SlideShare une entreprise Scribd logo

CILogon 2.0 at Oct 2017 CICI PI meeting

J
jbasney

CILogon 2.0 project update at Oct 2017 CICI PI meeting

Technologie
1  sur  17
Télécharger pour lire hors ligne
CILogon www.cilogon.org
Jim Basney jbasney@ncsa.illinois.edu CILogon 2.0 This material is based upon work supported by the National Science Foundation under grant number 1547268. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the United States Government or any agency thereof.
CILogon www.cilogon.org CILogon 2.0 Project ❏ 3 year NSF CICI award ❏ January 2016 - December 2018 ❏ Provide an integrated open source Identity and Access Management (IdAM) platform for cyberinfrastructure ❏ CILogon: federated identity management ❏ COmanage: collaborative organization management ❏ Support international collaborations
CILogon www.cilogon.org CILogon 2.0 Team Members ❏ Jim Basney ❏ Terry Fleury ❏ Jeff Gaynor ❏ Venkat Yekkirala ❏ Heather Flanagan ❏ Scott Koranda ❏ Benn Oshrin ❏ Arlen Johnson
CILogon www.cilogon.org Science Partners ❏ NANOGrav Physics Frontiers Center ❏ Laser Interferometer Gravitational-Wave Observatory (LIGO) ❏ Data Observation Network for Earth (DataONE)
CILogon www.cilogon.org Cyberinfrastructure Partners ❏ Operational support ❏ Integration platform ❏ International use cases ❏ Support for European identities ❏ Using eduGAIN
CILogon www.cilogon.org CILogon in Europe ❏ Supporting international research collaborations ❏ Int’l IdP support at cilogon.org via InCommon’s eduGAIN membership ❏ Depends on int’l R&S and SIRTFI adoption ❏ European CILogon instance ❏ Addresses EU attribute release policies ❏ IGTF accredited CA: https://rcauth.eu/
CILogon www.cilogon.org SAML SP OIDC Provider X.509 CA HSM OIDC SP MFA (OATH) LDAP COmanage Identities MFA Tokens SSH Keys Groups Attributes SAML AA User Registry Interface eduGAIN IdP Google IdP Science App OAuth SP ORCID Science App Science App Science App InCommon IdP Logical Component View
CILogon www.cilogon.org SAML to OpenID Connect (OIDC) Proxy ❏ Supporting e-Science clients ❏ Review & approval by CILogon staff ❏ User consent based on requested scopes ❏ openid, profile, email ❏ org.cilogon.userinfo (eppn, affiliation) ❏ edu.uiuc.ncsa.myproxy.getcert (to allow X.509 certificate issuance) ❏ VO attributes www.cilogon.org/oidc
CILogon www.cilogon.org CILogon User Consent
CILogon www.cilogon.org Managing Virtual Organizations ❏ enrollment flows ❏ expiration policies ❏ delegated group management ❏ attribute mapping ❏ application registration ❏ plug-ins and pipelines
CILogon www.cilogon.org Bridging Campus and VO IAM ❏ CILogon passes campus/VO attributes to the e-Science SP ❏ Always requiring user consent ❏ Attribute scopes approved per-client ❏ COmanage displays terms and conditions during VO enrollment ❏ VO attribute release policy applied per client
CILogon www.cilogon.org CILogon 2.0: Status ❏ Successes so far ❏ OpenID Connect (OIDC) support ❏ International interoperability ❏ COmanage integration ❏ ORCID integration ❏ Use with Globus, JupyterHub, Kubernetes, and SciGaP ❏ Challenges ❏ Interoperability with campus IdPs
CILogon www.cilogon.org Enabling Access from Campus ❏ Operate an InCommon IdP https://incommon.org/federation/info/all-entities ❏ Meet InCommon's Baseline Expectations https://spaces.internet2.edu/display/BE ❏ Support REFEDS R&S https://incommon.org/federation/info/all-entity-categories ❏ Support SIRTFI https://incommon.org/federation/info/all-idps-certified https://cilogon.org/testidp
CILogon www.cilogon.org ATLAS Connect Brandeis Clemson CyberGIS CERN CMS Connect DataONE DOE KBase Duke CI Connect Fermilab Globus Indiana University LIGO LRZ MIT NANOGrav (Pilot) Northwestern Notre Dame OOI OSC OnDemand OSG Connect SciGaP SeedMe SWAMP UNL XSEDE ... and more CILogon-enabled Sites
CILogon www.cilogon.org
CILogon www.cilogon.org Want to work with us? ❏ Research projects with collaborators across multiple institutions ❏ Using federated identity ❏ Managing group memberships and application authorization ❏ OAuth, OpenID Connect, SAML, LDAP, SSH, X.509 ❏ Outsourcing IAM services ❏ Consistent with InCommon Research & Scholarship definition jbasney@ncsa.illinois.edu info@cilogon.org

