Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Report on EDINA Authentication Related Academic Sector Activities


Published on

Presented by Chris Higgins and Michael Michael Koutroumpas at ESDIN Work Package 11 Meeting, Copenhagen, 9 June 2010

Published in: Education, Technology
  • Be the first to comment

  • Be the first to like this

Report on EDINA Authentication Related Academic Sector Activities

  1. 1. Report on EDINA Authentication Related Academic Sector Activities ESDIN Work Package 11 Meeting, KMS, Copenhagen, 9 th June 2010 Chris Higgins, Michael Koutroumpas, EDINA, University of Edinburgh [email_address]
  2. 2. Aim for next 20 mins or so <ul><li>Brief WP11 on progress with key EDINA activities since Athens meeting </li></ul><ul><li>Present some thoughts on how to progress and get some discussion </li></ul>
  3. 3. <ul><li>Overall aim of the eContentplus programme is “to make digital content in Europe more accessible, usable and exploitable” </li></ul><ul><li>UEDIN trying to represent academic sector interest </li></ul><ul><li>Trying to bring content to students, lecturers, researchers, etc, in the UK and across the rest of Europe </li></ul>UEDIN/EDINAs objective
  4. 4. Mention of the Academic Sector in the DoW #1 Expected Results : “ Seamless INSPIRE- conformant access to the above data through a distributed technical architecture to key elements within the European academic sector ” A significant number of academic users using INSPIRE conformant ExM data and geoprocessing services, enabling research and education predicated on harmonised data capable of being combined with additional content. This will be a significant contribution towards the establishment of a European academic SDI through involvement of the European Persistant Testbed for Research and education (PTB)”
  5. 5. Mention of the Academic Sector in the DoW #2 Target users and there needs : “ European academic sector. To maximise benefit to the European Economic area. Students, researchers, etc, should have access to services which allow them to be educated and conduct research using the highest quality interoperable pan-European data available from the NMCAs.”
  6. 6. Mention of the Academic Sector in the DoW #3 Success indicators : 30 institutions 5 institutions n/a Spatial Information (5) Significant number of academic users engaged in research and education using the harmonised ESDIN geospatial services hosted by UEDIN. 5 Year 3 Year 2 Year 1 Expected Progress Indicator name Objective/expected result Indicator Expected Progress Nr
  7. 7. Mention of the Academic Sector in the DoW #4 Sustainability : “ UEDIN will continue, with the agreement of EuroGeographics, to make pan-European datasets based view and download services available to the academic sector post project for a minimum of 6 months and longer if funding becomes available. The latter will be possible as ESDIN, and related projects, will lay the foundations for a European academic SDI. ”
  8. 8. DoW #5 Deliverable 11.6 <ul><li>“ Operational view/download services conforming to INSPIRE implementation rules into the academic sector geospatial testbed(s)” </li></ul><ul><ul><li>Month 29 </li></ul></ul><ul><ul><li>Accompanying report </li></ul></ul><ul><ul><li>Initiating through a discussion document to WP11 members and others as appropriate </li></ul></ul>
  9. 9. Status immediately post WP11 Athens Jan 10 <ul><li>EDINA to continue to lead ESDIN work on OGC Authentication Interoperability Experiment </li></ul><ul><ul><li>With assistance from consultant Andreas Matheus </li></ul></ul><ul><li>ESDIN NMCAs to be invited to join test Federation </li></ul><ul><li>Continued relationship with the PTB </li></ul><ul><li>Open question. How does this work fit with other ESDIN activities? Especially: </li></ul><ul><ul><li>WP3: Use Cases </li></ul></ul><ul><ul><li>WP4: Data Access and Licencing Policy </li></ul></ul><ul><ul><li>WP11: ESDIN client </li></ul></ul><ul><ul><li>WP12: Testing Framework </li></ul></ul>
  10. 10. OGC Interoperability Experiments <ul><li>Intended as a relatively simple, low overhead, means for OGC members to get together and advance specific technical objectives within the OGC baseline </li></ul><ul><li>Facilitated by OGC staff </li></ul><ul><li>More lightweight than the OGC Web Services initiatives </li></ul><ul><li>Focussed on specific interoperability issues </li></ul><ul><li>Effort is viewed as voluntary and supported by in-kind contributions by participating member organisations </li></ul><ul><li>Duration normally around 6 months </li></ul>
