SlideShare a Scribd company logo

20190523 archiver fim

Archiver
Archiver

20190523 archiver fim

Data & Analytics
1 of 22
Download to read offline
Networks ∙ Services ∙ People www.geant.org ARCHIVER Meeting, Stanstead Airport Federated Identity Management for ARCHIVER 23/05/2019 Hannah Short CERN IT GÉANT Project Participant
Networks ∙ Services ∙ People www.geant.org Introduction to Federated Identity Management Federated Identity Management for ARCHIVER Technology Policy Getting started Agenda
Networks ∙ Services ∙ People www.geant.org Introduction to Federated Identity Management Federated Identity Management for ARCHIVER Technology Policy Getting started Agenda
Networks ∙ Services ∙ People www.geant.org Federated identity management (FIM) is the set of policies and technologies that enables one party to rely on the authentication performed by another trusted party, and the secure transfer of identity information for authorisation purposes. 4 Federated Identity Management Credit to Licia Florio, GÉANT
Networks ∙ Services ∙ People www.geant.org User: • A user is characterized by an identity, a collection of attributes that represent properties about that specific person. Identity Provider (IdP): • Asserts authentication and identity information about the user. Service Provider Proxy • Controls access to a set of service providers • Adds authorization information Service Provider (SP): • Receives and checks authentication and authorization information to grant access to the service. 5 FIM Components Credit to Alessandra Scicchitano, GEANT, for this slide
Networks ∙ Services ∙ People www.geant.org Blueprint Architecture https://aarc-project.eu/architecture/ User Identity Provider Service Provider Proxy Service Provider
Networks ∙ Services ∙ People www.geant.org SAML • Security Assertion Markup Language • Exchange of metadata (including keys) to establish trust, facilitates by Identity Federations • Authentication Assertions sent as XML packets OIDC • OpenID Connect • Clients register to OIDC Providers • Authentication and Authorisation typically sent as Jason Web Tokens FIM Protocols
Networks ∙ Services ∙ People www.geant.org Introduction to Federated Identity Management Federated Identity Management for ARCHIVER Technology Policy Getting started Agenda
Networks ∙ Services ∙ People www.geant.org Who does what? Research Institute IdPs, through eduGAIN ARCHIVER Services ? https://aarc-project.eu/architecture/
Networks ∙ Services ∙ People www.geant.org Identity Providers (Research Institutes) • Research Institutes typically already have an IdP in eduGAIN that talks SAML • If your Research Institute doesn’t yet have an IdP, contact your National Federation for guidance https://technical.edugain.org/status Service Providers (ARCHIVER Services) • Many commercial services already support SAML or OIDC • Most Service Provider proxies (where you will connect your service) also support both • If your Service Provider supports neither you will need to implement it. See training: • OIDC examples for multiple platforms https://aarc-project.eu/training/integrating- your-service-with-openid-connect/ • SAML example with Shibboleth https://aarc- project.eu/training/saml-and-shibboleth- introduction/ Which protocols should you use?
Networks ∙ Services ∙ People www.geant.org Service Supporting organisation SP protocols supported Deployment models advertised Link eduTEAMS GÉANT SAML, OIDC Hosted or standalone https://www.geant.org/I nnovation/eduteams/Pa ges/Getting-Started.aspx EGI Check-in EGI/GRNET SAML, OIDC Hosted or standalone https://www.egi.eu/wp- content/uploads/2017/0 9/Check-in.pdf B2ACCESS EUDAT SAML, OAuth2 (similar to OIDC) Standalone https://marketplace.eosc - portal.eu/services/b2acc ess INDIGO IAM INDIGO/INFN OIDC Standalone https://www.indigo- datacloud.eu/identity- and-access-management Service Provider Proxy Options, Software (all participate in EOSC Projects)
Networks ∙ Services ∙ People www.geant.org The ARCHIVER project should carefully consider the following questions • How many Service Provider Proxies should be set up? (Would recommend one for simplicity) • Who will set up authorisation groups? • Who will maintain group membership? Service Provider Proxy Options, Governance
Networks ∙ Services ∙ People www.geant.org • Multiple ways have been explored to provide command line access • Device Code Flow with OAuth (enter a code on a browser to validate a command line authentication request) • SSH Key upload (collect users’ SSH keys at the Service Provider Proxy and provision them at the resource) • OIDC Agent (https://indigo-dc.gitbooks.io/oidc-agent/) that dynamically provisions OIDC tokens in a similar way to SSH keys) • Discuss with the Service Provider Proxy what they recommend or can support Command line access
Networks ∙ Services ∙ People www.geant.org Introduction to Federated Identity Management Federated Identity Management for ARCHIVER Technology Policy Getting started Agenda
Networks ∙ Services ∙ People www.geant.org Attribute Release • Research IdPs should release the Research and Scholarship attribute bundle (persistent id, name, email) • To encourage attribute release from IdPs, Service Providers (or the Proxy) should* • Support Research and Scholarship (R&S) https://refeds.org/category/research-and- scholarship • Adopt the GÉANT Data Protection Code of Conduct (CoCo) https://wiki.geant.org/display/eduGAIN/Recipe+f or+a+Service+Provider • Comply with the Security Incident Response Trust Framework (Sirtfi) https://refeds.org/sirtfi *Note, a Service Provider Proxy would assert compliance with R&S, CoCo and Sirtfi for the group of Services behind it Policies: FIM Frameworks SP ProxyIdP ID, Name, Email SP ID, Name, Email, AuthZ
Networks ∙ Services ∙ People www.geant.org Operational Security • To support Security Incident Response, ARCHIVER Services should require that IdPs • Comply with the Security Incident Response Trust Framework (Sirtfi) • Publish a Security Contact Policies: FIM Frameworks
Networks ∙ Services ∙ People www.geant.org Attribute Release • Research IdPs should release the Research and Scholarship attribute bundle (persistent id, name, email) • To encourage attribute release from IdPs, Service Providers (or the Proxy) should* • Support Research and Scholarship (R&S) https://refeds.org/category/research-and- scholarship • Adopt the GÉANT Data Protection Code of Conduct (CoCo) https://wiki.geant.org/display/eduGAIN/Recipe+f or+a+Service+Provider • Comply with the Security Incident Response Trust Framework (Sirtfi) https://refeds.org/sirtfi Operational Security • To support Security Incident Response, ARCHIVER Services should require that IdPs • Comply with the Security Incident Response Trust Framework (Sirtfi) • Publish a Security Contact *Note, a Service Provider Proxy would assert compliance with R&S, CoCo and Sirtfi for the group of Services behind it Policies: FIM Frameworks
Networks ∙ Services ∙ People www.geant.org • ARCHIVER users will be presented with multiple policy points for consent and/or accepting terms and conditions (at IdPs, SP Proxy, SPs). To aid user experience you may wish to consider interoperable policies that can be accepted once, in particular: • Acceptable Use Policy to be accepted at the SP Proxy when registering https://wiki.geant.org/display/WISE/Baseline+Acceptable+Use+Policy+and+Conditions+of+Use • There may be requirements for each ARCHIVER Service to comply with additional policies, such as • Service Operations Security Policy • Policy on the Processing of Personal Data Further guidance is available at https://aarc-project.eu/policies/policy-development-kit/ Additional Policies
Networks ∙ Services ∙ People www.geant.org Introduction to Federated Identity Management Federated Identity Management for ARCHIVER Technology Policy Getting started Agenda
Networks ∙ Services ∙ People www.geant.org 1. The ARCHIVER project should decide on a Service Provider Proxy implementation and operator 2. Research Institutes should ensure that they have a SAML IdP registered in eduGAIN that releases the Research & Scholarship Attribute Bundle 3. ARCHIVER Services should ensure that their Services can be authenticated via SAML or OIDC (depending on the chosen Service Provider Proxy implementation) Next Steps
Networks ∙ Services ∙ People www.geant.org Testing tools • Test your SAML IdP (Research Institutes) or SP (ARCHIVER Services) https://samltest.id • Test your OIDC Service https://openidconnect.net https://aarc-project.eu Looking for help? Guidance for Infrastructures Training
Networks ∙ Services ∙ People www.geant.org Thank you Networks ∙ Services ∙ People www.geant.org hannah.short@cern.ch Any questions?