Recommandé

CILogon 2.0 at 2016 Internet2 Global Summit
CILogon 2.0 at 2016 Internet2 Global SummitCILogon 2.0 at 2016 Internet2 Global Summit
CILogon 2.0 at 2016 Internet2 Global Summitjbasney
 
CILogon 2.0 at REFEDS 30
CILogon 2.0 at REFEDS 30CILogon 2.0 at REFEDS 30
CILogon 2.0 at REFEDS 30jbasney
 
CILogon PEARC17
CILogon PEARC17CILogon PEARC17
CILogon PEARC17jbasney
 
CILogon 2.0 - IAM Online Webinar Series
CILogon 2.0 - IAM Online Webinar SeriesCILogon 2.0 - IAM Online Webinar Series
CILogon 2.0 - IAM Online Webinar Seriesjbasney
 
CILogon 2.0 MAGIC SC16
CILogon 2.0 MAGIC SC16CILogon 2.0 MAGIC SC16
CILogon 2.0 MAGIC SC16jbasney
 
CILogon and InCommon: Technical Update
CILogon and InCommon: Technical UpdateCILogon and InCommon: Technical Update
CILogon and InCommon: Technical Updatejbasney
 
Trusting External Identity Providers for Global Research Collaborations
Trusting External Identity Providers for Global Research CollaborationsTrusting External Identity Providers for Global Research Collaborations
Trusting External Identity Providers for Global Research Collaborationsjbasney
 
Key Takeaways from Instructure's Successful Bug Bounty Program
Key Takeaways from Instructure's Successful Bug Bounty ProgramKey Takeaways from Instructure's Successful Bug Bounty Program
Key Takeaways from Instructure's Successful Bug Bounty Programbugcrowd
 

Recommandé

CILogon 2.0 at 2016 Internet2 Global Summit
CILogon 2.0 at 2016 Internet2 Global SummitCILogon 2.0 at 2016 Internet2 Global Summit
CILogon 2.0 at 2016 Internet2 Global Summitjbasney
 
CILogon 2.0 at REFEDS 30
CILogon 2.0 at REFEDS 30CILogon 2.0 at REFEDS 30
CILogon 2.0 at REFEDS 30jbasney
 
CILogon PEARC17
CILogon PEARC17CILogon PEARC17
CILogon PEARC17jbasney
 
CILogon 2.0 - IAM Online Webinar Series
CILogon 2.0 - IAM Online Webinar SeriesCILogon 2.0 - IAM Online Webinar Series
CILogon 2.0 - IAM Online Webinar Seriesjbasney
 
CILogon 2.0 MAGIC SC16
CILogon 2.0 MAGIC SC16CILogon 2.0 MAGIC SC16
CILogon 2.0 MAGIC SC16jbasney
 
CILogon and InCommon: Technical Update
CILogon and InCommon: Technical UpdateCILogon and InCommon: Technical Update
CILogon and InCommon: Technical Updatejbasney
 
Trusting External Identity Providers for Global Research Collaborations
Trusting External Identity Providers for Global Research CollaborationsTrusting External Identity Providers for Global Research Collaborations
Trusting External Identity Providers for Global Research Collaborationsjbasney
 
