140 likes | 286 Views
An AAI/Mobility Strategy?. Claudio Allocchio VP Technical Programme TF-AACE - Malaga, 20 Nov 2003. TF-AACE. Coordinates the deployment of Authentication, Authorisation and other security services among European NRENs and liaise with Internet2 Middleware initiative and Global Grid Forum.
E N D
An AAI/Mobility Strategy? Claudio Allocchio VP Technical Programme TF-AACE - Malaga, 20 Nov 2003 TF-AACE, Malaga 20 Nov 2003
TF-AACE • Coordinates the deployment of Authentication, Authorisation and other security services among European NRENs and liaise with Internet2 Middleware initiative and Global Grid Forum. Work items include: • Defining interoperability requirements for European academic PKIs, including guidelines for PKI deployment at NRENs, online questionnaire • Defining common requirements for inter-institutional authentication and authorisation, providing a framework for harmonising NREN initiatives • Investigate existing initiatives on common identity on the Internet (e.g. Microsoft Passport, Liberty Alliance, etc.) TF-AACE, Malaga 20 Nov 2003
TF-Mobility • Define and test an inter-NREN roaming architecture, evaluate mobile equipment and software as well as next generation mobile technology for handovers and roaming. Work items include: • Glossary of terms • Study available AuthN & AuthZ techniques • Web-based, RADIUS+802.1x, VPNs • Study support of next generation equipment for MobileIP (v4 and v6) • Set up a testbed for inter-NREN AuthN & AuthZ • Liaise with TF-AACE and TF-NGN TF-AACE, Malaga 20 Nov 2003
GRID Impacts TF-AACE, Malaga 20 Nov 2003
Middleware Challenges • Interoperability GRID tools and campus software-> same functionality for VO and campus • AuthN locally, authZ assertion securely transferred • Schema definitions! • Building of trust (infra)structures • Supported by PKI? TF-AACE, Malaga 20 Nov 2003
AA - Do we have a problem? • It seems we need to do something… • many single scope AAIs • People with many "profiles": • Member of organisation "X" • GRID user for VO "Y" • "wallets" full of keys/certificates? TF-AACE, Malaga 20 Nov 2003
AA - Do we have an Infrastructure? • A single structured approach… • It still does not fly • Federations… • Might be a solution, work in progress • Web of trust • Still very fractioned TF-AACE, Malaga 20 Nov 2003
MiddlewareThe AA Puzzle TF-AACE, Malaga 20 Nov 2003
Certificates Hosting at TERENA • Defining a process to gather the root-CA-certificates of the NRENs (policy) • Verifying the European NREN root-CA-certificates (policy) • Allowing to publish them as a public, downloadable and importable trusted file (PKCS#7/12) • TERENA hosts the file TF-AACE, Malaga 20 Nov 2003
GN2 - JRA5UBIQUITY (MOBILITY) AND ROAMING ACCESS TO SERVICES • develop and deploy interoperable Authentication and Authorisation infrastructures (AAI) and services; • extend existing systems aiming for interoperability; • involving the international, national and local organisations; • build on results of TF-AACE and TF-Mobility TF-AACE, Malaga 20 Nov 2003
JRA5 Partners • ARNES, CARnet, CESnet, Dante, DFN, FCCN, GRnet, HEAnet, Hungarnet, ISTF (.bg), NORDUnet, Rediris, RESTENA, SUnet, SURFnet, SWITCH, UKERNA, ULAKBIM, UoMalta TF-AACE, Malaga 20 Nov 2003
JRA5 Launch Workshop? • it is a good idea? • When ? Nov 2004? • Scope? • Forming a programme committee? • In which formal relation with JRA5 members • Relationship with MACE? TF-AACE, Malaga 20 Nov 2003
GN2 - JRA5Milestones • Definition of the requirements of the inter-NREN network roaming solution • Definition of the requirements for the federated AAI model for access to services • Design of a federated AAI model for access to services • Design of an integrated single sign-on system • Design of a seamless roaming solution • Design of an European infrastructure for instant messaging and presence • Creation of a test bed using different access technologies • Creation of a test bed for seamless roaming • Test bed for dynamic content adaptation • Creation of a test bed for the federated AAI model for access to services • … plan for the next two years… TF-AACE, Malaga 20 Nov 2003
Questions? TF-AACE, Malaga 20 Nov 2003