Abstract image of a woman sitting on books and studying on a laptop

Curious about EOSC federated AAI?

T
Tiziana Ferrari

The document discusses the AARC Blueprint Architecture and its evolution within the context of the European Open Science Cloud (EOSC) and the funding received from the EU's Horizon 2020 program. It outlines the connection and management of user identities and services tailored for research communities, including both dedicated and multi-tenant deployments. It emphasizes compliance with operational security, privacy requirements, and frameworks for accessing resources within the research community ecosystem.

Science
1 of 7
Download to read offline
1
2
3
4
5
6
7
EOSC-hub receives funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 777536. eosc-hub.eu @EOSC_eu AARC Blueprint Architecture and its evolution – towards the EOSC AAI for research communities Dissemination level: Public
31/01/2019 2 AARC Blueprint Architecture and its evolution ESFRI RIs and EOSC Workshop
“Community-first” AARC BPA approach Researchers sign in using their institutional (eduGAIN), social or community-managed IdP via their Research Community AAI Community-specific services are connected to a single Community AAI Generic services (e.g. RCauth.eu Online CA) can be connected to more than one Community AAI proxies e-Infra services are connected to a single e- infra SP proxy service gateway, e.g. B2ACCESS, Check-in, Identity Hub, etc 31/01/2019 3 AARC Blueprint Architecture and its evolution ESFRI RIs and EOSC Workshop
Uniform representation of unique user identifiers Standardised way of expressing group membership, role information & resource capabilities Non-web-browser-based access (e.g. SSH/SFTP or HTTP APIs via OAuth2 tokens and X.509 certs) Delegation (e.g. via token exchange) Release of mandatory set of user attributes (incl. unique shared id) - REFEDS Research & Scholarship entity category Operational security, incident response, and traceability- REFEDS Sirtfi Privacy requirements for processing personal information- GÉANT Data Protection Code of Conduct Rules and conditions that govern access to and use of service and resources - WISE Baseline Acceptable Use Policy (AUP) Assurance information- REFEDS Assurance Framework, IGTF/AARC assurance profiles 31/01/2019 4ESFRI RIs and EOSC Workshop EOSC-hub AAI builds on AARC BPA & Policy best practices & recommendations
Communities with an existing Community AAI can connect to the EOSC-hub e-Infra Proxies and gain access to generic e-Infra services Communities that don’t operate their own AAI service can make use of either dedicated or multi-tenant deployments of AAI services operated by EOSC-hub Multi-tenant deployments: - aimed at medium-to-small research communities/groups or individual researchers. - community members, groups and authorisation attributes are still managed by community managers. Dedicated deployments: - customisation of user-facing interfaces: IdP discovery page, enrolment, group membership UI - customisation of AAI proxy behaviour (e.g. attribute aggregation rules, service entitlements) - possibility of bespoke AAI Solutions, which might include individual Components from the GÉANT eduTEAMS, EGI Check- in, INDIGO IAM, EUDAT B2ACCESS, and PERUN 31/01/2019 5ESFRI RIs and EOSC Workshop How the EOSC-hub AAI services help communities access resources
31/01/2019 6 EOSC-hub Community AAI services ESFRI RIs and EOSC Workshop
@nliampotis Thank you for your attention! Questions?

More Related Content

PPT
Ck Coalition 2009
LindaFWinger
 
PPTX
EOSC-hub AAI architecture (EOSC hub week, Malaga, 16 - 20 April 2018)
EOSC-hub project
 
PPTX
EOSC-hub AAI: Initial building blocks (EOSC hub week, Malaga, 16 - 20 April 2...
EOSC-hub project
 
PPTX
EOSC-hub - EGI Check-in service
EOSC-hub project
 
PPT
Some Academic Sector/NMCA outcomes from the OGC Web Service Shibboleth Intero...
EDINA, University of Edinburgh
 
PPT
OGC Web Service Shibboleth Interoperability Experiment
EDINA, University of Edinburgh
 
PPT
Shibboleth Federations and Secure SDI
EDINA, University of Edinburgh
 
PPTX
Implementation roadmap for the EOSC
EOSC-hub project
 
Ck Coalition 2009
LindaFWinger
 
EOSC-hub AAI architecture (EOSC hub week, Malaga, 16 - 20 April 2018)
EOSC-hub project
 
EOSC-hub AAI: Initial building blocks (EOSC hub week, Malaga, 16 - 20 April 2...
EOSC-hub project
 
EOSC-hub - EGI Check-in service
EOSC-hub project
 
Some Academic Sector/NMCA outcomes from the OGC Web Service Shibboleth Intero...
EDINA, University of Edinburgh
 
OGC Web Service Shibboleth Interoperability Experiment
EDINA, University of Edinburgh
 
Shibboleth Federations and Secure SDI
EDINA, University of Edinburgh
 
Implementation roadmap for the EOSC
EOSC-hub project
 

Similar to Curious about EOSC federated AAI? (20)

