Difference between revisions of "VT Federated Identity Providers Assessment"

From EGIWiki
Jump to: navigation, search
(Added pointer to response from Switzerland)
 
(20 intermediate revisions by 5 users not shown)
Line 1: Line 1:
 +
{{EGI_Activity_groups_menubar}}
 +
{{Menubar_VT}}
 +
{{TOC_right}} 
 +
[[Category:Virtual_Teams]]
 +
 
{{VirtualTeamProject |  
 
{{VirtualTeamProject |  
VTP_Leader = Daniel Kouril (CESNET) |
+
VTP_Leader = Daniel Kouril (CESNET), Gergely Sipos (EGI.eu) |
 
VTP_ML = vt-egi-federated-identity@mailman.egi.eu |
 
VTP_ML = vt-egi-federated-identity@mailman.egi.eu |
VTP_Status = Active |
+
VTP_Status = FINISHED|
 
VTP_StartDate = 10/Nov/2011 |
 
VTP_StartDate = 10/Nov/2011 |
VTP_EndDate = When its goal is achiveved, but not later than 30/Apr/2012  |  
+
VTP_EndDate = 12/Jul/2012  |  
 
VTP_Motivation =   
 
VTP_Motivation =   
 
Federated identity services could significantly simplify access to the infrastructure. Introducing federated identity mechanisms in EGI is a requirement from many communities.  
 
Federated identity services could significantly simplify access to the infrastructure. Introducing federated identity mechanisms in EGI is a requirement from many communities.  
Line 13: Line 18:
 
|
 
|
 
VTP_Output =  
 
VTP_Output =  
The expected output of this project '''is a report''' on the current coverage of NGIs with federated identity provision services and recommendation on mechanisms to increase the federated identity providers coverage within EGI. The report can be used by both NGIs and EGI.eu outside of this VT to increase the coverage or to initiate other types of related actions.  
+
The output of this project is ''[https://documents.egi.eu/document/1178 a report]'' about the coverage of participating NGIs with federated identity provision services and about recommendation on mechanisms to increase the federated identity providers coverage within EGI.
 +
The report covers the broader context: It provides an overview of the various approaches that are currently used within the European Grid Infrastructure to authenticate users. X509 certificates, Terena certificates, limited certificates, robot certificates and identity federation based login mechanisms are introduced and reviewed. The report also provides an analysis of these solutions based on the main criteria that EGI has for an authentication infrastructure before considering it for wider adoption. An action plan that could lead the EGI community to a wide and harmonised adoption of federated identity solutions within the infrastructure is covered by the last part of the report. The report can be used by both NGIs and EGI.eu outside of this VT to increase the coverage or to initiate other types of related actions.  
 +
 
 +
'''Report: Authentication solutions in the European Grid Infrastructure - [https://documents.egi.eu/document/1178 https://documents.egi.eu/document/1178]'''
 
|  
 
|  
 
VTP_Tasks =   
 
VTP_Tasks =   
Line 24: Line 32:
 
* Fill in the [[Task 1: Questionnaire about TCS|questionnaire]] (all participating NGIs)
 
* Fill in the [[Task 1: Questionnaire about TCS|questionnaire]] (all participating NGIs)
 
* Completed questionnaires:
 
* Completed questionnaires:
** [[Task 1:Ireland|Ireland]], [[Task 1:Czech Republic|Czech Republic]], [[Task 1:France|France]], [[Task 1:Switzerland|Switzerland]], ''[[Task 1:template|template]]''
+
** [[Task 1:Ireland|Ireland]], [[Task 1:Czech Republic|Czech Republic]], [[Task 1:France|France]], [[Task 1:Switzerland|Switzerland]], [[Task 1:Italy|Italy]], ''[[Task 1:template|template]]''
 +
 
 +
=== Task 2: Analyse survey responses, document findings ===
 +
 
 
|
 
|
 
VTP_Team =
 
VTP_Team =
Line 35: Line 46:
 