Key Takeaways from Instructure's Successful Bug Bounty Program
Key Takeaways from Instructure's Successful Bug Bounty ProgramKey Takeaways from Instructure's Successful Bug Bounty Program
Key Takeaways from Instructure's Successful Bug Bounty Programbugcrowd
 
How Librarians Turn Intelligence Skills into Industry Insight
How Librarians Turn Intelligence Skills into Industry InsightHow Librarians Turn Intelligence Skills into Industry Insight
How Librarians Turn Intelligence Skills into Industry InsightIntelCollab.com
 
About GlyGen slides
About GlyGen slidesAbout GlyGen slides
About GlyGen slidesGlyGen
 
CGSpace and PRMS Information Session
CGSpace and PRMS Information SessionCGSpace and PRMS Information Session
CGSpace and PRMS Information SessionILRI
 
The Cancer Genomics Cloud (CGC) pilots - an Introduction
The Cancer Genomics Cloud (CGC) pilots - an IntroductionThe Cancer Genomics Cloud (CGC) pilots - an Introduction
The Cancer Genomics Cloud (CGC) pilots - an IntroductionSteve Tsang
 
Scott Edmunds flashtalk slides from Beyond the PDF2
Scott Edmunds flashtalk slides from Beyond the PDF2Scott Edmunds flashtalk slides from Beyond the PDF2
Scott Edmunds flashtalk slides from Beyond the PDF2GigaScience, BGI Hong Kong
 
20130821 Mozilla Badges OpenCall with Accreditrust
20130821 Mozilla Badges OpenCall with Accreditrust20130821 Mozilla Badges OpenCall with Accreditrust
20130821 Mozilla Badges OpenCall with AccreditrustEric Korb
 
Blockchain Enabled Crowd Economy
Blockchain Enabled Crowd Economy Blockchain Enabled Crowd Economy
Blockchain Enabled Crowd Economy Crowdsourcing Week
 
SGCI OAC webinar 4 18-19
SGCI OAC webinar 4 18-19SGCI OAC webinar 4 18-19
SGCI OAC webinar 4 18-19Nancy Wilkins-Diehr
 
CILogon 2.0 Update at TechEx 2016
CILogon 2.0 Update at TechEx 2016CILogon 2.0 Update at TechEx 2016
CILogon 2.0 Update at TechEx 2016jbasney
 
BLC & Digital Science: Mark Hahnel, Figshare
BLC & Digital Science: Mark Hahnel, FigshareBLC & Digital Science: Mark Hahnel, Figshare
BLC & Digital Science: Mark Hahnel, FigshareBoston Library Consortium, Inc.
 
CIC Presentation July2011
CIC Presentation July2011CIC Presentation July2011
CIC Presentation July2011CICRose
 
Trust and identity in the Géant project - Networkshop44
Trust and identity in the Géant project - Networkshop44Trust and identity in the Géant project - Networkshop44
Trust and identity in the Géant project - Networkshop44Jisc
 
GENI Engineering Conference -- Ian Foster
GENI Engineering Conference -- Ian FosterGENI Engineering Conference -- Ian Foster
GENI Engineering Conference -- Ian FosterIan Foster
 
Privacy Gaps in Mediated Library Services: Presentation at NERCOMP2019
Privacy Gaps in Mediated Library Services: Presentation at NERCOMP2019Privacy Gaps in Mediated Library Services: Presentation at NERCOMP2019
Privacy Gaps in Mediated Library Services: Presentation at NERCOMP2019Micah Altman
 
Presentation
PresentationPresentation
PresentationShanaaz Deo
 
Barcelona 2014: CrossRef CrossMark and FundRef by Kirsty Meddings
Barcelona 2014: CrossRef CrossMark and FundRef by Kirsty MeddingsBarcelona 2014: CrossRef CrossMark and FundRef by Kirsty Meddings
Barcelona 2014: CrossRef CrossMark and FundRef by Kirsty MeddingsCrossref
 
A Decision Model for Choosing Patterns in Blockchain-based Applications
A Decision Model for Choosing Patterns in Blockchain-based ApplicationsA Decision Model for Choosing Patterns in Blockchain-based Applications
A Decision Model for Choosing Patterns in Blockchain-based ApplicationsDilum Bandara
 