PPT
Shibboleth Access Management Federations as an Organisational Model for SDI
EDINA, University of Edinburgh
 
PPT
Inspire2011 shibb am_fs_paper_v3
EDINA, University of Edinburgh
 
PPTX
EOSC-hub & RCauth.eu presentation
EOSC-hub project
 
PPT
Access Control in ESDIN: Shibboleth
EDINA, University of Edinburgh
 
PPT
Eunis federation2
HEAnet
 
PPT
'Connecting poeple to resources' by Nicole Harris at UKSG 2007
JISC.AM
 
PPTX
EOSC Portal future plans
EOSC-hub project
 
PPTX
European Research Projects as EOSC Service Providers
Pedro Príncipe
 
PDF
Sshoc kick off meeting - 1.2.1 How to Connect to EOSC? - Tiziana Ferrari - EGI
SSHOC
 
PPTX
EOSC-hub: A Collaborative Framework for the EOSC Implementation
EOSC-hub project
 
PDF
Draft Governance Framework for the EOSC
EUDAT
 
PPT
McShibboleth Presentation
JISC.AM
 
PPT
EUDAT Collaborative Data Infrastructure: Data Access and Re-use Service Area
EUDAT
 
PPTX
ENES Climate Analytics Service (ECAS)
EOSC-hub project
 
PPT
JISC License Workshop
JISC.AM
 
PPTX
Shaping the EOSC Portal - future vision for EOSC Hub
EOSC-hub project
 
PPTX
The EOSC Compute Platform with the EGI-ACE project
EGI Federation
 
PDF
Governance and Sustainability of EOSC: ambitions, challenges and opportunities
EOSCpilot .eu
 
PDF
20190523 archiver fim
Archiver
 
PDF
Technology Standarization Commitees
Jesús López Lobo
 
Shibboleth Access Management Federations as an Organisational Model for SDI
EDINA, University of Edinburgh
 
Inspire2011 shibb am_fs_paper_v3
EDINA, University of Edinburgh
 
EOSC-hub & RCauth.eu presentation
EOSC-hub project
 
Access Control in ESDIN: Shibboleth
EDINA, University of Edinburgh
 
Eunis federation2
HEAnet
 
'Connecting poeple to resources' by Nicole Harris at UKSG 2007
JISC.AM
 
EOSC Portal future plans
EOSC-hub project
 
European Research Projects as EOSC Service Providers
Pedro Príncipe
 
Sshoc kick off meeting - 1.2.1 How to Connect to EOSC? - Tiziana Ferrari - EGI
SSHOC
 
EOSC-hub: A Collaborative Framework for the EOSC Implementation
EOSC-hub project
 
Draft Governance Framework for the EOSC
EUDAT
 
McShibboleth Presentation
JISC.AM
 
EUDAT Collaborative Data Infrastructure: Data Access and Re-use Service Area
EUDAT
 
ENES Climate Analytics Service (ECAS)
EOSC-hub project
 
JISC License Workshop
JISC.AM
 
Shaping the EOSC Portal - future vision for EOSC Hub
EOSC-hub project
 
The EOSC Compute Platform with the EGI-ACE project
EGI Federation
 
Governance and Sustainability of EOSC: ambitions, challenges and opportunities
EOSCpilot .eu
 
20190523 archiver fim
Archiver
 
Technology Standarization Commitees
Jesús López Lobo
 
Ad

Recently uploaded (20)

PDF
7.Physics_8_WBS_Electricity.pdfXFGXFDHFHG
LynetteGaniron1
 
PPT
Cell Structure Description and Functions
nctpcctv
 
PPTX
congenital heart diseases of burao university.pptx
eapdiaziz
 
PPTX
gene cloning powerpoint for general biology 2
G17RodriguezJanelleA
 
PPTX
2currentelectricity1-201006102815 (1).pptx
faisalahemd13
 
PPTX
endocrine - management of adrenal incidentaloma.pptx
csushrut2511
 
PPTX
Presentation1 INTRODUCTION TO ENZYMES.pptx
JIBY2
 
PPT
Mutation in dna of bacteria and repairss
Hassan Yousaf
 
PPTX
ELISA(Enzyme linked immunosorbent assay)
asmithaasmitha376
 
PPTX
HAEMATOLOGICAL DISEASES lack of red blood cells, which carry oxygen throughou...
pavanteja2396
 
PDF
Communicating Health Policies to Diverse Populations (www.kiu.ac.ug)
publication11
 
PDF
Social preventive and pharmacy. Pdf
HarshithaK71
 
PPTX
perinatal infections 2-171220190027.pptx
PoojithaPotnuru1
 
PDF
Unit 5 Preparations, Reactions, Properties and Isomersim of Organic Compounds...
fliwertyfw154
 
PPT
THE CELL THEORY AND ITS FUNDAMENTALS AND USE
nctpcctv
 
PPTX
Platelet disorders - thrombocytopenia.pptx
AnnaMarie531858
 
PPTX
Cells and Organs of the Immune System (Unit-2) - Majesh Sir.pptx
tkgauri1
 
PDF
From Molecular Interactions to Solubility in Deep Eutectic Solvents: Explorin...
Maciej Przybyłek
 