Recommended

Geant cloud peering-v2
Geant cloud peering-v2Geant cloud peering-v2
Geant cloud peering-v2Archiver
 
Archiver omc stansted_tendering_procedure_and_requirements_final
Archiver omc stansted_tendering_procedure_and_requirements_finalArchiver omc stansted_tendering_procedure_and_requirements_final
Archiver omc stansted_tendering_procedure_and_requirements_finalArchiver
 
Archiver 3rd omc_project_overview
Archiver 3rd omc_project_overviewArchiver 3rd omc_project_overview
Archiver 3rd omc_project_overviewArchiver
 
Wrapping up and_next_steps_stansted
Wrapping up and_next_steps_stanstedWrapping up and_next_steps_stansted
Wrapping up and_next_steps_stanstedArchiver
 
The role of public procurement in the EOSC: previous experience and EOSC-hub ...
The role of public procurement in the EOSC: previous experience and EOSC-hub ...The role of public procurement in the EOSC: previous experience and EOSC-hub ...
The role of public procurement in the EOSC: previous experience and EOSC-hub ...EOSC-hub project
 
Purchasing from the Cloud, Cross Border Procurement and the role of GEANT as ...
Purchasing from the Cloud, Cross Border Procurement and the role of GEANT as ...Purchasing from the Cloud, Cross Border Procurement and the role of GEANT as ...
Purchasing from the Cloud, Cross Border Procurement and the role of GEANT as ...EOSC-hub project
 
Implementation roadmap for the EOSC
Implementation roadmap for the EOSCImplementation roadmap for the EOSC
Implementation roadmap for the EOSCEOSC-hub project
 
1 archiver omc project_overview
1 archiver omc project_overview1 archiver omc project_overview
1 archiver omc project_overviewArchiver
 

Recommended

Geant cloud peering-v2
Geant cloud peering-v2Geant cloud peering-v2
Geant cloud peering-v2Archiver
 
Archiver omc stansted_tendering_procedure_and_requirements_final
Archiver omc stansted_tendering_procedure_and_requirements_finalArchiver omc stansted_tendering_procedure_and_requirements_final
Archiver omc stansted_tendering_procedure_and_requirements_finalArchiver
 
Archiver 3rd omc_project_overview
Archiver 3rd omc_project_overviewArchiver 3rd omc_project_overview
Archiver 3rd omc_project_overviewArchiver
 
Wrapping up and_next_steps_stansted
Wrapping up and_next_steps_stanstedWrapping up and_next_steps_stansted
Wrapping up and_next_steps_stanstedArchiver
 
The role of public procurement in the EOSC: previous experience and EOSC-hub ...
The role of public procurement in the EOSC: previous experience and EOSC-hub ...The role of public procurement in the EOSC: previous experience and EOSC-hub ...
The role of public procurement in the EOSC: previous experience and EOSC-hub ...EOSC-hub project
 
Purchasing from the Cloud, Cross Border Procurement and the role of GEANT as ...
Purchasing from the Cloud, Cross Border Procurement and the role of GEANT as ...Purchasing from the Cloud, Cross Border Procurement and the role of GEANT as ...
Purchasing from the Cloud, Cross Border Procurement and the role of GEANT as ...EOSC-hub project
 
Implementation roadmap for the EOSC
Implementation roadmap for the EOSCImplementation roadmap for the EOSC
Implementation roadmap for the EOSCEOSC-hub project
 
1 archiver omc project_overview
1 archiver omc project_overview1 archiver omc project_overview
1 archiver omc project_overviewArchiver
 
RDA ICT Technical Specifications
RDA ICT Technical SpecificationsRDA ICT Technical Specifications
RDA ICT Technical SpecificationsResearch Data Alliance
 
Understanding the demand for digital services in research and the role of pub...
Understanding the demand for digital services in research and the role of pub...Understanding the demand for digital services in research and the role of pub...
Understanding the demand for digital services in research and the role of pub...EOSC-hub project
 
Archiver 2nd_OMC event_Barcelona_Project Overview
Archiver 2nd_OMC event_Barcelona_Project OverviewArchiver 2nd_OMC event_Barcelona_Project Overview
Archiver 2nd_OMC event_Barcelona_Project OverviewArchiver
 
GEANT IaaS framework: results and lessons learned
GEANT IaaS framework: results and lessons learnedGEANT IaaS framework: results and lessons learned
GEANT IaaS framework: results and lessons learnedEOSC-hub project
 
Project Stories from BT
Project Stories from BTProject Stories from BT
Project Stories from BTThe Knowledge Transfer Network Creative, Digital & Design
 
CSA Cloud Trust Protocol and A4Cloud: Enforcing cloud accountability through ...
CSA Cloud Trust Protocol and A4Cloud: Enforcing cloud accountability through ...CSA Cloud Trust Protocol and A4Cloud: Enforcing cloud accountability through ...
CSA Cloud Trust Protocol and A4Cloud: Enforcing cloud accountability through ...The Research Council of Norway, IKTPLUSS
 
The HNSciCloud Pre-Commercial Procurement Project
The HNSciCloud Pre-Commercial Procurement ProjectThe HNSciCloud Pre-Commercial Procurement Project
The HNSciCloud Pre-Commercial Procurement ProjectHelix Nebula The Science Cloud
 
FIAT/IFTA Timeline Survey Results 2015
FIAT/IFTA Timeline Survey Results 2015FIAT/IFTA Timeline Survey Results 2015
FIAT/IFTA Timeline Survey Results 2015Brecht Declercq
 
OCRE Project overview by David Heyns, GÉANT
OCRE Project overview by David Heyns, GÉANTOCRE Project overview by David Heyns, GÉANT
OCRE Project overview by David Heyns, GÉANTOCRE | Open Clouds for Research Environments
 
EOSC-hub rules of participation, Mark van de Sanden
EOSC-hub rules of participation, Mark van de SandenEOSC-hub rules of participation, Mark van de Sanden
EOSC-hub rules of participation, Mark van de SandenEOSC-hub project
 
