1 / 16

Middleware challenges to service providers, the Nordic view TERENA, 24.10.2002

Middleware challenges to service providers, the Nordic view TERENA, 24.10.2002 Ingrid Melve, UNINETT. Overview. What is happening in the Nordic countries with middleware Nordunet2 research initative GNOMIS FEIDE and FEIDHE SwUPKI and SPOCP Infraservices, the Nordic approach

bernard-casey
Download Presentation

Middleware challenges to service providers, the Nordic view TERENA, 24.10.2002

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Middleware challenges to service providers, the Nordic view TERENA, 24.10.2002 Ingrid Melve, UNINETT

  2. Overview • What is happening in the Nordic countries with middleware • Nordunet2 research initative • GNOMIS • FEIDE and FEIDHE • SwUPKI and SPOCP • Infraservices, the Nordic approach • Distinguished academic middleware

  3. Learning Network

  4. Middleware helps us • Have an electronic identity • Name networked stuff, for humans to find • Secure our communication • May log in where access is restricted • Keep track of networked users and components and content and stuff • Control privacy options

  5. Middleware in action • DNS: naming and resource discovery • Multicast and traffic flow control • Access control • Authentication • Authorization • Accounting • Policy and Quality of Service (QoS) • Proxies: flow control, caching • Transcoding and announcements

  6. Authentication and Authorization • Logging in • Who are you? Authentication • What are you allowed to do? Authorization and policy • There is no single Public Key Infrastructure (PKI) • Scaling trust is difficult • Bootstrapping is hard • Do we need better security? Really?

  7. Nordunet2 • Follow up on Nordunet which established the operational NORDUnet and put the Nordic countries on the network frontier • http://www.nordunet2.org • Focal areas • Distance education and lifelong learning • Tele Medicine • Digital libraries • Infraservices

  8. Infraservices is middleware • Infraservices projects • Directories • Transcoding, mobile support • GRID • Virtual Reality support • AA and GNOMIS • Test networks

  9. GNOMIS • The Greater Nordic Middleware Symposium: sharing the burden • Finns have done large scale end user testing of PKI technology and smart cards • Swedes have worked on server certificates and authorization • Norwegians build user management systems integrated with authentication services

  10. FEIDE: common academic electronic ID in Norway • Building a common electronic ID • Standard person/user information • Standard resource information • Enable easy login facilities • Building blocks • Username/password in schema • Legal issues wrangled once • PKI, possibly support for smart cards • Common authentication service • Establish a common authorization service

  11. FEIDHE/HSTYA • Investigate possibilities for implementing a smart card based electronic identification • Testing smart cards in applications • User authentication • Digital signatures • Deployment steps recommended • Make related modifications to the user administration • Deploy services relying on PKI • Distribute smart cards to the users

  12. SwUPKI • SwedishUniversity PKI • PKI used (mostly) for server certificates • 5 participating universities (so far) • Sample policies available, easy to join • Affordable certificates • Operations and policy decisions are separated on top level Certification Authority

  13. SPOCP test • Simple Policy Control Project • 5 swedish universities, Sunet and Uninett • Testing policy control server for authorization • Centralized authorization • Support for Access Control List descriptions

  14. How are universities different • Heterogenous software • Open solutions, no inside/outside (students inside are more dangerous than the outside), few firewalls • Loosely coupled systems • Some are large scale, most have transient user populations • Hard to establish organizational policy that works for all (a professor may do as she wants)

  15. How is university middleware similar • Security issues are the same whereever you go • Getting users to behave • Protecting the prey: users and servers • Keeping track of who is allowed to do what • BUT: universities are similar to the Internet at large, not to enterprise networks

  16. Summing up • Nordic area is collaborating on solving middleware challenges • Middleware makes networked life more complex • Middleware is on its way • Directories of information • Software on servers and clients • Policy and formal agreements • We have work to do on the NRN level • Contact: • ingrid.melve@uninett.no, gnomis@uninett.no

More Related