4. The Vision
Enabling collaboration and data sharing Enabling users to be online anytime anywhere
JRA3
Enabling GN3 services deployment and composition
Overview Progress Y4 Plan Summary connect • communicate • collaborate
4
12. Why CAT?
! CAT = Configuration Assistant Tool
! To make eduroam easier for end-users
! To generate automated installers for users’ devices
! It can be used as a centralised service or it can be installed locally
! Also provides tools for eduroam administrators
! Multilingual sites
! CAT has been entirely developed in JRA3 T1
Overview Progress Y4 Plan Summary connect • communicate • collaborate
12
13. How CAT Works
User canselect their institution
User now choose the installer
Overview Progress Y4 Plan Summary connect • communicate • collaborate
13
14. Mobile CAT
Cat Installer
Overview Progress Y4 Plan Summary connect • communicate • collaborate
14
15. Task 1, Year 4 Goals
! Start Working on eduroam Dynamic Discovery
! Within the IETF
! In real life (eduroam federations need to start testing)
! Publish production-quality release of eduroam CAT code
! Version 1.0 expected
! Improve authentication methods specifications in the IETF
! EAP types
! Start working to support a hotspot monitoring solution
! To check availability and quality of eduroam for end-users
Overview Progress Y4 Plan Summary connect • communicate • collaborate
15
16. Task 2: Identity Federations
Implement
T2: Identity Support inter- Enable SSO
supports for
Federations federation beyond Web
groups
Task Leader: Andreas Solberg (UNINETT)
Overview Progress Y4 Plan Summary connect • communicate • collaborate
16
17. Task 2, Year 3 Goals
Design Protocol for groups
More Results on
T2 “Beyond Web SSO”
Expand FedLab
Overview Progress Y4 Plan Summary connect • communicate • collaborate
17
18. Achievement: Protocol for Groups
! VOOT = Virtual Organization Orthogonal Technology
! A protocol to manage groups in a dynamic way
! It based on existing protocols
! It targets inter-federation use cases
! Completely developed within JRA3 T2
! SURFnet plans to use VOOT in production, starting from summer 2012
! More info and demos at:
! https://rnd.feide.no/category/voot/
Overview Progress Y4 Plan Summary connect • communicate • collaborate
18
19. Why VOOT?
Scenario:
• Users working on a project would like to use collaborative services
• Users would need to create a group for each application
Overview Progress Y4 Plan Summary connect • communicate • collaborate
19
20. How VOOT Works?
! Create a group once, use it for all applications
! VOOT groups are managed independently from the identity
federation
Overview Progress Y4 Plan Summary connect • communicate • collaborate
20
21. Achievement: FedLab
FedLab provides online tools to
support Identity Federations and
Services
! Entirely built by JRA3-T2 team
FedLab allows services to test their
configurations
! Before the service is entered into a
production federation
The website also offers:
! Best practice documents
! Aimed at developers https://fed-lab.org/
Overview Progress Y4 Plan Summary connect • communicate • collaborate
21
22. How does FedLab Work?
! Step 1: register the metadata
! Step 2: verify connectivity
! Step 3: run all tests
Overview Progress Y4 Plan Summary connect • communicate • collaborate
22
23. Achievement: OpenID Connect
in FedLab
! Main addition:
! Test facility for OpenID Connect protocol
! First implementation of the specs!
! The team was also involved in the protocol specifications
http://vimeo.com/38634031
Overview Progress Y4 Plan Summary connect • communicate • collaborate
23
24. Achievement: Beyond Web SSO
! The task contributed to the Moonshot project:
! Aim to combine the RADIUS infrastructure (eduroam) with
application-level authentication (SAML)
! This requires significant changes to the protocols
– Some of this work was done in Task 2
– Standardisation ongoing within the IETF
! Testbed for non-Web application was delivered in Dec 2011
Overview Progress Y4 Plan Summary connect • communicate • collaborate
24
25. Task 2, Year 4 Goals
! Finalise the integration of OpenID Connect in FedLab
! Continue work in the Discovery Area
! Finalise the work on VOOT
Overview Progress Y4 Plan Summary connect • communicate • collaborate
25
26. Task 3: GEMBus
Develop a
Enable
platform for
T3: GEMBus service
service
composition
deployment
Task Leader: Pedro Martínez Juliá (Univ. of Murcia)
Overview Progress Y4 Plan Summary connect • communicate • collaborate
26
27. Task 3, Year 3 Goals
• Further Develop GEMBus Start GEMBus
T3 Core Elements Cookbook preparation
Overview Progress Y4 Plan Summary connect • communicate • collaborate
27
28. Why GEMBus?
Others
Groups Mng
GEMBus
New
AuthN tools
Application
Monitoring
tools
Network
Overview Progress Y4 Plan Summary connect • communicate • collaborate
28
29. Achievement: Greater Stability In
Core Components
! Extended the ESB concept to a general “service bus”
! Each service can be plugged without depending on specific service
platforms
! Stable Core Components
Overview Progress Y4 Plan Summary connect • communicate • collaborate
29
30. Status of the GEMBus Core Services
Registry
Repository Global registry not ready yet
New Interface under development
50% 90%
0% 80% 100%
STS
Accounting
Building Support for OAuth
Composition engine
Integrated in the main
architecture
Interface for services
Need testing in ‘real world’
Overview Progress Y4 Plan Summary connect • communicate • collaborate
30
31. Achievement: GEMBus Cookbook
! Defines core services and their
interactions.
! Shows how to interact with core
services and how to build a new service
!Describes how to set-up a testbed
environment.
Overview Progress Y4 Plan Summary connect • communicate • collaborate
31
32. Task 3, Year 4 Goals
! Finalise developments of GEMBus core components
! Get feedback on the cookbook
! Get feedback from GEMBus “users”
! No end-users, but software developers
! Prepare the plan on how to continue GEMBus work beyond GN3
Overview Progress Y4 Plan Summary connect • communicate • collaborate
32
34. • Excellent results • To enhance existing
achieved: services
• IETF RFC, CAT, • eduroam
• VOOT • eduGAIN
• GEMBus
Year 3 Goals Exploring
Met and New
Exceeded technologies
Value for Raising GN3 • By participating in
Money profile international initiatives
• IETF, Kantara, OpenID
• Looking for solutions Connect
to real use-cases
• To enable
cross-boundary
collaboration
connect • communicate • collaborate
34