Difference between revisions of "VT Federated Identity Providers Assessment"
(49 intermediate revisions by 11 users not shown) | |||
Line 1: | Line 1: | ||
{{EGI_Activity_groups_menubar}} | |||
{{Menubar_VT}} | |||
{{TOC_right}} | |||
[[Category:Virtual_Teams]] | |||
{{VirtualTeamProject | | {{VirtualTeamProject | | ||
VTP_Leader = | VTP_Leader = Daniel Kouril (CESNET), Gergely Sipos (EGI.eu) | | ||
VTP_ML = vt-egi-federated-identity@mailman.egi.eu | | VTP_ML = vt-egi-federated-identity@mailman.egi.eu | | ||
VTP_Status = | VTP_Status = FINISHED| | ||
VTP_StartDate = 10/Nov/2011 | | VTP_StartDate = 10/Nov/2011 | | ||
VTP_EndDate = | VTP_EndDate = 12/Jul/2012 | | ||
VTP_Motivation = | VTP_Motivation = | ||
Federated identity services could significantly simplify access to the infrastructure. Introducing federated identity mechanisms in EGI is a requirement from many communities. | Federated identity services could significantly simplify access to the infrastructure. Introducing federated identity mechanisms in EGI is a requirement from many communities. | ||
This VT project would take a step towards this direction, by assessing the readiness of the NGIs in adopting some type of federated identity provision mechanism for accessing services (e.g. Terena Certificate Services). Several NGIs have done developments towards this direction. | This VT project would take a step towards this direction, by assessing the readiness of the NGIs in adopting some type of federated identity provision mechanism for accessing services (e.g. Terena Certificate Services). Several NGIs have done developments towards this direction. | ||
| | |||
VTP_Meetings = | |||
[[12/12/2011 - Kick-off meeting]] | |||
| | | | ||
VTP_Output = | VTP_Output = | ||
The | The output of this project is ''[https://documents.egi.eu/document/1178 a report]'' about the coverage of participating NGIs with federated identity provision services and about recommendation on mechanisms to increase the federated identity providers coverage within EGI. | ||
The report covers the broader context: It provides an overview of the various approaches that are currently used within the European Grid Infrastructure to authenticate users. X509 certificates, Terena certificates, limited certificates, robot certificates and identity federation based login mechanisms are introduced and reviewed. The report also provides an analysis of these solutions based on the main criteria that EGI has for an authentication infrastructure before considering it for wider adoption. An action plan that could lead the EGI community to a wide and harmonised adoption of federated identity solutions within the infrastructure is covered by the last part of the report. The report can be used by both NGIs and EGI.eu outside of this VT to increase the coverage or to initiate other types of related actions. | |||
'''Report: Authentication solutions in the European Grid Infrastructure - [https://documents.egi.eu/document/1178 https://documents.egi.eu/document/1178]''' | |||
| | | | ||
VTP_Tasks = | VTP_Tasks = | ||
=== Task 1: Assess the coverage of Terena Certificate Providers in NGIs === | |||
* Collect info about other types of | * Check whether the key institutes form the NGIs are connected to the TCS | ||
* Check whether the NGIs have process to add institutes to TCS and what the process look like | |||
* Collect info about other types of services similar to TCS that NGIs already use | |||
==== Actions ==== | |||
* Fill in the [[Task 1: Questionnaire about TCS|questionnaire]] (all participating NGIs) | |||
* Completed questionnaires: | |||
** [[Task 1:Ireland|Ireland]], [[Task 1:Czech Republic|Czech Republic]], [[Task 1:France|France]], [[Task 1:Switzerland|Switzerland]], [[Task 1:Italy|Italy]], ''[[Task 1:template|template]]'' | |||
=== Task 2: Analyse survey responses, document findings === | |||
| | | | ||
VTP_Team = | VTP_Team = | ||
* NGIs: | * NGIs: | ||
** Czech Republic: | ** Czech Republic: Daniel Kouril (Leader), Michal Prochazka | ||
** France: Genevieve Romier | ** France: Genevieve Romier | ||
** Greece: Kostas Koumantaros, Christos Kanelopoulos | ** Greece: Kostas Koumantaros, Christos Kanelopoulos | ||
** Italy: Daniele Cesini | ** Ireland: David O'Callaghan | ||
** Italy: Marco Bencivenni, Enrico Fattibene, Daniele Cesini, Roberto Barbera, Marco Fargetta | |||
** Germany: Torsten Antoni | |||
** Switzerland: Simon Leinen | |||
** Taiwan: Eric Yen, Vicky Huang | |||
* EGI.eu: | * EGI.eu: | ||
** Gergely Sipos | ** Gergely Sipos | ||
| | | | ||
VTP_Resources = | VTP_Resources = | ||