CloudTeams Presentation for the SE4SA Cluster in NetFutures2016
CloudTeams Presentation for the SE4SA Cluster in NetFutures2016CloudTeams Presentation for the SE4SA Cluster in NetFutures2016
CloudTeams Presentation for the SE4SA Cluster in NetFutures2016CloudTeams
 
EOSC-hub AAI architecture (EOSC hub week, Malaga, 16 - 20 April 2018)
EOSC-hub AAI architecture (EOSC hub week, Malaga, 16 - 20 April 2018)EOSC-hub AAI architecture (EOSC hub week, Malaga, 16 - 20 April 2018)
EOSC-hub AAI architecture (EOSC hub week, Malaga, 16 - 20 April 2018)EOSC-hub project
 
​OCRE Supplier Webinar - GÉANT General Overview, David Heyns, 
​OCRE Supplier Webinar - GÉANT General Overview, David Heyns, ​OCRE Supplier Webinar - GÉANT General Overview, David Heyns, 
​OCRE Supplier Webinar - GÉANT General Overview, David Heyns, OCRE | Open Clouds for Research Environments
 
Helix Nebula - The Science Cloud - Lessons learned
Helix Nebula - The Science Cloud - Lessons learned Helix Nebula - The Science Cloud - Lessons learned
Helix Nebula - The Science Cloud - Lessons learned Helix Nebula The Science Cloud
 
HNSciCloud Prototype Phase Award - Marc-Elian Begin
HNSciCloud Prototype Phase Award - Marc-Elian Begin HNSciCloud Prototype Phase Award - Marc-Elian Begin
HNSciCloud Prototype Phase Award - Marc-Elian Begin Helix Nebula The Science Cloud
 
VTT Tampere RobotDay 5.9. - Minna Lanz, Trinity Open Calls
VTT Tampere RobotDay 5.9. - Minna Lanz, Trinity Open Calls VTT Tampere RobotDay 5.9. - Minna Lanz, Trinity Open Calls
VTT Tampere RobotDay 5.9. - Minna Lanz, Trinity Open Calls DIH²
 
160405 Catálogos Industriais
160405 Catálogos Industriais160405 Catálogos Industriais
160405 Catálogos IndustriaisZoltan Patkai
 
2019 04-08 hopu-aj
2019 04-08 hopu-aj2019 04-08 hopu-aj
2019 04-08 hopu-ajOpen & Agile Smart Cities
 
CloudTeams - Boosting Collaboration of Developers and End Users Together for ...
CloudTeams - Boosting Collaboration of Developers and End Users Together for ...CloudTeams - Boosting Collaboration of Developers and End Users Together for ...
CloudTeams - Boosting Collaboration of Developers and End Users Together for ...CloudTeams
 
Zeetta networks birmingham inca - sep2017
Zeetta networks birmingham inca - sep2017Zeetta networks birmingham inca - sep2017
Zeetta networks birmingham inca - sep2017James Saunby
 
Trust and identity in the Géant project - Networkshop44
Trust and identity in the Géant project - Networkshop44Trust and identity in the Géant project - Networkshop44
Trust and identity in the Géant project - Networkshop44Jisc
 
Create B2B Exchanges with Cisco Connected Processes: an overview
Create B2B Exchanges with Cisco Connected Processes: an overviewCreate B2B Exchanges with Cisco Connected Processes: an overview
Create B2B Exchanges with Cisco Connected Processes: an overviewCisco DevNet
 

More Related Content

What's hot

Understanding the demand for digital services in research and the role of pub...
Understanding the demand for digital services in research and the role of pub...Understanding the demand for digital services in research and the role of pub...
Understanding the demand for digital services in research and the role of pub...EOSC-hub project
 
Archiver 2nd_OMC event_Barcelona_Project Overview
Archiver 2nd_OMC event_Barcelona_Project OverviewArchiver 2nd_OMC event_Barcelona_Project Overview
Archiver 2nd_OMC event_Barcelona_Project OverviewArchiver
 
GEANT IaaS framework: results and lessons learned
GEANT IaaS framework: results and lessons learnedGEANT IaaS framework: results and lessons learned
GEANT IaaS framework: results and lessons learnedEOSC-hub project
 
CSA Cloud Trust Protocol and A4Cloud: Enforcing cloud accountability through ...
CSA Cloud Trust Protocol and A4Cloud: Enforcing cloud accountability through ...CSA Cloud Trust Protocol and A4Cloud: Enforcing cloud accountability through ...
CSA Cloud Trust Protocol and A4Cloud: Enforcing cloud accountability through ...The Research Council of Norway, IKTPLUSS
 
FIAT/IFTA Timeline Survey Results 2015
FIAT/IFTA Timeline Survey Results 2015FIAT/IFTA Timeline Survey Results 2015
FIAT/IFTA Timeline Survey Results 2015Brecht Declercq
 
EOSC-hub rules of participation, Mark van de Sanden
EOSC-hub rules of participation, Mark van de SandenEOSC-hub rules of participation, Mark van de Sanden
EOSC-hub rules of participation, Mark van de SandenEOSC-hub project
 
CloudTeams Presentation for the SE4SA Cluster in NetFutures2016
CloudTeams Presentation for the SE4SA Cluster in NetFutures2016CloudTeams Presentation for the SE4SA Cluster in NetFutures2016
CloudTeams Presentation for the SE4SA Cluster in NetFutures2016CloudTeams
 
EOSC-hub AAI architecture (EOSC hub week, Malaga, 16 - 20 April 2018)
EOSC-hub AAI architecture (EOSC hub week, Malaga, 16 - 20 April 2018)EOSC-hub AAI architecture (EOSC hub week, Malaga, 16 - 20 April 2018)
EOSC-hub AAI architecture (EOSC hub week, Malaga, 16 - 20 April 2018)EOSC-hub project
 
VTT Tampere RobotDay 5.9. - Minna Lanz, Trinity Open Calls
VTT Tampere RobotDay 5.9. - Minna Lanz, Trinity Open Calls VTT Tampere RobotDay 5.9. - Minna Lanz, Trinity Open Calls
VTT Tampere RobotDay 5.9. - Minna Lanz, Trinity Open Calls DIH²
 
160405 Catálogos Industriais
160405 Catálogos Industriais160405 Catálogos Industriais
160405 Catálogos IndustriaisZoltan Patkai
 
CloudTeams - Boosting Collaboration of Developers and End Users Together for ...
CloudTeams - Boosting Collaboration of Developers and End Users Together for ...CloudTeams - Boosting Collaboration of Developers and End Users Together for ...
CloudTeams - Boosting Collaboration of Developers and End Users Together for ...CloudTeams
 
Zeetta networks birmingham inca - sep2017
Zeetta networks birmingham inca - sep2017Zeetta networks birmingham inca - sep2017
Zeetta networks birmingham inca - sep2017James Saunby
 

What's hot (20)

RDA ICT Technical Specifications
RDA ICT Technical SpecificationsRDA ICT Technical Specifications
RDA ICT Technical Specifications
 
Understanding the demand for digital services in research and the role of pub...
Understanding the demand for digital services in research and the role of pub...Understanding the demand for digital services in research and the role of pub...
Understanding the demand for digital services in research and the role of pub...
 