STI 2022 - Generating large-scale network analyses of scientific landscapes i...
STI 2022 - Generating large-scale network analyses of scientific landscapes i...STI 2022 - Generating large-scale network analyses of scientific landscapes i...
STI 2022 - Generating large-scale network analyses of scientific landscapes i...Michele Pasin
 
Cyber security privacy-and-blockchain-perspective-14 nov2018-v01-public
Cyber security privacy-and-blockchain-perspective-14 nov2018-v01-publicCyber security privacy-and-blockchain-perspective-14 nov2018-v01-public
Cyber security privacy-and-blockchain-perspective-14 nov2018-v01-publicSecunoid Systems Inc
 
Pmd prospective students 2.22.2222
Pmd prospective students 2.22.2222Pmd prospective students 2.22.2222
Pmd prospective students 2.22.2222KevinAlt1
 
Guidance and Survey Results from the Trustworthy Data Working Group
Guidance and Survey Results from the Trustworthy Data Working GroupGuidance and Survey Results from the Trustworthy Data Working Group
Guidance and Survey Results from the Trustworthy Data Working Groupjbasney
 
Federated Identity Needs for the Large Synoptic Survey Telescope (LSST)
Federated Identity Needs for the Large Synoptic Survey Telescope (LSST)Federated Identity Needs for the Large Synoptic Survey Telescope (LSST)
Federated Identity Needs for the Large Synoptic Survey Telescope (LSST)jbasney
 

Contenu connexe

Similaire à CILogon 2.0 at Oct 2017 CICI PI meeting

How Librarians Turn Intelligence Skills into Industry Insight
How Librarians Turn Intelligence Skills into Industry InsightHow Librarians Turn Intelligence Skills into Industry Insight
How Librarians Turn Intelligence Skills into Industry InsightIntelCollab.com
 
About GlyGen slides
About GlyGen slidesAbout GlyGen slides
About GlyGen slidesGlyGen
 
CGSpace and PRMS Information Session
CGSpace and PRMS Information SessionCGSpace and PRMS Information Session
CGSpace and PRMS Information SessionILRI
 
The Cancer Genomics Cloud (CGC) pilots - an Introduction
The Cancer Genomics Cloud (CGC) pilots - an IntroductionThe Cancer Genomics Cloud (CGC) pilots - an Introduction
The Cancer Genomics Cloud (CGC) pilots - an IntroductionSteve Tsang
 
Scott Edmunds flashtalk slides from Beyond the PDF2
Scott Edmunds flashtalk slides from Beyond the PDF2Scott Edmunds flashtalk slides from Beyond the PDF2
Scott Edmunds flashtalk slides from Beyond the PDF2GigaScience, BGI Hong Kong
 
20130821 Mozilla Badges OpenCall with Accreditrust
20130821 Mozilla Badges OpenCall with Accreditrust20130821 Mozilla Badges OpenCall with Accreditrust
20130821 Mozilla Badges OpenCall with AccreditrustEric Korb
 
Blockchain Enabled Crowd Economy
Blockchain Enabled Crowd Economy Blockchain Enabled Crowd Economy
Blockchain Enabled Crowd Economy Crowdsourcing Week
 
CILogon 2.0 Update at TechEx 2016
CILogon 2.0 Update at TechEx 2016CILogon 2.0 Update at TechEx 2016
CILogon 2.0 Update at TechEx 2016jbasney
 
CIC Presentation July2011
CIC Presentation July2011CIC Presentation July2011
CIC Presentation July2011CICRose
 
Trust and identity in the Géant project - Networkshop44
Trust and identity in the Géant project - Networkshop44Trust and identity in the Géant project - Networkshop44
Trust and identity in the Géant project - Networkshop44Jisc
 
GENI Engineering Conference -- Ian Foster
GENI Engineering Conference -- Ian FosterGENI Engineering Conference -- Ian Foster
GENI Engineering Conference -- Ian FosterIan Foster
 
Privacy Gaps in Mediated Library Services: Presentation at NERCOMP2019
Privacy Gaps in Mediated Library Services: Presentation at NERCOMP2019Privacy Gaps in Mediated Library Services: Presentation at NERCOMP2019
Privacy Gaps in Mediated Library Services: Presentation at NERCOMP2019Micah Altman
 
Barcelona 2014: CrossRef CrossMark and FundRef by Kirsty Meddings
Barcelona 2014: CrossRef CrossMark and FundRef by Kirsty MeddingsBarcelona 2014: CrossRef CrossMark and FundRef by Kirsty Meddings
Barcelona 2014: CrossRef CrossMark and FundRef by Kirsty MeddingsCrossref
 
A Decision Model for Choosing Patterns in Blockchain-based Applications
A Decision Model for Choosing Patterns in Blockchain-based ApplicationsA Decision Model for Choosing Patterns in Blockchain-based Applications
A Decision Model for Choosing Patterns in Blockchain-based ApplicationsDilum Bandara
 
STI 2022 - Generating large-scale network analyses of scientific landscapes i...
STI 2022 - Generating large-scale network analyses of scientific landscapes i...STI 2022 - Generating large-scale network analyses of scientific landscapes i...
STI 2022 - Generating large-scale network analyses of scientific landscapes i...Michele Pasin
 
Cyber security privacy-and-blockchain-perspective-14 nov2018-v01-public
Cyber security privacy-and-blockchain-perspective-14 nov2018-v01-publicCyber security privacy-and-blockchain-perspective-14 nov2018-v01-public
Cyber security privacy-and-blockchain-perspective-14 nov2018-v01-publicSecunoid Systems Inc
 
Pmd prospective students 2.22.2222
Pmd prospective students 2.22.2222Pmd prospective students 2.22.2222
Pmd prospective students 2.22.2222KevinAlt1
 

Similaire à CILogon 2.0 at Oct 2017 CICI PI meeting (20)

How Librarians Turn Intelligence Skills into Industry Insight
How Librarians Turn Intelligence Skills into Industry InsightHow Librarians Turn Intelligence Skills into Industry Insight
How Librarians Turn Intelligence Skills into Industry Insight
 
About GlyGen slides
About GlyGen slidesAbout GlyGen slides
About GlyGen slides
 
CGSpace and PRMS Information Session
CGSpace and PRMS Information SessionCGSpace and PRMS Information Session
CGSpace and PRMS Information Session
 
The Cancer Genomics Cloud (CGC) pilots - an Introduction
The Cancer Genomics Cloud (CGC) pilots - an IntroductionThe Cancer Genomics Cloud (CGC) pilots - an Introduction
The Cancer Genomics Cloud (CGC) pilots - an Introduction
 
Scott Edmunds flashtalk slides from Beyond the PDF2
Scott Edmunds flashtalk slides from Beyond the PDF2Scott Edmunds flashtalk slides from Beyond the PDF2
Scott Edmunds flashtalk slides from Beyond the PDF2
 
20130821 Mozilla Badges OpenCall with Accreditrust
20130821 Mozilla Badges OpenCall with Accreditrust20130821 Mozilla Badges OpenCall with Accreditrust
20130821 Mozilla Badges OpenCall with Accreditrust
 
Blockchain Enabled Crowd Economy
Blockchain Enabled Crowd Economy Blockchain Enabled Crowd Economy
Blockchain Enabled Crowd Economy
 
SGCI OAC webinar 4 18-19
SGCI OAC webinar 4 18-19SGCI OAC webinar 4 18-19
SGCI OAC webinar 4 18-19
 
CILogon 2.0 Update at TechEx 2016
CILogon 2.0 Update at TechEx 2016CILogon 2.0 Update at TechEx 2016
CILogon 2.0 Update at TechEx 2016
 
BLC & Digital Science: Mark Hahnel, Figshare
BLC & Digital Science: Mark Hahnel, FigshareBLC & Digital Science: Mark Hahnel, Figshare
BLC & Digital Science: Mark Hahnel, Figshare
 
CIC Presentation July2011
CIC Presentation July2011CIC Presentation July2011
CIC Presentation July2011
 
