Until recently, CERN had been considered eligible for academic pricing of Microsoft products. Now, along with many other research institutes, CERN has been disqualified from this educational programme and faces a 20 fold increase in license costs. CERN’s current Authentication and Authorisation Infrastructure comprises Microsoft services all the way down from the web Single-Sign-On to the Accounts Database. Replacing these core components is an opportunity to rebuild the CERN infrastructure using the latest technologies and concepts, to respond to the evolving requirements of the community. It is also the appropriate moment to consider the alignment of CERN and WLCG’s approach to identity management, to create a more consistent environment for operators, developers and users. 2019 will see the launch of an Alpha version of CERN’s next generation Authentication and Authorisation Infrastructure, focusing on free and open source products and responding to the limitations experienced by the current system. We will describe the new solution, demonstrate workflows and highlight ways in which this work is being, and can be, used by the wider community.
|Consider for promotion||No|