cobweb authentication workshop
TRANSCRIPT
COBWEB Authentication Workshop
Weds 21st Nov, 2012,GEO-IX Plenary,
Foz do Iguaçu, Brazil.
Chris Higgins,Project Coordinator,EDINA National Data Centre,University of [email protected]
Andreas Matheus,Technical Coordinator,Secure Dimensions [email protected]
Welcome and objectives of the workshop
COBWEB consortium objectives
• Stakeholder engagement– First time project at a GEOSS meeting– Have we understood the authentication issues?
• Guaging interest in our plans– Help with prioritising
• Seeking expressions of interest in working with us
• Sanity checking• Is the direction of travel right?• Architecture Implementation Pilot – 6
coming…
Audience objectives
• “how access management federation technology, principally the OASIS standard Security Assertion Markup Language (SAML), may be applied in a GEOSS context”
• Opportunity to engage in some discussion with people who have been working in this area for a while
• COBWEB might assist in getting some of your R&D requirements met…
Schedule1 1000-
1010Welcome and objectives
2 1010-1020
Quick introduction to COBWEB
3 1020-1040
Previous Access Management Federation work by this team
4 1040-1110
Previous related work GEOSS
5 1110-
1130
Initial COBWEB plans and discussion
6 1130-1150
Possible future COBWEB activities and discussion
7 1150-1200
Wrap-up
Why put effort into federated access control?
• Authentication is the process of verifying that claims made concerning a subject, eg, identity, who is attempting to access a resource are true, ie, authentic
• Frequently, SDI content and service providers need to know who is accessing their valuable, secure, protected, etc, data
• The ability for a group of organisations with common objectives, ie, a federation, to securely exchange authentication information is a powerful SDI enabler
• Even more so if removing some of the barriers to interoperability…
SP
SPIdP
IdP
IdP
IdP
SP
SP
SP
SP
SP
SP
SP
SPSP
Coordinating
Centre
Federation Service Providers
Identity Providers
Users
Organisations
IdP
SP
SP
SP
Authenticates here
Quick introduction to COBWEB
Introduction to COBWEB
• Project started 1st Nov, 2012 and will run for 4 yrs• Funded under the European Commission’s
Framework Programme 7 (Grant No: 308513)• Crowdsourced environmental data• Introduce quality measures and reduce uncertainty• Fusion of crowdsourced data with reference data…• Spatial Data Infrastructure - like initiatives
– National SDI’s in UK, Greece and Germany– INSPIRE– GEOSS
Project Partners
University of Edinburgh UK (Scotland)
University of Nottingham UK (England)
Aberystwyth University UK (Wales)
Welsh Assembly Government UK (Wales)
Environment Systems Limited UK (Wales)
Ecodyfi UK (Wales)
Open Geospatial Consortium (Europe) Limited UK
University College Dublin Ireland
Technische Universitaet Dresden Germany
Secure Dimensions GmbH Germany
University of Western Greece Greece
OIKOM – Environmental Studies Ltd Greece
GeoCat BV Netherlands
Essential context - GEOSS
• COBWEB is obliged to work within GEOSS framework
• common methodologies and standards for data archiving, discovery and access
• Section on collaboration with GEOSS and FP7-ENV-2012 cluster projects added to project description
• “Data collected should be made available through the GEOSS without any restrictions”
Whats all this got to do with AuthN?
• “…addressing questions of privacy…”• COBWEB about environmental, not personal
data• Some kinds of protected data that may be
encountered during the project:• Personal information, eg, expert or novice
observer• Location protected species• Reference data from European National Mapping
and Cadastral Agencies• Conflated data
FP7-ENV-2012 observatories
Name Lead Topic
CITI-SENSE Nilu (Norway) Air quality
WeSenseIt University of Sheffield (UK)
Water Management
Citclops Barcelona Digital Centre Tecnològic (Spain)
Coast and ocean
optical monitoring
Omniscientis Spacebel (Belgium)
Odour monitoring
COBWEB UEDIN (UK) Various
Essential context - WNBR
• UNESCO Man and Biosphere Programmes (MAB) World Network of Biosphere Reserves– Sites of excellence to foster harmonious integration of
people and nature for sustainable development through participation, knowledge sharing, poverty reduction and human well-being improvements, cultural values and society's ability to cope with change, thus contributing to the Millennium Development Goals
• 610 reserves in 117 countries
Not the World Naked Bike Ride
Previous Security Assertion Markup Language (SAML) work by this team
Previous related work GEOSS
Initial COBWEB plans and discussion
Possible future COBWEB activities and discussion
RegistersService Metadata
Data Set Metadata
Registry Service Discovery Service
Applications
InvokeSDService
Transf. Service
Spatial Data Sets
INSPIRE Annex
Thematic DS
Framework for harmonized DS
ViewService
DownloadService
Dat
a La
yer
Ser
vice
La
yer
App
l. La
yer
Access Management Federation
Service Bus
RM
La
yers
electronic licence negotiation
eCommerce
Separation of concerns
Authorisation
Other possibilities
• Service chaining. More advanced architecture patterns
• Inter-federation interoperability– different scales– different countries– different sectors
Wrap-up
Conclusions
• We want to pilot Access Management Federation (AMF) technology within GEOSS– We strongly recommend building on existing
infrastructure, eg, existing AMFs
• Is your organisation interested in participating or knowing more?
• If so, contact either of the following or find us at the COBWEB stand here at GEO-IX: