1 / 17

Drive-By Dialogues

Explore the latest insights on advancements in optical networking and middleware related to security developments. This discussion highlights the intricate relationship between various technologies, including SAML, Shibboleth, and collaboration management platforms. Essential for stakeholders in higher education and research federations, the topics cover trust, transparency, mobility, and security issues such as DDoS, phishing, and DNS attacks. Emphasizing the need for a robust control plane, the dialogue presents a vision for unified collaborative workflows amid evolving technologies.

harper-glass
Télécharger la présentation

Drive-By Dialogues

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Drive-By Dialogues

  2. Topics • The Long Strange Trip of I2 – NLR Merger • A Brief Comment on Optical Networking • Middleware Developments • Security Developments

  3. A Long Strange Trip

  4. Optical Networking • “Packet vs switched” • The final answer is both, and it can be done • Needs control plane • Needs monitoring and measurement • Capstone architecture; market will refine • Higher ed can drive the invention • Future frontiers are not performance related • Security, transparency, mobility • Trust (note ISOC/IETF Meeting) • Non-IP, non-optical wave

  5. Security • Lots and lots of issues – DDOS, phishing, DNS attacks, problems within the perimeter; some successes • Federal efforts • REN-ISAC • http://ren-isac.net/ • Services • Business model work • CSI2 • FWNA and eduRoam • Security and middleware (roles)

  6. Middleware Developments • SAML and Shibboleth • Working with open source and legacy apps • InCommon and international federations • Collaboration management platforms • NSF-Mellon Scientific and Scholarly Workflow

  7. SAML and Shibboleth • Common roots (RL Bob Morgan, UW and Scott Cantor, OSU) • Shibboleth has always been built on SAML/preSAML and primarily add multilateral federation support and metadata • With SAML 2.0 convergence is complete, with the Shib code providing multilateral, WS-FED interop • Shib 1.3 widely deployed; Shib 2.0 now in beta • Undeveloped areas (ARP editors, WAYF, n-tier) becoming visible

  8. Shibboleth and applications • Wireless access, bandwidth allocation • CAS and other SSO • Wikis, mail lists, etc • Sharepoint (!) • Sakai, Kuali, Mellon • OpenId is the vapor-weight alternative

  9. InCommon • Growing steadily now; 75 members and 1.3M user base • Major applications include outsourced services, content providers, wiki and collaboration tools • NIH and federal follies elsewhere • Apple, Google and Microsoft • InCommon Bronze and Silver now under discussion

  10. Some inter-federation key issues • Multi-protocols • Sharing metadata • Aligning policies • WAYF functionality • Dispute resolution • Virtual organization support

  11. Prague Meeting on Inter-federation • 15-20 International R&E federations (5 continents) plus Liberty Alliance and a few others • Prague, September 3 • Lots of topics: Attribute mapping, Privacy Policies, Dispute resolution, Financial considerations, Technical direction setting • UK drafting an analysis of International Peering needs, opportunities, etc.

  12. Scientific and Scholarly Workflow • Jointly commissioned by NSF and Mellon • Intent is not to open new lines of research but identify key components (and implementations) that, with investment, is readily deployable cyberinfrastructure • Role of enterprise and federations in collaborative workflow

  13. Comanage • Management of collaboration a real impediment to collaboration, particularly with the growing variety of tools • Goal is to develop a “platform” for handling the identity management aspects of many different collaboration tools • Platform includes a framework and model, specific running code that implements the model, and applications that take advantage of the model • This space presents possibilities of improving the overall unified UI as well as UI for specific applications and components.

  14. Comanage 2 • Leverages federated identity and the attribute ecosystem heavily • Uses Grouper to manage groups and Signet to manage privileges • Built completely on open protocols, using open source components • Open and proprietary applications can be plumbed to work with it

  15. Comanageable applications • Already done • Sympa, Federated wikis, Asterisk (open-source IP audioconferencing), Dim-Dim (open-source web meeting) • Immediate targets • Rich access controlled wikis • Web-based file shares

  16. Comanage dimensions of growth • In the applications that can be driven by it • Collaboration and domain science prime areas • Largely a function of the application’s respect for middleware • In the areas being managed • Diagnostics? Others? • In the identities being managed • In the coupling of autonomous and diverse instances • Deployment instances may be at many layers of organization and shift as it matures • Underlying stores may be db, directory, or other

  17. Takeaways • Identity management – several related services • Directories and getting applications to use them • The REN-ISAC • Federations

More Related