Archiver 2nd_OMC event_Barcelona_Project Overview
Archiver 2nd_OMC event_Barcelona_Project OverviewArchiver 2nd_OMC event_Barcelona_Project Overview
Archiver 2nd_OMC event_Barcelona_Project Overview
 
GEANT IaaS framework: results and lessons learned
GEANT IaaS framework: results and lessons learnedGEANT IaaS framework: results and lessons learned
GEANT IaaS framework: results and lessons learned
 
Project Stories from BT
Project Stories from BTProject Stories from BT
Project Stories from BT
 
CSA Cloud Trust Protocol and A4Cloud: Enforcing cloud accountability through ...
CSA Cloud Trust Protocol and A4Cloud: Enforcing cloud accountability through ...CSA Cloud Trust Protocol and A4Cloud: Enforcing cloud accountability through ...
CSA Cloud Trust Protocol and A4Cloud: Enforcing cloud accountability through ...
 
The HNSciCloud Pre-Commercial Procurement Project
The HNSciCloud Pre-Commercial Procurement ProjectThe HNSciCloud Pre-Commercial Procurement Project
The HNSciCloud Pre-Commercial Procurement Project
 
FIAT/IFTA Timeline Survey Results 2015
FIAT/IFTA Timeline Survey Results 2015FIAT/IFTA Timeline Survey Results 2015
FIAT/IFTA Timeline Survey Results 2015
 
OCRE Project overview by David Heyns, GÉANT
OCRE Project overview by David Heyns, GÉANTOCRE Project overview by David Heyns, GÉANT
OCRE Project overview by David Heyns, GÉANT
 
EOSC-hub rules of participation, Mark van de Sanden
EOSC-hub rules of participation, Mark van de SandenEOSC-hub rules of participation, Mark van de Sanden
EOSC-hub rules of participation, Mark van de Sanden
 
CloudTeams Presentation for the SE4SA Cluster in NetFutures2016
CloudTeams Presentation for the SE4SA Cluster in NetFutures2016CloudTeams Presentation for the SE4SA Cluster in NetFutures2016
CloudTeams Presentation for the SE4SA Cluster in NetFutures2016
 
EOSC-hub AAI architecture (EOSC hub week, Malaga, 16 - 20 April 2018)
EOSC-hub AAI architecture (EOSC hub week, Malaga, 16 - 20 April 2018)EOSC-hub AAI architecture (EOSC hub week, Malaga, 16 - 20 April 2018)
EOSC-hub AAI architecture (EOSC hub week, Malaga, 16 - 20 April 2018)
 
​OCRE Supplier Webinar - GÉANT General Overview, David Heyns, 
​OCRE Supplier Webinar - GÉANT General Overview, David Heyns, ​OCRE Supplier Webinar - GÉANT General Overview, David Heyns, 
​OCRE Supplier Webinar - GÉANT General Overview, David Heyns, 
 
Helix Nebula - The Science Cloud - Lessons learned
Helix Nebula - The Science Cloud - Lessons learned Helix Nebula - The Science Cloud - Lessons learned
Helix Nebula - The Science Cloud - Lessons learned
 
HNSciCloud Prototype Phase Award - Marc-Elian Begin
HNSciCloud Prototype Phase Award - Marc-Elian Begin HNSciCloud Prototype Phase Award - Marc-Elian Begin
HNSciCloud Prototype Phase Award - Marc-Elian Begin
 
VTT Tampere RobotDay 5.9. - Minna Lanz, Trinity Open Calls
VTT Tampere RobotDay 5.9. - Minna Lanz, Trinity Open Calls VTT Tampere RobotDay 5.9. - Minna Lanz, Trinity Open Calls
VTT Tampere RobotDay 5.9. - Minna Lanz, Trinity Open Calls
 
160405 Catálogos Industriais
160405 Catálogos Industriais160405 Catálogos Industriais
160405 Catálogos Industriais
 
2019 04-08 hopu-aj
2019 04-08 hopu-aj2019 04-08 hopu-aj
2019 04-08 hopu-aj
 
CloudTeams - Boosting Collaboration of Developers and End Users Together for ...
CloudTeams - Boosting Collaboration of Developers and End Users Together for ...CloudTeams - Boosting Collaboration of Developers and End Users Together for ...
CloudTeams - Boosting Collaboration of Developers and End Users Together for ...
 
Zeetta networks birmingham inca - sep2017
Zeetta networks birmingham inca - sep2017Zeetta networks birmingham inca - sep2017
Zeetta networks birmingham inca - sep2017
 

Similar to 20190523 archiver fim

Trust and identity in the Géant project - Networkshop44
Trust and identity in the Géant project - Networkshop44Trust and identity in the Géant project - Networkshop44
Trust and identity in the Géant project - Networkshop44Jisc
 
Create B2B Exchanges with Cisco Connected Processes: an overview
Create B2B Exchanges with Cisco Connected Processes: an overviewCreate B2B Exchanges with Cisco Connected Processes: an overview
Create B2B Exchanges with Cisco Connected Processes: an overviewCisco DevNet
 
Oracle Blockchain Experience Day
Oracle Blockchain Experience DayOracle Blockchain Experience Day
Oracle Blockchain Experience DayJuarez Junior
 
McShibboleth Presentation
McShibboleth PresentationMcShibboleth Presentation
McShibboleth PresentationJISC.AM
 
Hyperledger Austin meetup July 10, 2018
Hyperledger Austin meetup July 10, 2018Hyperledger Austin meetup July 10, 2018
Hyperledger Austin meetup July 10, 2018Oracle Developers
 
Oracle - Hyperledger Silicon Valley meetup, June 20, 2018
Oracle - Hyperledger Silicon Valley meetup, June 20, 2018Oracle - Hyperledger Silicon Valley meetup, June 20, 2018
Oracle - Hyperledger Silicon Valley meetup, June 20, 2018Oracle Developers
 
Pistoia Alliance European Conference 2015 - Stuart Robertson / Exostar
Pistoia Alliance European Conference 2015 - Stuart Robertson / ExostarPistoia Alliance European Conference 2015 - Stuart Robertson / Exostar
Pistoia Alliance European Conference 2015 - Stuart Robertson / ExostarPistoia Alliance
 
Hyperledger Fabric - Blockchain for the Enterprise - FOSDEM 20190203
Hyperledger Fabric - Blockchain for the Enterprise - FOSDEM 20190203Hyperledger Fabric - Blockchain for the Enterprise - FOSDEM 20190203
Hyperledger Fabric - Blockchain for the Enterprise - FOSDEM 20190203Arnaud Le Hors
 
Platform for Secure Digital Business
Platform for Secure Digital BusinessPlatform for Secure Digital Business
Platform for Secure Digital BusinessAkana
 
eduTEAMS
eduTEAMSeduTEAMS
eduTEAMSJisc
 
Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Standards Customer Council
 
Hyperledger fabric 20180528
Hyperledger fabric 20180528Hyperledger fabric 20180528
Hyperledger fabric 20180528Arnaud Le Hors
 