** Germany: Torsten Antoni
 
** Germany: Torsten Antoni
 
** Switzerland: Simon Leinen
 
** Switzerland: Simon Leinen
 +
** Taiwan: Eric Yen, Vicky Huang
 
* EGI.eu:  
 
* EGI.eu:  
 
** Gergely Sipos
 
** Gergely Sipos
Line 45: Line 57:
 
* EduGAIN: "Federation of the federations": http://www.geant.net/service/edugain/pages/home.aspx
 
* EduGAIN: "Federation of the federations": http://www.geant.net/service/edugain/pages/home.aspx
 
* Moonshot: Passing identity federations into the non-web world: http://www.project-moonshot.org/
 
* Moonshot: Passing identity federations into the non-web world: http://www.project-moonshot.org/
}}
+
|
 +
VTP_Progress =
 +
* Task 1 (DONE): Assess the coverage of Terena Certificate Providers in NGIs
 +
* Task 2 (DONE): Analyse survey responses, document findings
 +
}}

Latest revision as of 10:13, 20 June 2015

EGI Activity groups Special Interest groups Policy groups Virtual teams Distributed Competence Centres


EGI Virtual teams: Main Active Projects Closed Projects Guidelines

General Project Information

  • Leader: Daniel Kouril (CESNET), Gergely Sipos (EGI.eu)
  • Mailing List: vt-egi-federated-identity@mailman.egi.eu
  • Status: FINISHED
  • Start Date: 10/Nov/2011
  • End Date: 12/Jul/2012
  • Meetings: 12/12/2011 - Kick-off meeting

Motivation

Federated identity services could significantly simplify access to the infrastructure. Introducing federated identity mechanisms in EGI is a requirement from many communities. This VT project would take a step towards this direction, by assessing the readiness of the NGIs in adopting some type of federated identity provision mechanism for accessing services (e.g. Terena Certificate Services). Several NGIs have done developments towards this direction.

Output

The output of this project is a report about the coverage of participating NGIs with federated identity provision services and about recommendation on mechanisms to increase the federated identity providers coverage within EGI. The report covers the broader context: It provides an overview of the various approaches that are currently used within the European Grid Infrastructure to authenticate users. X509 certificates, Terena certificates, limited certificates, robot certificates and identity federation based login mechanisms are introduced and reviewed. The report also provides an analysis of these solutions based on the main criteria that EGI has for an authentication infrastructure before considering it for wider adoption. An action plan that could lead the EGI community to a wide and harmonised adoption of federated identity solutions within the infrastructure is covered by the last part of the report. The report can be used by both NGIs and EGI.eu outside of this VT to increase the coverage or to initiate other types of related actions.

Report: Authentication solutions in the European Grid Infrastructure - https://documents.egi.eu/document/1178

Tasks

Task 1: Assess the coverage of Terena Certificate Providers in NGIs

  • Check whether the key institutes form the NGIs are connected to the TCS
  • Check whether the NGIs have process to add institutes to TCS and what the process look like
  • Collect info about other types of services similar to TCS that NGIs already use

Actions

Task 2: Analyse survey responses, document findings

Members

  • NGIs:
    • Czech Republic: Daniel Kouril (Leader), Michal Prochazka
    • France: Genevieve Romier
    • Greece: Kostas Koumantaros, Christos Kanelopoulos
    • Ireland: David O'Callaghan
    • Italy: Marco Bencivenni, Enrico Fattibene, Daniele Cesini, Roberto Barbera, Marco Fargetta
    • Germany: Torsten Antoni
    • Switzerland: Simon Leinen
    • Taiwan: Eric Yen, Vicky Huang
  • EGI.eu:
    • Gergely Sipos

Resources

Progress

  • Task 1 (DONE): Assess the coverage of Terena Certificate Providers in NGIs
  • Task 2 (DONE): Analyse survey responses, document findings