Trust and identity in the Géant project - Networkshop44
Trust and identity in the Géant project - Networkshop44Trust and identity in the Géant project - Networkshop44
Trust and identity in the Géant project - Networkshop44
 
GENI Engineering Conference -- Ian Foster
GENI Engineering Conference -- Ian FosterGENI Engineering Conference -- Ian Foster
GENI Engineering Conference -- Ian Foster
 
Privacy Gaps in Mediated Library Services: Presentation at NERCOMP2019
Privacy Gaps in Mediated Library Services: Presentation at NERCOMP2019Privacy Gaps in Mediated Library Services: Presentation at NERCOMP2019
Privacy Gaps in Mediated Library Services: Presentation at NERCOMP2019
 
Presentation
PresentationPresentation
Presentation
 
Barcelona 2014: CrossRef CrossMark and FundRef by Kirsty Meddings
Barcelona 2014: CrossRef CrossMark and FundRef by Kirsty MeddingsBarcelona 2014: CrossRef CrossMark and FundRef by Kirsty Meddings
Barcelona 2014: CrossRef CrossMark and FundRef by Kirsty Meddings
 
A Decision Model for Choosing Patterns in Blockchain-based Applications
A Decision Model for Choosing Patterns in Blockchain-based ApplicationsA Decision Model for Choosing Patterns in Blockchain-based Applications
A Decision Model for Choosing Patterns in Blockchain-based Applications
 
STI 2022 - Generating large-scale network analyses of scientific landscapes i...
STI 2022 - Generating large-scale network analyses of scientific landscapes i...STI 2022 - Generating large-scale network analyses of scientific landscapes i...
STI 2022 - Generating large-scale network analyses of scientific landscapes i...
 
Cyber security privacy-and-blockchain-perspective-14 nov2018-v01-public
Cyber security privacy-and-blockchain-perspective-14 nov2018-v01-publicCyber security privacy-and-blockchain-perspective-14 nov2018-v01-public
Cyber security privacy-and-blockchain-perspective-14 nov2018-v01-public
 
Pmd prospective students 2.22.2222
Pmd prospective students 2.22.2222Pmd prospective students 2.22.2222
Pmd prospective students 2.22.2222
 

Plus de jbasney

Guidance and Survey Results from the Trustworthy Data Working Group
Guidance and Survey Results from the Trustworthy Data Working GroupGuidance and Survey Results from the Trustworthy Data Working Group
Guidance and Survey Results from the Trustworthy Data Working Groupjbasney
 
Federated Identity Needs for the Large Synoptic Survey Telescope (LSST)
Federated Identity Needs for the Large Synoptic Survey Telescope (LSST)Federated Identity Needs for the Large Synoptic Survey Telescope (LSST)
Federated Identity Needs for the Large Synoptic Survey Telescope (LSST)jbasney
 
CILogon & SciTokens: OIDC/OAuth Federation
CILogon & SciTokens: OIDC/OAuth FederationCILogon & SciTokens: OIDC/OAuth Federation
CILogon & SciTokens: OIDC/OAuth Federationjbasney
 
Lightweight Cybersecurity Risk Assessment Tools for Cyberinfrastructure
Lightweight Cybersecurity Risk Assessment Tools for CyberinfrastructureLightweight Cybersecurity Risk Assessment Tools for Cyberinfrastructure
Lightweight Cybersecurity Risk Assessment Tools for Cyberinfrastructurejbasney
 
11th FIM4R Workshop: US Projects Update
11th FIM4R Workshop: US Projects Update11th FIM4R Workshop: US Projects Update
11th FIM4R Workshop: US Projects Updatejbasney
 
CILogon 2.0 at 2017 Internet2 Global Summit
CILogon 2.0 at 2017 Internet2 Global SummitCILogon 2.0 at 2017 Internet2 Global Summit
CILogon 2.0 at 2017 Internet2 Global Summitjbasney
 
CTSC+SWAMP: cybersecurity resources for your campus
CTSC+SWAMP: cybersecurity resources for your campusCTSC+SWAMP: cybersecurity resources for your campus
CTSC+SWAMP: cybersecurity resources for your campusjbasney
 
