You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Access to resources (TSA1.3)

Task Leader: PSNC Maciej Brzeźniak

This task aims at improving access to relevant research and education non-web resources located outside the home organization of the user. The main improvement is to make use of existing AAIs that provide verified institutional user credentials and (external) authorization attributes instead of local user management. While many successful implementations exist already for web portals, the technology for non-web scenarios is still immature. Therefore we focus on suitable approaches and services for token translation. In addition, we will pilot and analyse the usage of user credentials and attributes coming from different AAIs in the second year of this project.

To address the token translation topic we have started two pilots and a:

  • LDAP Facade - The pilot aims at providing access to non-web resources (e.g. sftp, ssh console) for non-grid users by exploiting the existing AAIs, without the need to obtain user certificates.

  • CILogon - The CILogon pilot has started to test the feasibility to provide a more advanced online service for producing certificates based on a institutional login and to delegate a proxy certificate to a non-web back-end service without bothering the user with certificate related complexity

  • Unity - Unity-IdM is the 3rd solution we aim to assess to bridge SAML based identities and attributes to non-web resources. This work will likely be performed in collaboration with the EUDAT AAI team and is currently in preparation

 

In addition, we aim to pilot access to cloud resources. In this context we started to explore and pilot:

  • ORCID.org as a service provider - to be piloted with our AARC research community. Further work includes the feasibility to use ORCID as an attribute authority but this work will take place in SA1 Task 2 (attribute management)
  • OwnCloud and LibreOffice to demonstrate the integration of Libre Office Online with Owncloud as a service that is available through eduGAIN. We will assess its usefulness within the DARIAH community and others
  • Integration opportunities that may arise from services being added to the GN cloud catalogue

Status per June 1st 2016

  • wrapping up findings based on LDAP facade pilot
  • first results available on CI-logon pilot, tested with the Elixir and EGI community, see blog
  • starting up pilot with Unity-IdM and pilot integration of EUDAT, PRACE and EGI e-infrastructures

 

  • No labels