JISC service providers A2Z Overview

  3. Tasks & Progress • zetoc demo environment (month1) • Digital certificate authentication (month 2-3) • Akenti installation (month 3-5) • Authorisation policy (month 4-6) • Akenti knowledge transfer (month 5-7) • my-Grid enablement (month 8-10) • Technical evaluation (month 10-12) A2Z Overview

  4. zetoc Search • Authentication/authorisation • IP/Athens • Institutional identifier e.g. ‘man’ • eScience Digital Certificate • Dummy institution ‘mid’ • Application links to institution’s settings e.g. library logo A2Z Overview

  5. zetoc Alert • Authentication/authorisation • Athens • Personal Username e.g. ‘man-zzaalsrm’ • Access Username e.g. ‘man-mimas’ • Application prompts for list name • eScience Digital Certificate • Environment Variable (SSL_Client_DN) • Application locates associated alert list(s) A2Z Overview

  6. A2Z Overview

  7. A2Z Overview

  8. A2Z Overview

  9. A2Z Overview

  10. British Library – DATA BL Reader in Reading Room (£0) ‘ac.uk’ (£0) NHS England (£0) Scotland (>£0) Wales n/a N.Ireland n/a JISC – MACHINE & SUPPORT BL (£0) ‘ac.uk’ TAU List HE (£0) FE (£0) RC (£500pa) CHEST List Associate (£500pa) Affiliates (£500pa) NHS England (£4,000pa) Scotland (£500pa) Wales (£500pa) N.Ireland (£500pa) Stakeholders MIMAS – If licence > £0, has it been paid? (From_To?) A2Z Overview

  11. Root Policy • Root Policy Issuers DN & CADN • Name of Resource “zetoc” • List of CAs • Full list of CAs • Where to find their signed certificates • Use Condition’s Configuration = For each Stakeholder • Who is allowed to issue Use Conditions • Where these Use Conditions are • Optional Global declaration of locations of attribute certificates A2Z Overview

  12. Use Condition for BL • Who issued this certificate • Resource Name = “zetoc” • Constraints incl. Critical = true • Logic (group=BL_Reader)||(IP=ac.uk)|| (NHS=England)||(NHS=Scotland & Licence=PAID) A2Z Overview

  13. Logic Evaluation • Group = BL_Reader -> system IP check • IP=ac.uk -> system IP check • NHS=England -> Akenti requires certificate signed by NHS_England • NHS=Scotland -> Akenti requires certificate signed by NHS_Scotland • Licence=PAID -> system check: “yes” in a file somewhere. A2Z Overview

  14. End Result • Capability Certificate • System calls • NO DATA A2Z Overview

More Related