Webex APIs for Admins - Cisco Live Orlando 2018 - DEVNET-3610
Webex APIs for Admins - Cisco Live Orlando 2018 - DEVNET-3610Webex APIs for Admins - Cisco Live Orlando 2018 - DEVNET-3610
Webex APIs for Admins - Cisco Live Orlando 2018 - DEVNET-3610Cisco DevNet
 
Latest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyLatest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyCloud Standards Customer Council
 
Why Collaborate? Graham Nicholls, Extrada Inc.
Why Collaborate? Graham Nicholls, Extrada Inc.Why Collaborate? Graham Nicholls, Extrada Inc.
Why Collaborate? Graham Nicholls, Extrada Inc.mfrancis
 
Cartes Asia Dem 2010 V2
Cartes Asia Dem 2010 V2Cartes Asia Dem 2010 V2
Cartes Asia Dem 2010 V2Donald Malloy
 
Architecting a Real-World Microservices Architecture and DevOps Strategy on A...
Architecting a Real-World Microservices Architecture and DevOps Strategy on A...Architecting a Real-World Microservices Architecture and DevOps Strategy on A...
Architecting a Real-World Microservices Architecture and DevOps Strategy on A...Amazon Web Services
 
Dennis Wendland_The i4Trust Collaboration Programme.pptx
Dennis Wendland_The i4Trust Collaboration Programme.pptxDennis Wendland_The i4Trust Collaboration Programme.pptx
Dennis Wendland_The i4Trust Collaboration Programme.pptxFIWARE
 
Dejan Podgorsek - Is Hyperledger Fabric secure enough for your Business?
Dejan Podgorsek - Is Hyperledger Fabric secure enough for your Business?Dejan Podgorsek - Is Hyperledger Fabric secure enough for your Business?
Dejan Podgorsek - Is Hyperledger Fabric secure enough for your Business?Hacken_Ecosystem
 

Similar to 20190523 archiver fim (20)

Trust and identity in the Géant project - Networkshop44
Trust and identity in the Géant project - Networkshop44Trust and identity in the Géant project - Networkshop44
Trust and identity in the Géant project - Networkshop44
 
Create B2B Exchanges with Cisco Connected Processes: an overview
Create B2B Exchanges with Cisco Connected Processes: an overviewCreate B2B Exchanges with Cisco Connected Processes: an overview
Create B2B Exchanges with Cisco Connected Processes: an overview
 
Oracle Blockchain Experience Day
Oracle Blockchain Experience DayOracle Blockchain Experience Day
Oracle Blockchain Experience Day
 
McShibboleth Presentation
McShibboleth PresentationMcShibboleth Presentation
McShibboleth Presentation
 
Hyperledger Austin meetup July 10, 2018
Hyperledger Austin meetup July 10, 2018Hyperledger Austin meetup July 10, 2018
Hyperledger Austin meetup July 10, 2018
 
Oracle - Hyperledger Silicon Valley meetup, June 20, 2018
Oracle - Hyperledger Silicon Valley meetup, June 20, 2018Oracle - Hyperledger Silicon Valley meetup, June 20, 2018
Oracle - Hyperledger Silicon Valley meetup, June 20, 2018
 
Pistoia Alliance European Conference 2015 - Stuart Robertson / Exostar
Pistoia Alliance European Conference 2015 - Stuart Robertson / ExostarPistoia Alliance European Conference 2015 - Stuart Robertson / Exostar
Pistoia Alliance European Conference 2015 - Stuart Robertson / Exostar
 
Hyperledger Fabric - Blockchain for the Enterprise - FOSDEM 20190203
Hyperledger Fabric - Blockchain for the Enterprise - FOSDEM 20190203Hyperledger Fabric - Blockchain for the Enterprise - FOSDEM 20190203
Hyperledger Fabric - Blockchain for the Enterprise - FOSDEM 20190203
 
Platform for Secure Digital Business
Platform for Secure Digital BusinessPlatform for Secure Digital Business
Platform for Secure Digital Business
 
eduTEAMS
eduTEAMSeduTEAMS
eduTEAMS
 
Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0
 
Hyperledger fabric 20180528
Hyperledger fabric 20180528Hyperledger fabric 20180528
Hyperledger fabric 20180528
 
Webex APIs for Admins - Cisco Live Orlando 2018 - DEVNET-3610
Webex APIs for Admins - Cisco Live Orlando 2018 - DEVNET-3610Webex APIs for Admins - Cisco Live Orlando 2018 - DEVNET-3610
Webex APIs for Admins - Cisco Live Orlando 2018 - DEVNET-3610
 
Hitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Identity Manager
Hitachi ID Identity Manager
 
Latest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyLatest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and Privacy
 
Why Collaborate? Graham Nicholls, Extrada Inc.
Why Collaborate? Graham Nicholls, Extrada Inc.Why Collaborate? Graham Nicholls, Extrada Inc.
Why Collaborate? Graham Nicholls, Extrada Inc.
 
Cartes Asia Dem 2010 V2
Cartes Asia Dem 2010 V2Cartes Asia Dem 2010 V2
Cartes Asia Dem 2010 V2
 
Architecting a Real-World Microservices Architecture and DevOps Strategy on A...
Architecting a Real-World Microservices Architecture and DevOps Strategy on A...Architecting a Real-World Microservices Architecture and DevOps Strategy on A...
Architecting a Real-World Microservices Architecture and DevOps Strategy on A...
 
Dennis Wendland_The i4Trust Collaboration Programme.pptx
Dennis Wendland_The i4Trust Collaboration Programme.pptxDennis Wendland_The i4Trust Collaboration Programme.pptx
Dennis Wendland_The i4Trust Collaboration Programme.pptx
 
Dejan Podgorsek - Is Hyperledger Fabric secure enough for your Business?
Dejan Podgorsek - Is Hyperledger Fabric secure enough for your Business?Dejan Podgorsek - Is Hyperledger Fabric secure enough for your Business?
Dejan Podgorsek - Is Hyperledger Fabric secure enough for your Business?
 

More from Archiver

Archiver pilot phase kick off Award Ceremony
Archiver pilot phase kick off Award CeremonyArchiver pilot phase kick off Award Ceremony
Archiver pilot phase kick off Award CeremonyArchiver
 
Archiver pilot phase kick off Award Ceremony
Archiver pilot phase kick off Award CeremonyArchiver pilot phase kick off Award Ceremony
Archiver pilot phase kick off Award CeremonyArchiver
 
Prototype Phase Kick-off Event and Ceremony
Prototype Phase Kick-off Event and CeremonyPrototype Phase Kick-off Event and Ceremony
Prototype Phase Kick-off Event and CeremonyArchiver
 
Design phase kick-off event and Ceremony
Design phase kick-off event and CeremonyDesign phase kick-off event and Ceremony
Design phase kick-off event and CeremonyArchiver
 
Archiver at CS3 - Cloud Storage Synchronization and Sharing Services
Archiver at CS3 - Cloud Storage Synchronization and Sharing ServicesArchiver at CS3 - Cloud Storage Synchronization and Sharing Services
Archiver at CS3 - Cloud Storage Synchronization and Sharing ServicesArchiver
 
