1 / 21

~60 staff Collaborators around the world

Internet2 COmanage enables global collaborations with identity management, group privileges, single sign-on, and federation services. Join the community to integrate with existing IT infrastructure and applications seamlessly.

lswitzer
Download Presentation

~60 staff Collaborators around the world

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Short description of Internet2 ~60 staff Collaborators around the world Supports communities of collaborators external to Internet2 Community uses wiki, mailing lists, instant messaging, voice conferencing services Doesn’t want to be in the identity issuance business for external collaborators Need to allow external + internal collaborators to use same service instances

  2. A Middleware Unified Field Theory Identity Management / Directories Privileges / Groups Single Sign-On / Federation Diagnostics Enterprise Integration from network to application Michael R Gettes Internet2 October 2007 An interpretation of the original MACE mission

  3. What do we want? Inter-Enterprise Workgroup Collaborations not sexy

  4. or Collaborative Organizations CO

  5. Identity Groups Privileges Federated Access

  6. and … Applications “It’s the App stupid!”

  7. Give COntrol To COmmunity Members

  8. Integrate with Existing COmmon IT Infrastructures in Higher Education

  9. Flexible Scalable Modular

  10. COmponents S H I B B O L E T H CO Identity Mgr Grouper Signet LDAP-PC LDAP Directory Applications & Network

  11. stop talking start walking demo COmanage.internet2.edu

  12. COmponents S H I B B O L E T H CO Identity Mgr Grouper Signet LDAP-PC LDAP Directory Applications & Network

  13. Comanage … is only a demonstration of the CO model a CO fits within a service delivery strategy

  14. Application Management App Access to data is managed by LDAP (initially) Identity data can be distributed by any desired mechanism in the future. SQL databases, feeds, message bus technologies.

  15. Many COs on a single server (if you wanna do that) Grouper/Signet/LDAP-PC Application set Grouper/Signet/LDAP-PC Application set Grouper/Signet/LDAP-PC Application set Grouper/Signet/LDAP-PC Application set Grouper/Signet/LDAP-PC Application set Grouper/Signet/LDAP-PC Application set Grouper/Signet/LDAP-PC Grouper/Signet/LDAP-PC Grouper/Signet/LDAP-PC Identity Mgr LDAP

  16. No local identity issued for external users to access CO services big win! Example directory tree for CO environment O=University,c=US ou=People (this is where 50K fac/staff/stu might reside) ou=CO (external identities for CO go here) ou=Groups (a place to store groups for all) Applications pointed here for identities yields the union of internal and external

  17. Future… Begin addressing issues of “attribute eCOnomy” Protect CO by Identity Provider… can solve “IEEE problem”? My University User Web site wants to know: Are you a member of IEEE? IEEE-CO This org has membership data but does not manage identity - a CO with only external users. Home Identity Provider

  18. Diagnostics • Lifting up shib log files • and making EDDY deposits • Creating a unified and federated view of diag data • Network data: flows, snort, snmp • System stats: cpu, i/o, mem, etc… • Infrastructure: shib, ldap, authN, etc… • Application: http, confluence, sympa, calendar • etc, etc, etc… • http://web.cmu.edu/eddy

  19. Network Layer? Why not? Integrate with Grids? Why not? Addresses VO scenarios? Why not?

  20. VO? CO VO

  21. Make your opinion known… Should Internet2 use COmanage for service delivery? Rick Summerhill rrsum@internet2.edu Cheryl Fremon cmfremon@internet2.edu and kjk@internet2.edu and gettes@internet2.edu

More Related