CILogon: An Integrated Identity and Access Management Platform for Science
CILogon: An Integrated Identity and Access Management Platform for ScienceCILogon: An Integrated Identity and Access Management Platform for Science
CILogon: An Integrated Identity and Access Management Platform for Sciencejbasney
 
Cybersecurity for Conservation
Cybersecurity for ConservationCybersecurity for Conservation
Cybersecurity for Conservationjbasney
 
CTSC at TNC16
CTSC at TNC16CTSC at TNC16
CTSC at TNC16jbasney
 
SAML Security Contacts
SAML Security ContactsSAML Security Contacts
SAML Security Contactsjbasney
 
FeduShare TechEx15
FeduShare TechEx15FeduShare TechEx15
FeduShare TechEx15jbasney
 

Plus de jbasney (12)

Guidance and Survey Results from the Trustworthy Data Working Group
Guidance and Survey Results from the Trustworthy Data Working GroupGuidance and Survey Results from the Trustworthy Data Working Group
Guidance and Survey Results from the Trustworthy Data Working Group
 
Federated Identity Needs for the Large Synoptic Survey Telescope (LSST)
Federated Identity Needs for the Large Synoptic Survey Telescope (LSST)Federated Identity Needs for the Large Synoptic Survey Telescope (LSST)
Federated Identity Needs for the Large Synoptic Survey Telescope (LSST)
 
CILogon & SciTokens: OIDC/OAuth Federation
CILogon & SciTokens: OIDC/OAuth FederationCILogon & SciTokens: OIDC/OAuth Federation
CILogon & SciTokens: OIDC/OAuth Federation
 
Lightweight Cybersecurity Risk Assessment Tools for Cyberinfrastructure
Lightweight Cybersecurity Risk Assessment Tools for CyberinfrastructureLightweight Cybersecurity Risk Assessment Tools for Cyberinfrastructure
Lightweight Cybersecurity Risk Assessment Tools for Cyberinfrastructure
 
11th FIM4R Workshop: US Projects Update
11th FIM4R Workshop: US Projects Update11th FIM4R Workshop: US Projects Update
11th FIM4R Workshop: US Projects Update
 
CILogon 2.0 at 2017 Internet2 Global Summit
CILogon 2.0 at 2017 Internet2 Global SummitCILogon 2.0 at 2017 Internet2 Global Summit
CILogon 2.0 at 2017 Internet2 Global Summit
 
CTSC+SWAMP: cybersecurity resources for your campus
CTSC+SWAMP: cybersecurity resources for your campusCTSC+SWAMP: cybersecurity resources for your campus
CTSC+SWAMP: cybersecurity resources for your campus
 
CILogon: An Integrated Identity and Access Management Platform for Science
CILogon: An Integrated Identity and Access Management Platform for ScienceCILogon: An Integrated Identity and Access Management Platform for Science
CILogon: An Integrated Identity and Access Management Platform for Science
 
Cybersecurity for Conservation
Cybersecurity for ConservationCybersecurity for Conservation
Cybersecurity for Conservation
 
CTSC at TNC16
CTSC at TNC16CTSC at TNC16
CTSC at TNC16
 
SAML Security Contacts
SAML Security ContactsSAML Security Contacts
SAML Security Contacts
 
FeduShare TechEx15
FeduShare TechEx15FeduShare TechEx15
FeduShare TechEx15
 

Dernier

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 

Dernier (20)