Hybrid Cloud storage deployment models: ARCHIVER presentation at the CS3 Work...
Hybrid Cloud storage deployment models: ARCHIVER presentation at the CS3 Work...Hybrid Cloud storage deployment models: ARCHIVER presentation at the CS3 Work...
Hybrid Cloud storage deployment models: ARCHIVER presentation at the CS3 Work...Archiver
 
Wrapping Up and Next Steps¶
Wrapping Up and Next Steps¶Wrapping Up and Next Steps¶
Wrapping Up and Next Steps¶Archiver
 
Overview of the EOSC¶
Overview of the EOSC¶Overview of the EOSC¶
Overview of the EOSC¶Archiver
 
ARCHIVER Tender Requirements
ARCHIVER Tender RequirementsARCHIVER Tender Requirements
ARCHIVER Tender RequirementsArchiver
 
Summary of the Deployment Scenarios and Functional Requirements
Summary of the Deployment Scenarios and Functional RequirementsSummary of the Deployment Scenarios and Functional Requirements
Summary of the Deployment Scenarios and Functional RequirementsArchiver
 
DESY / XFEL Deployment Scenarios
DESY / XFEL Deployment Scenarios DESY / XFEL Deployment Scenarios
DESY / XFEL Deployment Scenarios Archiver
 
Project update - João Fernandes
Project update - João FernandesProject update - João Fernandes
Project update - João FernandesArchiver
 
Embl ebi use-cases_-_t.wildish
Embl ebi use-cases_-_t.wildishEmbl ebi use-cases_-_t.wildish
Embl ebi use-cases_-_t.wildishArchiver
 
Stansted slides-desy
Stansted slides-desyStansted slides-desy
Stansted slides-desyArchiver
 
Pic archiver stansted
Pic archiver stanstedPic archiver stansted
Pic archiver stanstedArchiver
 
Archiver omc cern_deployment_scenarios_technical_details
Archiver omc cern_deployment_scenarios_technical_detailsArchiver omc cern_deployment_scenarios_technical_details
Archiver omc cern_deployment_scenarios_technical_detailsArchiver
 
Wrapping up_and_next_steps
Wrapping up_and_next_stepsWrapping up_and_next_steps
Wrapping up_and_next_stepsArchiver
 
Introduction to_planning_poker_addestino
Introduction to_planning_poker_addestinoIntroduction to_planning_poker_addestino
Introduction to_planning_poker_addestinoArchiver
 
Archiver OMC event_Barcelona_ Welcome to_accio
Archiver OMC event_Barcelona_ Welcome to_accio Archiver OMC event_Barcelona_ Welcome to_accio
Archiver OMC event_Barcelona_ Welcome to_accio Archiver
 
6 presentation wrapping up and next steps v2
6 presentation wrapping up and next steps v26 presentation wrapping up and next steps v2
6 presentation wrapping up and next steps v2Archiver
 

More from Archiver (20)

Archiver pilot phase kick off Award Ceremony
Archiver pilot phase kick off Award CeremonyArchiver pilot phase kick off Award Ceremony
Archiver pilot phase kick off Award Ceremony
 
Archiver pilot phase kick off Award Ceremony
Archiver pilot phase kick off Award CeremonyArchiver pilot phase kick off Award Ceremony
Archiver pilot phase kick off Award Ceremony
 
Prototype Phase Kick-off Event and Ceremony
Prototype Phase Kick-off Event and CeremonyPrototype Phase Kick-off Event and Ceremony
Prototype Phase Kick-off Event and Ceremony
 
Design phase kick-off event and Ceremony
Design phase kick-off event and CeremonyDesign phase kick-off event and Ceremony
Design phase kick-off event and Ceremony
 
Archiver at CS3 - Cloud Storage Synchronization and Sharing Services
Archiver at CS3 - Cloud Storage Synchronization and Sharing ServicesArchiver at CS3 - Cloud Storage Synchronization and Sharing Services
Archiver at CS3 - Cloud Storage Synchronization and Sharing Services
 
Hybrid Cloud storage deployment models: ARCHIVER presentation at the CS3 Work...
Hybrid Cloud storage deployment models: ARCHIVER presentation at the CS3 Work...Hybrid Cloud storage deployment models: ARCHIVER presentation at the CS3 Work...
Hybrid Cloud storage deployment models: ARCHIVER presentation at the CS3 Work...
 
Wrapping Up and Next Steps¶
Wrapping Up and Next Steps¶Wrapping Up and Next Steps¶
Wrapping Up and Next Steps¶
 
Overview of the EOSC¶
Overview of the EOSC¶Overview of the EOSC¶
Overview of the EOSC¶
 
ARCHIVER Tender Requirements
ARCHIVER Tender RequirementsARCHIVER Tender Requirements
ARCHIVER Tender Requirements
 
Summary of the Deployment Scenarios and Functional Requirements
Summary of the Deployment Scenarios and Functional RequirementsSummary of the Deployment Scenarios and Functional Requirements
Summary of the Deployment Scenarios and Functional Requirements
 
DESY / XFEL Deployment Scenarios
DESY / XFEL Deployment Scenarios DESY / XFEL Deployment Scenarios
DESY / XFEL Deployment Scenarios
 
Project update - João Fernandes
Project update - João FernandesProject update - João Fernandes
Project update - João Fernandes
 
Embl ebi use-cases_-_t.wildish
Embl ebi use-cases_-_t.wildishEmbl ebi use-cases_-_t.wildish
Embl ebi use-cases_-_t.wildish
 
Stansted slides-desy
Stansted slides-desyStansted slides-desy
Stansted slides-desy
 
Pic archiver stansted
Pic archiver stanstedPic archiver stansted
Pic archiver stansted
 
Archiver omc cern_deployment_scenarios_technical_details
Archiver omc cern_deployment_scenarios_technical_detailsArchiver omc cern_deployment_scenarios_technical_details
Archiver omc cern_deployment_scenarios_technical_details
 
Wrapping up_and_next_steps
Wrapping up_and_next_stepsWrapping up_and_next_steps
Wrapping up_and_next_steps
 
Introduction to_planning_poker_addestino
Introduction to_planning_poker_addestinoIntroduction to_planning_poker_addestino
Introduction to_planning_poker_addestino
 
Archiver OMC event_Barcelona_ Welcome to_accio
Archiver OMC event_Barcelona_ Welcome to_accio Archiver OMC event_Barcelona_ Welcome to_accio
Archiver OMC event_Barcelona_ Welcome to_accio
 
6 presentation wrapping up and next steps v2
6 presentation wrapping up and next steps v26 presentation wrapping up and next steps v2
6 presentation wrapping up and next steps v2
 

Recently uploaded

Market Analysis in the 5 Largest Economic Countries in Southeast Asia.pdf
Market Analysis in the 5 Largest Economic Countries in Southeast Asia.pdfMarket Analysis in the 5 Largest Economic Countries in Southeast Asia.pdf
Market Analysis in the 5 Largest Economic Countries in Southeast Asia.pdfRachmat Ramadhan H
 
VidaXL dropshipping via API with DroFx.pptx
VidaXL dropshipping via API with DroFx.pptxVidaXL dropshipping via API with DroFx.pptx
VidaXL dropshipping via API with DroFx.pptxolyaivanovalion
 
Halmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFxHalmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFxolyaivanovalion
 
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...amitlee9823
 
Zuja dropshipping via API with DroFx.pptx
Zuja dropshipping via API with DroFx.pptxZuja dropshipping via API with DroFx.pptx
Zuja dropshipping via API with DroFx.pptxolyaivanovalion
 
Data-Analysis for Chicago Crime Data 2023
Data-Analysis for Chicago Crime Data 2023Data-Analysis for Chicago Crime Data 2023
Data-Analysis for Chicago Crime Data 2023ymrp368
 
Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...
Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...
Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...shivangimorya083
 
Capstone Project on IBM Data Analytics Program
Capstone Project on IBM Data Analytics ProgramCapstone Project on IBM Data Analytics Program
Capstone Project on IBM Data Analytics ProgramMoniSankarHazra
 
Generative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and MilvusGenerative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and MilvusTimothy Spann
 
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...amitlee9823
 
FESE Capital Markets Fact Sheet 2024 Q1.pdf
FESE Capital Markets Fact Sheet 2024 Q1.pdfFESE Capital Markets Fact Sheet 2024 Q1.pdf
FESE Capital Markets Fact Sheet 2024 Q1.pdfMarinCaroMartnezBerg
 
April 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's AnalysisApril 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's Analysismanisha194592
 
Accredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdfAccredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdfadriantubila
 
Best VIP Call Girls Noida Sector 22 Call Me: 8448380779
Best VIP Call Girls Noida Sector 22 Call Me: 8448380779Best VIP Call Girls Noida Sector 22 Call Me: 8448380779
Best VIP Call Girls Noida Sector 22 Call Me: 8448380779Delhi Call girls
 
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
Carero dropshipping via API with DroFx.pptx
Carero dropshipping via API with DroFx.pptxCarero dropshipping via API with DroFx.pptx
Carero dropshipping via API with DroFx.pptxolyaivanovalion
 
CALL ON ➥8923113531 🔝Call Girls Chinhat Lucknow best sexual service Online
CALL ON ➥8923113531 🔝Call Girls Chinhat Lucknow best sexual service OnlineCALL ON ➥8923113531 🔝Call Girls Chinhat Lucknow best sexual service Online
CALL ON ➥8923113531 🔝Call Girls Chinhat Lucknow best sexual service Onlineanilsa9823
 
Schema on read is obsolete. Welcome metaprogramming..pdf
Schema on read is obsolete. Welcome metaprogramming..pdfSchema on read is obsolete. Welcome metaprogramming..pdf
Schema on read is obsolete. Welcome metaprogramming..pdfLars Albertsson
 

Recently uploaded (20)

Market Analysis in the 5 Largest Economic Countries in Southeast Asia.pdf
Market Analysis in the 5 Largest Economic Countries in Southeast Asia.pdfMarket Analysis in the 5 Largest Economic Countries in Southeast Asia.pdf
Market Analysis in the 5 Largest Economic Countries in Southeast Asia.pdf
 
VidaXL dropshipping via API with DroFx.pptx
VidaXL dropshipping via API with DroFx.pptxVidaXL dropshipping via API with DroFx.pptx
VidaXL dropshipping via API with DroFx.pptx
 
Halmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFxHalmar dropshipping via API with DroFx
Halmar dropshipping via API with DroFx
 
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
 
Zuja dropshipping via API with DroFx.pptx
Zuja dropshipping via API with DroFx.pptxZuja dropshipping via API with DroFx.pptx
Zuja dropshipping via API with DroFx.pptx
 
Data-Analysis for Chicago Crime Data 2023
Data-Analysis for Chicago Crime Data 2023Data-Analysis for Chicago Crime Data 2023
Data-Analysis for Chicago Crime Data 2023
 
Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...
Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...
Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...
 
Capstone Project on IBM Data Analytics Program
Capstone Project on IBM Data Analytics ProgramCapstone Project on IBM Data Analytics Program
Capstone Project on IBM Data Analytics Program
 
Generative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and MilvusGenerative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and Milvus
 
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
 
FESE Capital Markets Fact Sheet 2024 Q1.pdf
FESE Capital Markets Fact Sheet 2024 Q1.pdfFESE Capital Markets Fact Sheet 2024 Q1.pdf
FESE Capital Markets Fact Sheet 2024 Q1.pdf
 
Abortion pills in Doha Qatar (+966572737505 ! Get Cytotec
Abortion pills in Doha Qatar (+966572737505 ! Get CytotecAbortion pills in Doha Qatar (+966572737505 ! Get Cytotec
Abortion pills in Doha Qatar (+966572737505 ! Get Cytotec
 
April 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's AnalysisApril 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's Analysis
 
Accredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdfAccredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdf
 
Best VIP Call Girls Noida Sector 22 Call Me: 8448380779
Best VIP Call Girls Noida Sector 22 Call Me: 8448380779Best VIP Call Girls Noida Sector 22 Call Me: 8448380779
Best VIP Call Girls Noida Sector 22 Call Me: 8448380779
 
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Carero dropshipping via API with DroFx.pptx
Carero dropshipping via API with DroFx.pptxCarero dropshipping via API with DroFx.pptx
Carero dropshipping via API with DroFx.pptx
 
CALL ON ➥8923113531 🔝Call Girls Chinhat Lucknow best sexual service Online
CALL ON ➥8923113531 🔝Call Girls Chinhat Lucknow best sexual service OnlineCALL ON ➥8923113531 🔝Call Girls Chinhat Lucknow best sexual service Online
CALL ON ➥8923113531 🔝Call Girls Chinhat Lucknow best sexual service Online
 
Schema on read is obsolete. Welcome metaprogramming..pdf
Schema on read is obsolete. Welcome metaprogramming..pdfSchema on read is obsolete. Welcome metaprogramming..pdf
Schema on read is obsolete. Welcome metaprogramming..pdf
 