List of TERENA certificate providers: http://www.terena.org/activities/tcs/participants.html | * List of TERENA certificate providers: http://www.terena.org/activities/tcs/participants.html | ||
}} | * Federated web services: http://atlases.muni.cz | ||
* Mechanism to release a x509 certificate in a user-transparent way from an online CA: http://wiki.italiangrid.it/twiki/pub/UserSupport/NGIITGeneralPurposePortal/Whitepaper-portal-CAonline-interaction.pdf | |||
* Edugate: Federation of Irish Higher Education Institutions and Research Organisations: http://www.edugate.ie/ | |||
* EduGAIN: "Federation of the federations": http://www.geant.net/service/edugain/pages/home.aspx | |||
* Moonshot: Passing identity federations into the non-web world: http://www.project-moonshot.org/ | |||
| | |||
VTP_Progress = | |||
* Task 1 (DONE): Assess the coverage of Terena Certificate Providers in NGIs | |||
* Task 2 (DONE): Analyse survey responses, document findings | |||
}} |
Latest revision as of 10:13, 20 June 2015
EGI Activity groups | Special Interest groups | Policy groups | Virtual teams | Distributed Competence Centres |
EGI Virtual teams: | Main • | Active Projects • | Closed Projects • | Guidelines |
General Project Information
- Leader: Daniel Kouril (CESNET), Gergely Sipos (EGI.eu)
- Mailing List: vt-egi-federated-identity@mailman.egi.eu
- Status: FINISHED
- Start Date: 10/Nov/2011
- End Date: 12/Jul/2012
- Meetings: 12/12/2011 - Kick-off meeting
Motivation
Federated identity services could significantly simplify access to the infrastructure. Introducing federated identity mechanisms in EGI is a requirement from many communities. This VT project would take a step towards this direction, by assessing the readiness of the NGIs in adopting some type of federated identity provision mechanism for accessing services (e.g. Terena Certificate Services). Several NGIs have done developments towards this direction.
Output
The output of this project is a report about the coverage of participating NGIs with federated identity provision services and about recommendation on mechanisms to increase the federated identity providers coverage within EGI. The report covers the broader context: It provides an overview of the various approaches that are currently used within the European Grid Infrastructure to authenticate users. X509 certificates, Terena certificates, limited certificates, robot certificates and identity federation based login mechanisms are introduced and reviewed. The report also provides an analysis of these solutions based on the main criteria that EGI has for an authentication infrastructure before considering it for wider adoption. An action plan that could lead the EGI community to a wide and harmonised adoption of federated identity solutions within the infrastructure is covered by the last part of the report. The report can be used by both NGIs and EGI.eu outside of this VT to increase the coverage or to initiate other types of related actions.
Report: Authentication solutions in the European Grid Infrastructure - https://documents.egi.eu/document/1178
Tasks
Task 1: Assess the coverage of Terena Certificate Providers in NGIs
- Check whether the key institutes form the NGIs are connected to the TCS
- Check whether the NGIs have process to add institutes to TCS and what the process look like
- Collect info about other types of services similar to TCS that NGIs already use
Actions
- Fill in the questionnaire (all participating NGIs)
- Completed questionnaires:
Task 2: Analyse survey responses, document findings
Members
- NGIs:
- Czech Republic: Daniel Kouril (Leader), Michal Prochazka
- France: Genevieve Romier
- Greece: Kostas Koumantaros, Christos Kanelopoulos
- Ireland: David O'Callaghan
- Italy: Marco Bencivenni, Enrico Fattibene, Daniele Cesini, Roberto Barbera, Marco Fargetta
- Germany: Torsten Antoni
- Switzerland: Simon Leinen
- Taiwan: Eric Yen, Vicky Huang
- EGI.eu:
- Gergely Sipos
Resources
- List of TERENA certificate providers: http://www.terena.org/activities/tcs/participants.html
- Federated web services: http://atlases.muni.cz
- Mechanism to release a x509 certificate in a user-transparent way from an online CA: http://wiki.italiangrid.it/twiki/pub/UserSupport/NGIITGeneralPurposePortal/Whitepaper-portal-CAonline-interaction.pdf
- Edugate: Federation of Irish Higher Education Institutions and Research Organisations: http://www.edugate.ie/
- EduGAIN: "Federation of the federations": http://www.geant.net/service/edugain/pages/home.aspx
- Moonshot: Passing identity federations into the non-web world: http://www.project-moonshot.org/
Progress
- Task 1 (DONE): Assess the coverage of Terena Certificate Providers in NGIs
- Task 2 (DONE): Analyse survey responses, document findings