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 

CILogon 2.0 at Oct 2017 CICI PI meeting

  • 2. Jim Basney jbasney@ncsa.illinois.edu CILogon 2.0 This material is based upon work supported by the National Science Foundation under grant number 1547268. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the United States Government or any agency thereof.
  • 3. CILogon www.cilogon.org CILogon 2.0 Project ❏ 3 year NSF CICI award ❏ January 2016 - December 2018 ❏ Provide an integrated open source Identity and Access Management (IdAM) platform for cyberinfrastructure ❏ CILogon: federated identity management ❏ COmanage: collaborative organization management ❏ Support international collaborations
  • 4. CILogon www.cilogon.org CILogon 2.0 Team Members ❏ Jim Basney ❏ Terry Fleury ❏ Jeff Gaynor ❏ Venkat Yekkirala ❏ Heather Flanagan ❏ Scott Koranda ❏ Benn Oshrin ❏ Arlen Johnson
  • 5. CILogon www.cilogon.org Science Partners ❏ NANOGrav Physics Frontiers Center ❏ Laser Interferometer Gravitational-Wave Observatory (LIGO) ❏ Data Observation Network for Earth (DataONE)
  • 6. CILogon www.cilogon.org Cyberinfrastructure Partners ❏ Operational support ❏ Integration platform ❏ International use cases ❏ Support for European identities ❏ Using eduGAIN
  • 7. CILogon www.cilogon.org CILogon in Europe ❏ Supporting international research collaborations ❏ Int’l IdP support at cilogon.org via InCommon’s eduGAIN membership ❏ Depends on int’l R&S and SIRTFI adoption ❏ European CILogon instance ❏ Addresses EU attribute release policies ❏ IGTF accredited CA: https://rcauth.eu/
  • 8. CILogon www.cilogon.org SAML SP OIDC Provider X.509 CA HSM OIDC SP MFA (OATH) LDAP COmanage Identities MFA Tokens SSH Keys Groups Attributes SAML AA User Registry Interface eduGAIN IdP Google IdP Science App OAuth SP ORCID Science App Science App Science App InCommon IdP Logical Component View
  • 9. CILogon www.cilogon.org SAML to OpenID Connect (OIDC) Proxy ❏ Supporting e-Science clients ❏ Review & approval by CILogon staff ❏ User consent based on requested scopes ❏ openid, profile, email ❏ org.cilogon.userinfo (eppn, affiliation) ❏ edu.uiuc.ncsa.myproxy.getcert (to allow X.509 certificate issuance) ❏ VO attributes www.cilogon.org/oidc
  • 11. CILogon www.cilogon.org Managing Virtual Organizations ❏ enrollment flows ❏ expiration policies ❏ delegated group management ❏ attribute mapping ❏ application registration ❏ plug-ins and pipelines
  • 12. CILogon www.cilogon.org Bridging Campus and VO IAM ❏ CILogon passes campus/VO attributes to the e-Science SP ❏ Always requiring user consent ❏ Attribute scopes approved per-client ❏ COmanage displays terms and conditions during VO enrollment ❏ VO attribute release policy applied per client
  • 13. CILogon www.cilogon.org CILogon 2.0: Status ❏ Successes so far ❏ OpenID Connect (OIDC) support ❏ International interoperability ❏ COmanage integration ❏ ORCID integration ❏ Use with Globus, JupyterHub, Kubernetes, and SciGaP ❏ Challenges ❏ Interoperability with campus IdPs
  • 14. CILogon www.cilogon.org Enabling Access from Campus ❏ Operate an InCommon IdP https://incommon.org/federation/info/all-entities ❏ Meet InCommon's Baseline Expectations https://spaces.internet2.edu/display/BE ❏ Support REFEDS R&S https://incommon.org/federation/info/all-entity-categories ❏ Support SIRTFI https://incommon.org/federation/info/all-idps-certified https://cilogon.org/testidp
  • 15. CILogon www.cilogon.org ATLAS Connect Brandeis Clemson CyberGIS CERN CMS Connect DataONE DOE KBase Duke CI Connect Fermilab Globus Indiana University LIGO LRZ MIT NANOGrav (Pilot) Northwestern Notre Dame OOI OSC OnDemand OSG Connect SciGaP SeedMe SWAMP UNL XSEDE ... and more CILogon-enabled Sites
  • 17. CILogon www.cilogon.org Want to work with us? ❏ Research projects with collaborators across multiple institutions ❏ Using federated identity ❏ Managing group memberships and application authorization ❏ OAuth, OpenID Connect, SAML, LDAP, SSH, X.509 ❏ Outsourcing IAM services ❏ Consistent with InCommon Research & Scholarship definition jbasney@ncsa.illinois.edu info@cilogon.org