20190523 archiver fim

  • 1. Networks ∙ Services ∙ People www.geant.org ARCHIVER Meeting, Stanstead Airport Federated Identity Management for ARCHIVER 23/05/2019 Hannah Short CERN IT GÉANT Project Participant
  • 2. Networks ∙ Services ∙ People www.geant.org Introduction to Federated Identity Management Federated Identity Management for ARCHIVER Technology Policy Getting started Agenda
  • 3. Networks ∙ Services ∙ People www.geant.org Introduction to Federated Identity Management Federated Identity Management for ARCHIVER Technology Policy Getting started Agenda
  • 4. Networks ∙ Services ∙ People www.geant.org Federated identity management (FIM) is the set of policies and technologies that enables one party to rely on the authentication performed by another trusted party, and the secure transfer of identity information for authorisation purposes. 4 Federated Identity Management Credit to Licia Florio, GÉANT
  • 5. Networks ∙ Services ∙ People www.geant.org User: • A user is characterized by an identity, a collection of attributes that represent properties about that specific person. Identity Provider (IdP): • Asserts authentication and identity information about the user. Service Provider Proxy • Controls access to a set of service providers • Adds authorization information Service Provider (SP): • Receives and checks authentication and authorization information to grant access to the service. 5 FIM Components Credit to Alessandra Scicchitano, GEANT, for this slide
  • 6. Networks ∙ Services ∙ People www.geant.org Blueprint Architecture https://aarc-project.eu/architecture/ User Identity Provider Service Provider Proxy Service Provider
  • 7. Networks ∙ Services ∙ People www.geant.org SAML • Security Assertion Markup Language • Exchange of metadata (including keys) to establish trust, facilitates by Identity Federations • Authentication Assertions sent as XML packets OIDC • OpenID Connect • Clients register to OIDC Providers • Authentication and Authorisation typically sent as Jason Web Tokens FIM Protocols
  • 8. Networks ∙ Services ∙ People www.geant.org Introduction to Federated Identity Management Federated Identity Management for ARCHIVER Technology Policy Getting started Agenda
  • 9. Networks ∙ Services ∙ People www.geant.org Who does what? Research Institute IdPs, through eduGAIN ARCHIVER Services ? https://aarc-project.eu/architecture/
  • 10. Networks ∙ Services ∙ People www.geant.org Identity Providers (Research Institutes) • Research Institutes typically already have an IdP in eduGAIN that talks SAML • If your Research Institute doesn’t yet have an IdP, contact your National Federation for guidance https://technical.edugain.org/status Service Providers (ARCHIVER Services) • Many commercial services already support SAML or OIDC • Most Service Provider proxies (where you will connect your service) also support both • If your Service Provider supports neither you will need to implement it. See training: • OIDC examples for multiple platforms https://aarc-project.eu/training/integrating- your-service-with-openid-connect/ • SAML example with Shibboleth https://aarc- project.eu/training/saml-and-shibboleth- introduction/ Which protocols should you use?
  • 11. Networks ∙ Services ∙ People www.geant.org Service Supporting organisation SP protocols supported Deployment models advertised Link eduTEAMS GÉANT SAML, OIDC Hosted or standalone https://www.geant.org/I nnovation/eduteams/Pa ges/Getting-Started.aspx EGI Check-in EGI/GRNET SAML, OIDC Hosted or standalone https://www.egi.eu/wp- content/uploads/2017/0 9/Check-in.pdf B2ACCESS EUDAT SAML, OAuth2 (similar to OIDC) Standalone https://marketplace.eosc - portal.eu/services/b2acc ess INDIGO IAM INDIGO/INFN OIDC Standalone https://www.indigo- datacloud.eu/identity- and-access-management Service Provider Proxy Options, Software (all participate in EOSC Projects)
  • 12. Networks ∙ Services ∙ People www.geant.org The ARCHIVER project should carefully consider the following questions • How many Service Provider Proxies should be set up? (Would recommend one for simplicity) • Who will set up authorisation groups? • Who will maintain group membership? Service Provider Proxy Options, Governance
  • 13. Networks ∙ Services ∙ People www.geant.org • Multiple ways have been explored to provide command line access • Device Code Flow with OAuth (enter a code on a browser to validate a command line authentication request) • SSH Key upload (collect users’ SSH keys at the Service Provider Proxy and provision them at the resource) • OIDC Agent (https://indigo-dc.gitbooks.io/oidc-agent/) that dynamically provisions OIDC tokens in a similar way to SSH keys) • Discuss with the Service Provider Proxy what they recommend or can support Command line access
  • 14. Networks ∙ Services ∙ People www.geant.org Introduction to Federated Identity Management Federated Identity Management for ARCHIVER Technology Policy Getting started Agenda
  • 15. Networks ∙ Services ∙ People www.geant.org Attribute Release • Research IdPs should release the Research and Scholarship attribute bundle (persistent id, name, email) • To encourage attribute release from IdPs, Service Providers (or the Proxy) should* • Support Research and Scholarship (R&S) https://refeds.org/category/research-and- scholarship • Adopt the GÉANT Data Protection Code of Conduct (CoCo) https://wiki.geant.org/display/eduGAIN/Recipe+f or+a+Service+Provider • Comply with the Security Incident Response Trust Framework (Sirtfi) https://refeds.org/sirtfi *Note, a Service Provider Proxy would assert compliance with R&S, CoCo and Sirtfi for the group of Services behind it Policies: FIM Frameworks SP ProxyIdP ID, Name, Email SP ID, Name, Email, AuthZ
  • 16. Networks ∙ Services ∙ People www.geant.org Operational Security • To support Security Incident Response, ARCHIVER Services should require that IdPs • Comply with the Security Incident Response Trust Framework (Sirtfi) • Publish a Security Contact Policies: FIM Frameworks
  • 17. Networks ∙ Services ∙ People www.geant.org Attribute Release • Research IdPs should release the Research and Scholarship attribute bundle (persistent id, name, email) • To encourage attribute release from IdPs, Service Providers (or the Proxy) should* • Support Research and Scholarship (R&S) https://refeds.org/category/research-and- scholarship • Adopt the GÉANT Data Protection Code of Conduct (CoCo) https://wiki.geant.org/display/eduGAIN/Recipe+f or+a+Service+Provider • Comply with the Security Incident Response Trust Framework (Sirtfi) https://refeds.org/sirtfi Operational Security • To support Security Incident Response, ARCHIVER Services should require that IdPs • Comply with the Security Incident Response Trust Framework (Sirtfi) • Publish a Security Contact *Note, a Service Provider Proxy would assert compliance with R&S, CoCo and Sirtfi for the group of Services behind it Policies: FIM Frameworks
  • 18. Networks ∙ Services ∙ People www.geant.org • ARCHIVER users will be presented with multiple policy points for consent and/or accepting terms and conditions (at IdPs, SP Proxy, SPs). To aid user experience you may wish to consider interoperable policies that can be accepted once, in particular: • Acceptable Use Policy to be accepted at the SP Proxy when registering https://wiki.geant.org/display/WISE/Baseline+Acceptable+Use+Policy+and+Conditions+of+Use • There may be requirements for each ARCHIVER Service to comply with additional policies, such as • Service Operations Security Policy • Policy on the Processing of Personal Data Further guidance is available at https://aarc-project.eu/policies/policy-development-kit/ Additional Policies
  • 19. Networks ∙ Services ∙ People www.geant.org Introduction to Federated Identity Management Federated Identity Management for ARCHIVER Technology Policy Getting started Agenda
  • 20. Networks ∙ Services ∙ People www.geant.org 1. The ARCHIVER project should decide on a Service Provider Proxy implementation and operator 2. Research Institutes should ensure that they have a SAML IdP registered in eduGAIN that releases the Research & Scholarship Attribute Bundle 3. ARCHIVER Services should ensure that their Services can be authenticated via SAML or OIDC (depending on the chosen Service Provider Proxy implementation) Next Steps
  • 21. Networks ∙ Services ∙ People www.geant.org Testing tools • Test your SAML IdP (Research Institutes) or SP (ARCHIVER Services) https://samltest.id • Test your OIDC Service https://openidconnect.net https://aarc-project.eu Looking for help? Guidance for Infrastructures Training
  • 22. Networks ∙ Services ∙ People www.geant.org Thank you Networks ∙ Services ∙ People www.geant.org hannah.short@cern.ch Any questions?