PPTX
Understanding the Circulatory System……..
Sibongokuhle1
 
PDF
Is Earendel a Star Cluster?: Metal-poor Globular Cluster Progenitors at z ∼ 6
Sérgio Sacani
 
7.Physics_8_WBS_Electricity.pdfXFGXFDHFHG
LynetteGaniron1
 
Cell Structure Description and Functions
nctpcctv
 
congenital heart diseases of burao university.pptx
eapdiaziz
 
gene cloning powerpoint for general biology 2
G17RodriguezJanelleA
 
2currentelectricity1-201006102815 (1).pptx
faisalahemd13
 
endocrine - management of adrenal incidentaloma.pptx
csushrut2511
 
Presentation1 INTRODUCTION TO ENZYMES.pptx
JIBY2
 
Mutation in dna of bacteria and repairss
Hassan Yousaf
 
ELISA(Enzyme linked immunosorbent assay)
asmithaasmitha376
 
HAEMATOLOGICAL DISEASES lack of red blood cells, which carry oxygen throughou...
pavanteja2396
 
Communicating Health Policies to Diverse Populations (www.kiu.ac.ug)
publication11
 
Social preventive and pharmacy. Pdf
HarshithaK71
 
perinatal infections 2-171220190027.pptx
PoojithaPotnuru1
 
Unit 5 Preparations, Reactions, Properties and Isomersim of Organic Compounds...
fliwertyfw154
 
THE CELL THEORY AND ITS FUNDAMENTALS AND USE
nctpcctv
 
Platelet disorders - thrombocytopenia.pptx
AnnaMarie531858
 
Cells and Organs of the Immune System (Unit-2) - Majesh Sir.pptx
tkgauri1
 
From Molecular Interactions to Solubility in Deep Eutectic Solvents: Explorin...
Maciej Przybyłek
 
Understanding the Circulatory System……..
Sibongokuhle1
 
Is Earendel a Star Cluster?: Metal-poor Globular Cluster Progenitors at z ∼ 6
Sérgio Sacani
 
Ad

Curious about EOSC federated AAI?

  • 1. EOSC-hub receives funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 777536. eosc-hub.eu @EOSC_eu AARC Blueprint Architecture and its evolution – towards the EOSC AAI for research communities Dissemination level: Public
  • 2. 31/01/2019 2 AARC Blueprint Architecture and its evolution ESFRI RIs and EOSC Workshop
  • 3. “Community-first” AARC BPA approach Researchers sign in using their institutional (eduGAIN), social or community-managed IdP via their Research Community AAI Community-specific services are connected to a single Community AAI Generic services (e.g. RCauth.eu Online CA) can be connected to more than one Community AAI proxies e-Infra services are connected to a single e- infra SP proxy service gateway, e.g. B2ACCESS, Check-in, Identity Hub, etc 31/01/2019 3 AARC Blueprint Architecture and its evolution ESFRI RIs and EOSC Workshop
  • 4. Uniform representation of unique user identifiers Standardised way of expressing group membership, role information & resource capabilities Non-web-browser-based access (e.g. SSH/SFTP or HTTP APIs via OAuth2 tokens and X.509 certs) Delegation (e.g. via token exchange) Release of mandatory set of user attributes (incl. unique shared id) - REFEDS Research & Scholarship entity category Operational security, incident response, and traceability- REFEDS Sirtfi Privacy requirements for processing personal information- GÉANT Data Protection Code of Conduct Rules and conditions that govern access to and use of service and resources - WISE Baseline Acceptable Use Policy (AUP) Assurance information- REFEDS Assurance Framework, IGTF/AARC assurance profiles 31/01/2019 4ESFRI RIs and EOSC Workshop EOSC-hub AAI builds on AARC BPA & Policy best practices & recommendations
  • 5. Communities with an existing Community AAI can connect to the EOSC-hub e-Infra Proxies and gain access to generic e-Infra services Communities that don’t operate their own AAI service can make use of either dedicated or multi-tenant deployments of AAI services operated by EOSC-hub Multi-tenant deployments: - aimed at medium-to-small research communities/groups or individual researchers. - community members, groups and authorisation attributes are still managed by community managers. Dedicated deployments: - customisation of user-facing interfaces: IdP discovery page, enrolment, group membership UI - customisation of AAI proxy behaviour (e.g. attribute aggregation rules, service entitlements) - possibility of bespoke AAI Solutions, which might include individual Components from the GÉANT eduTEAMS, EGI Check- in, INDIGO IAM, EUDAT B2ACCESS, and PERUN 31/01/2019 5ESFRI RIs and EOSC Workshop How the EOSC-hub AAI services help communities access resources
  • 6. 31/01/2019 6 EOSC-hub Community AAI services ESFRI RIs and EOSC Workshop
  • 7. @nliampotis Thank you for your attention! Questions?