Federated identity system for scientific collaborations
IT Auditorium (CERN)
The goal is to explore the requirements for federated identity management across the different disciplines, compare the functionality, operational constraints and state of deployment of current technologies, and formulate a roadmap for how we could establish such a service in the future.
Federated identity from the user community point of view. Here different scientific user communities will present their needs & expectations, current usage and future directions.
European photon/neutron facilities
Heinz J Weyer
CLARIN and the humanities
The CLARIN project is one of the five Humanities Research Infrastructures on the ESFRI roadmap. In the preparatory phase solutions for AAI requirements were researched and implemented and are now used within the national CLARIN initiatives that have begun and are starting in the Netherlands, Germany, Denmark, Finland and several other European countries. A new European project "DASISH" is being started and will unite all the ESFRI Humanities RI projects in building a common AAI infrastructure based on experiences of CLARIN and the other project's preparatory phase findings
Earth Science (Climate)
Life Science (ELIXIR)
Services offered by major e-infrastructure providers. International infrastructures offer a number of services related to federated identity management. Presentations from these e-infrastructures will outline these services and forthcoming developments.
Identity Management in Open Science Grid: Challenges, Needs, and Future Directions
Since 2004, the High-Performance Computing (HPC) community has organized
itself in Europe through two major EU funded projects : DEISA (Distributed
European Infrastructure for Supercomputing Applications, 2004-20011) and
PRACE (Partnership for Advanced Computing in Europe) which started in 2008.
The HPC ecosystem has been consolidated with the definition of a “pyramidal
model” which clarifies the relations between the different actors. This work
led to the creation in 2010 of PRACE-RI, a persistent pan-European
infrastructure with its headquarter seated in Brussels and established as a
non-profit association of European government representative organizations
responsible for HPC.
Identity management has always been considered as a critical activity and it
has been a constant goal to maintain a robust solution both secured and not
discouraging for the end users. For this reason, technical teams have done
their best to design and implement a robust and easy-to-use solution. The
trust model adopted is based on X509 certificates and uses when possible the
Single Sign-On (SSO) approach. A fine grained authorization system as well
as a distributed accounting database are also included.
Even if the current model is fully operational, PRACE is investigating how it
could evolve to integrate identity federation solutions. The main reason
motivating this approach is a strong wish to enable interoperability with
other international projects. Therefore, PRACE follows closely as part of its
technology evaluation program the efforts carried out in this field. Following open standards based solutions is essential to reach interoperability, however there are also other criteria that must not be forgotten such as the identification of trustful credential providers, common
understanding of the meaning of attributes and the compliance of
applications with the solutions.
CILogon: Federated Access to US CyberInfrastructure
Terena Certificate Service
John White White
(Helsinki Institute of Physics HIP)
Policy and security aspects. Interventions addressing questions such as which communities, individuals and institutes should be seen as part of the federated identity management system, what is the decision making process for inclusion/exclusion, legal aspects, interoperability with commercial identity providers and social networking tools.
International Grid Trust Federation
(SURFnet), Van Wijnen
UK Access Management Federation
SWITCHaai: The Identity Federation of the Swiss Higher Education Sector
(Eidgenossische Technische Hochschule Zurich/ETH (ETH))
CERN’s experience with federated Single Sign On
towards a roadmap for a federated identity management system
Towards a roadmap for a federated identity management system. Panel discussion focussed on proposing a set of steps that could lead to convergence on a federated identity management system for scientific collaborations
Panel chaired by Stefan Lueders with Mike Helm, Dave Kelsey, Alan Sill and others
chair: Stefan Lueders
(Texas Tech University), DrDavid Kelsey
(RAL), Mike Helm
(Science Identity Federation), Other panelists TBC, DrStefan Lueders