  11. 11. Authentication IE <ul><li>OpenGIS Project Document 09-092r1 </li></ul><ul><li>Test standard ways of transferring authentication information between OGC clients and OGC services </li></ul><ul><li>The following mechanisms will be tested: </li></ul><ul><ul><li>HTTP Authentication </li></ul></ul><ul><ul><li>HTTP Cookies </li></ul></ul><ul><ul><li>SSL/X509, SAML </li></ul></ul><ul><ul><li>Shibboleth </li></ul></ul><ul><ul><li>OpenID </li></ul></ul><ul><ul><li>WS-Security </li></ul></ul><ul><li>From OGC perspective, the main output will be an OGC Engineering Report that may be upgraded to a best practice document </li></ul>
  12. 12. Current Status <ul><li>Sept 2009: pre-Kickoff meeting at the Darmstadt OGC Technical Committee (TC) meeting </li></ul><ul><li>Dec 2009: formal Kickoff at the Mountain View TC </li></ul><ul><li>Tentative end date June 2010 </li></ul><ul><li>IE participants: </li></ul><ul><ul><li>NGA; Secure Dimensions; CubeWerx; NASA (Pat Cappelare); The Carbon Project; 52North; WhereGroup; EDINA; BRGM; Lat/Lon; DSTL (UK MOD); German Mapping Authority; Army Geospatial Center; ESRI; Interactive Instruments </li></ul></ul><ul><li>Nothing on OpenID, WS-Security </li></ul>
  13. 13. Status ESDIN Partners Participation <ul><li>Test federation with 2 IdPs and 3 SPs established (see demo) </li></ul><ul><li>3 clients capable of undergoing Shibb interactions: </li></ul><ul><ul><li>OpenLayers (browser) </li></ul></ul><ul><ul><li>OpenJump SAML Enhanced Client Profile (desktop) </li></ul></ul><ul><ul><li>OpenJump Browser/Artefact SAML profile (desktop) </li></ul></ul><ul><li>May 10th. Initial meeting at Kadaster with GeoDan to discuss integration with ESDIN client </li></ul><ul><li>Participation invite sent to NMCAs with responses from: </li></ul><ul><ul><li>KMS </li></ul></ul><ul><ul><li>Kadaster </li></ul></ul><ul><ul><li>Lantamatariet </li></ul></ul><ul><ul><li>Fomi </li></ul></ul>
  14. 14. Status PTB Participation #1 Dec ’09’ PTB Phase2 Call for Proposals text… “ Willingness to participate in an “access management federation of European universities” project as part of an OGC Authentication Interoperability Experiment. The objective here is to demonstrate securely sharing licensed data across the European academic sector using OGC Web Services” Solicited proposals from organisations who showed…
  15. 15. <ul><li>Access Management Phase 2 responses from: </li></ul><ul><ul><li>EDINA, University of Edinburgh </li></ul></ul><ul><ul><li>FIUGINET (Finnish Universities Geoinformatics Network) and CSC — IT Center for Science Ltd </li></ul></ul><ul><ul><li>Technical University of Dresden </li></ul></ul><ul><ul><li>Centre for Geospatial Science, University of Nottingham </li></ul></ul><ul><li>Pre-conference PTB workshop in association with AGILE 2010 on the 11 th May discussing outcomes of the phase 2 CfP </li></ul>Status PTB Participation #2
  16. 16. Immediate Next Steps <ul><li>Continue working with the NMCAs and PTB </li></ul><ul><ul><li>Effectively technology interoperability experiments </li></ul></ul><ul><li>Continue working with consultant Andreas Matheus </li></ul><ul><li>Variety of OWS </li></ul><ul><li>Continue to work with GeoDan on the ESDIN client </li></ul><ul><li>Create additional Use Cases and implement to show: </li></ul><ul><ul><li>A SSO federation that allows NMCAs to securely grant access to each others ExM data (small, medium and large) </li></ul></ul><ul><ul><li>PTB universities securely accessing ExM data </li></ul></ul><ul><ul><ul><li>Small/medium scale hosted by EDINA </li></ul></ul></ul><ul><ul><ul><li>Large scale dependent upon NMCAs </li></ul></ul></ul><ul><li>Dovetail these Use Cases with the WP3/WP4 work </li></ul>
  17. 17. After that… <ul><li>Write up ESDIN Best Practice document </li></ul><ul><ul><li>Possibly submit to the OGC? </li></ul></ul><ul><li>Make the client software we have created openly available </li></ul><ul><li>Have an OGC facilitated vendor/NMCA plugfest showing how their software can undergo the Shibb interactions </li></ul><ul><li>Consider what SAML assertions necessary to make these kinds of pan-European authorisation decisions </li></ul><ul><li>Consider cross-federation interoperability issues </li></ul>
  18. 18. Additional possibilities? <ul><li>Expand federation to include additional NMCAs </li></ul><ul><li>Expand federation to include additional universities </li></ul><ul><li>Explore chaining federation services to show possibilities beyond secure data access </li></ul><ul><ul><li>Possibly using services and ideas from the academic sector, ie, PTB phase 2 call? </li></ul></ul><ul><li>Secure the BKG hosted central EGN WFS using Shibb </li></ul>