1 / 14

An AAI/Mobility Strategy?

An AAI/Mobility Strategy?. Claudio Allocchio VP Technical Programme TF-AACE - Malaga, 20 Nov 2003. TF-AACE. Coordinates the deployment of Authentication, Authorisation and other security services among European NRENs and liaise with Internet2 Middleware initiative and Global Grid Forum.

holli
Download Presentation

An AAI/Mobility Strategy?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. An AAI/Mobility Strategy? Claudio Allocchio VP Technical Programme TF-AACE - Malaga, 20 Nov 2003 TF-AACE, Malaga 20 Nov 2003

  2. TF-AACE • Coordinates the deployment of Authentication, Authorisation and other security services among European NRENs and liaise with Internet2 Middleware initiative and Global Grid Forum. Work items include: • Defining interoperability requirements for European academic PKIs, including guidelines for PKI deployment at NRENs, online questionnaire • Defining common requirements for inter-institutional authentication and authorisation, providing a framework for harmonising NREN initiatives • Investigate existing initiatives on common identity on the Internet (e.g. Microsoft Passport, Liberty Alliance, etc.) TF-AACE, Malaga 20 Nov 2003

  3. TF-Mobility • Define and test an inter-NREN roaming architecture, evaluate mobile equipment and software as well as next generation mobile technology for handovers and roaming. Work items include: • Glossary of terms • Study available AuthN & AuthZ techniques • Web-based, RADIUS+802.1x, VPNs • Study support of next generation equipment for MobileIP (v4 and v6) • Set up a testbed for inter-NREN AuthN & AuthZ • Liaise with TF-AACE and TF-NGN TF-AACE, Malaga 20 Nov 2003

  4. GRID Impacts TF-AACE, Malaga 20 Nov 2003

  5. Middleware Challenges • Interoperability GRID tools and campus software-> same functionality for VO and campus • AuthN locally, authZ assertion securely transferred • Schema definitions! • Building of trust (infra)structures • Supported by PKI? TF-AACE, Malaga 20 Nov 2003

  6. AA - Do we have a problem? • It seems we need to do something… • many single scope AAIs • People with many "profiles": • Member of organisation "X" • GRID user for VO "Y" • "wallets" full of keys/certificates? TF-AACE, Malaga 20 Nov 2003

  7. AA - Do we have an Infrastructure? • A single structured approach… • It still does not fly • Federations… • Might be a solution, work in progress • Web of trust • Still very fractioned TF-AACE, Malaga 20 Nov 2003

  8. MiddlewareThe AA Puzzle TF-AACE, Malaga 20 Nov 2003

  9. Certificates Hosting at TERENA • Defining a process to gather the root-CA-certificates of the NRENs (policy) • Verifying the European NREN root-CA-certificates (policy) • Allowing to publish them as a public, downloadable and importable trusted file (PKCS#7/12) • TERENA hosts the file TF-AACE, Malaga 20 Nov 2003

  10. GN2 - JRA5UBIQUITY (MOBILITY) AND ROAMING ACCESS TO SERVICES • develop and deploy interoperable Authentication and Authorisation infrastructures (AAI) and services; • extend existing systems aiming for interoperability; • involving the international, national and local organisations; • build on results of TF-AACE and TF-Mobility TF-AACE, Malaga 20 Nov 2003

  11. JRA5 Partners • ARNES, CARnet, CESnet, Dante, DFN, FCCN, GRnet, HEAnet, Hungarnet, ISTF (.bg), NORDUnet, Rediris, RESTENA, SUnet, SURFnet, SWITCH, UKERNA, ULAKBIM, UoMalta TF-AACE, Malaga 20 Nov 2003

  12. JRA5 Launch Workshop? • it is a good idea? • When ? Nov 2004? • Scope? • Forming a programme committee? • In which formal relation with JRA5 members • Relationship with MACE? TF-AACE, Malaga 20 Nov 2003

  13. GN2 - JRA5Milestones • Definition of the requirements of the inter-NREN network roaming solution • Definition of the requirements for the federated AAI model for access to services • Design of a federated AAI model for access to services • Design of an integrated single sign-on system • Design of a seamless roaming solution • Design of an European infrastructure for instant messaging and presence • Creation of a test bed using different access technologies • Creation of a test bed for seamless roaming • Test bed for dynamic content adaptation • Creation of a test bed for the federated AAI model for access to services • … plan for the next two years… TF-AACE, Malaga 20 Nov 2003

  14. Questions? TF-AACE, Malaga 20 Nov 2003

More Related