brook schofield, terena ● sofia, bulgaria ● 20 th june 2014
DESCRIPTION
Europe Latin America Collaborative e‑Infrastructure for Research Activities A Model for Federated Services. Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014. A family of services. Worldwide eduroam status…. e duroam in production eduroam pilot Missing eduroam. Overview. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/1.jpg)
Europe Latin America Collaborative e Infrastructure for Research Activities‑
A Model for Federated Services
Brook Schofield, TERENA ● Sofia, Bulgaria ● 20th June 2014
![Page 2: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/2.jpg)
A family of services
![Page 3: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/3.jpg)
Worldwide eduroam status…
eduroam in productioneduroam pilot Missing eduroam
![Page 4: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/4.jpg)
Overview
Partners• CLARA, GARR, RNP, TERENA, RedIRIS
Focus:
– Promoting and consolidating the foundations for creating a framework for authentication and authorization in Latin America, and facilitate the integration with the European initiatives under TERENA activities such as TF-EMC2 and REFEDS, and will make the necessary arrangements to join the GÉANT service eduGAIN
![Page 5: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/5.jpg)
eduroam in Latin America
Before the Project1 production deployments
– Brazil, Peru
Zero pilot deployments
![Page 6: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/6.jpg)
eduroam in Latin America
Year 1 of the Project3 production deployments
– Brazil, Peru, Chile
9 pilot deployments– Argentina, Colombia,
Costa Rica, Ecuador, El Salvador, Mexico, Nicaragua, Uruguay, Venezuela
![Page 7: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/7.jpg)
eduroam in Latin America
Current progress…8 production deployments
– Argentina, Brazil, Chile, Colombia, Costa Rica, Ecuador, Mexico, Peru
4 pilot deployments– El Salvador, Nicaragua,
Uruguay, Venezuela6 Missing
– Bolivia, Guatemala, Honduras, Panama, Paraguay, Guyana
![Page 8: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/8.jpg)
eduroam statement signed
![Page 9: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/9.jpg)
Federation Development
Campus• Username/Password Store for AuthN
IdP• Expose Campus IdM via SAML/RADIUS
Federation• Aggregates IdPs & SPs; Builds Trust
Inter-Federation
• Aggregates Federations
![Page 10: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/10.jpg)
Key steps
• eduroam at TICAL 2012– Regional Conference, Assess who has eduroam
and who uses it– Repeat at TICAL 2013 and TICAL 2014
• Offer services via federated access/eduGAIN– FileSender, Video Conference Portal,
RedCLARA Portal• Collaboration with GÉANT
![Page 11: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/11.jpg)
Federation Development Criteria
Pilot• Name, Webpage, Metadata Feed
Production• Policy for IdPs & SPs
Candidate• Metadata Registration Practice Statement
eduGAIN• Declaration Signed, Metadata Feed Validated
![Page 12: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/12.jpg)
Identity Federations and Latin America
Year 1• eduGAIN Participant
– Brazil (CAFe)• eduGAIN Candidate
– Chile (COFRe)• Pilot Federation
– Peru• MoU Federations
– Argentina, Colombia, Costa Rica, Mexico eduGAIN Member
Joining eduGAINCandidate FederationPilot FederationMoU Signed
![Page 13: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/13.jpg)
Worldwide eduGAIN status…
CAFeCOFRe
eduGAIN MemberJoining eduGAINCandidate FederationPilot FederationMoU Signed
![Page 14: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/14.jpg)
Identity Federations and Latin America
Current• eduGAIN Participant
– Brazil (CAFe)– Chile (COFRe)
• eduGAIN Candidate– Colombia (COLFIRE)
• Pilot/MoU Federations– Argentina, Costa Rica,
Ecuador, Mexico, PerueduGAIN MemberJoining eduGAINCandidate FederationPilot FederationMoU Signed with ELCIRA
![Page 15: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/15.jpg)
Problems and Concerns
• Policy often more difficult then technical issues - Chile was 1st world wide to adopt Policy Template from GÉANT/REFEDS;
• Different models of sustainability in the NRENs in Latin America;
• Few technical people involved in the project;• NREN commitment/focus in setting up
eduroam infrastructure ahead of AAI.
![Page 16: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/16.jpg)
* MATE (Argentina)
• MATE run by INNOVA|REDMarco para el Acceso a la Tecnología y la Educación (MATE)Model for Access to Technology and Education (MATE)
• Started operation in late 2013• Joined eduGAIN in early-2014 ;-)
• *This is NOT their logo (nor their name)!!
![Page 17: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/17.jpg)
What to focus on?
• Federating your campus systems– Talk to your researchers, staff & students
• Investigate key services– Intranet and Website– Webmail
• Google Apps for Education, Microsoft 365– e-Learning – Moodle– Talk to your librarian about Journal Access– Find your own “killer app”.
![Page 18: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/18.jpg)
• simpleSAMLphp– PHP– Multi-lingual support
• Shibboleth– IdP is Java, SP is C/mod_shib– Runs within Apache Tomcat
• PySAML2 – Python
• Many plug-ins or modules available for common tools.• Benefits are greater than using LDAP.
More that one choice is good…
![Page 19: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/19.jpg)
Federation Development
Technology
Policy
![Page 20: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/20.jpg)
Federation Development
Technology== Pilot
Policy==Production
![Page 21: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/21.jpg)
Federation Development
Technology=>Campus
Policy=>NREN
![Page 22: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/22.jpg)
Technology == Pilot
• Federation Core Services– “Routing”– Discovery
• Federation “Entities” (IdPs/SPs)– Shibboleth– simpleSAMLphp– PySAML– ADFS
![Page 23: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/23.jpg)
Technology == Pilot
• NREN as Federation Operator– “Routing”– Discovery
• Campus, Content Providers, Research Infrastructures– Shibboleth– simpleSAMLphp– PySAML– ADFS
![Page 24: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/24.jpg)
What to NOT focus on?
• Policy over business case/justification– What’s important for your campus’
• Waiting until …– your federation in “production” or in eduGAIN– …a “killer app” is found.
• “Other” or Future Federation Technologies– OpenID Connect + OAuth are being explored.– Hub&Spoke gateways already exist.
![Page 25: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/25.jpg)
Identity FederationsWorld Wide
31 Production Federations
17 Pilot FederationsLast update May 2014
![Page 26: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/26.jpg)
eduroam – roam across borders
26insert logo
eduroamPilot:-(
![Page 27: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/27.jpg)
eduGAIN & Federations
24 eduGAIN Members 7 Joining eduGAIN
0 Candidate Federation16 Other Federations
15 April 2014
![Page 28: Brook Schofield, TERENA ● Sofia, Bulgaria ● 20 th June 2014](https://reader036.vdocument.in/reader036/viewer/2022062813/5681652e550346895dd7b364/html5/thumbnails/28.jpg)
Next steps…
• Deploy eduroam Use it at TICAL2015• Pick a campus federation technology &
Deploy an IdP– PySAML2, simpleSAMLphp, Shibboleth– FreeRADIUS, Microsoft NPS, other…
• Connect with your NREN/Fed Operator• Connect with the community
– Country, EAP/CEENet, Europe and Globally• Federate your services