VT Federated Identity Providers Assessment

From EGIWiki
Jump to: navigation, search
EGI Activity groups Special Interest groups Policy groups Virtual teams Distributed Competence Centres


EGI Virtual teams: Main Active Projects Closed Projects Guidelines

General Project Information

  • Leader: Daniel Kouril (CESNET), Gergely Sipos (EGI.eu)
  • Mailing List: vt-egi-federated-identity@mailman.egi.eu
  • Status: FINISHED
  • Start Date: 10/Nov/2011
  • End Date: 12/Jul/2012
  • Meetings: 12/12/2011 - Kick-off meeting

Motivation

Federated identity services could significantly simplify access to the infrastructure. Introducing federated identity mechanisms in EGI is a requirement from many communities. This VT project would take a step towards this direction, by assessing the readiness of the NGIs in adopting some type of federated identity provision mechanism for accessing services (e.g. Terena Certificate Services). Several NGIs have done developments towards this direction.

Output

The output of this project is a report about the coverage of participating NGIs with federated identity provision services and about recommendation on mechanisms to increase the federated identity providers coverage within EGI. The report covers the broader context: It provides an overview of the various approaches that are currently used within the European Grid Infrastructure to authenticate users. X509 certificates, Terena certificates, limited certificates, robot certificates and identity federation based login mechanisms are introduced and reviewed. The report also provides an analysis of these solutions based on the main criteria that EGI has for an authentication infrastructure before considering it for wider adoption. An action plan that could lead the EGI community to a wide and harmonised adoption of federated identity solutions within the infrastructure is covered by the last part of the report. The report can be used by both NGIs and EGI.eu outside of this VT to increase the coverage or to initiate other types of related actions.

Report: Authentication solutions in the European Grid Infrastructure - https://documents.egi.eu/document/1178

Tasks

Task 1: Assess the coverage of Terena Certificate Providers in NGIs

  • Check whether the key institutes form the NGIs are connected to the TCS
  • Check whether the NGIs have process to add institutes to TCS and what the process look like
  • Collect info about other types of services similar to TCS that NGIs already use

Actions

Task 2: Analyse survey responses, document findings

Members

  • NGIs:
    • Czech Republic: Daniel Kouril (Leader), Michal Prochazka
    • France: Genevieve Romier
    • Greece: Kostas Koumantaros, Christos Kanelopoulos
    • Ireland: David O'Callaghan
    • Italy: Marco Bencivenni, Enrico Fattibene, Daniele Cesini, Roberto Barbera, Marco Fargetta
    • Germany: Torsten Antoni
    • Switzerland: Simon Leinen
    • Taiwan: Eric Yen, Vicky Huang
  • EGI.eu:
    • Gergely Sipos

Resources

Progress

  • Task 1 (DONE): Assess the coverage of Terena Certificate Providers in NGIs
  • Task 2 (DONE): Analyse survey responses, document findings