1 / 8

Federation Security

This presentation outlines the advancements in the federated identity management landscape, particularly focusing on tighter integration with OAuth2 protocols. It discusses the new capabilities for certificate delegation, the challenges of using GSI proxies, and the practical experiences gained from integrating with community portals such as EUDAT. The session emphasizes customization needs for portal integration, command line logins with Shibboleth and OpenID, and highlights the limitations of current identity solutions. It provides insights into the ongoing development and implementation within the EC-funded Contrail project.

elvin
Download Presentation

Federation Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Federation Security Jens Jensen, STFC contrailis co-funded by the EC 7th Framework Programme under Grant Agreement nr. 257438 contrail-project.eu 01

  2. OpenID Shib SSPhp Username/password Web CA Fed DB Federation layer (previous)

  3. OpenID Shib SSPhp Username/password DB OAuth2 Auz CA OAuth2 ResSvr Web Prov Mgr. Federation layer (new)

  4. What’s New • Tighter Integration with OAuth2 • OAuth2 used for certificate delegation • Not everything works with GSI proxies • See complete example in IDEL-WG session • This presentation focuses on the login session • Login to OAuthAuzSvr

  5. Experiences with reuse – EUDAT • Need customisation for community portals • Command line login – Shib. OpenID. • ShibIdPs limitations • Publishing inconsistently • ePTID maybe not sufficient • Integrate with community portals • Two portals – EUDAT and community – or integrate portals • Data staging – need uniformly accepted credentials, or ...

  6. Code Yes, it is open source contrail.ow2.org

  7. contrail is co-funded by the EC 7th Framework Programme http://contrail-project.eu Funded under: FP7 (Seventh Framework Programme) Area: Internet of Services, Software & virtualization (ICT-2009.1.2) Project reference: 257438 Total cost: 11,29 million euro EU contribution: 8,3 million euro Execution: From 2010-10-01 untill 2013-09-30 Duration: 36 months Contract type: Collaborative project (generic) contrail-project.eu 08

More Related