150 likes | 174 Vues
New Developments in Access Management: Setting the Scene. Alan Robiette JISC Development Group JISC-CNI Conference, June 2002. Outline. Overview and terminology Authentication – problems and progress Authorisation – problems and progress Summary and conclusions. The High-Level Problem.
 
                
                E N D
New Developments in Access Management: Setting the Scene Alan Robiette JISC Development Group JISC-CNI Conference, June 2002
Outline • Overview and terminology • Authentication – problems and progress • Authorisation – problems and progress • Summary and conclusions JISC-CNI Conference, Edinburgh
The High-Level Problem • We need national-scale services for • Authentication (linking people to electronic IDs) • Authorisation (linking IDs to privileges) • Profiling (linking IDs to personal preferences) • Accounting (in the sense of tracking and recording usage, whether or not for actual billing) • All in an interoperable framework which can be realistically implemented by our institutions • Not to mention all our third-party suppliers … JISC-CNI Conference, Edinburgh
Authentication • On a local scale, largely a solved problem • Various solutions exist, some with single sign-on (Internet2 promoting WebISO for web resources) • Digital certificates are on the increase • All serious Grid middleware requires them • But the management problems get no easier • Public-key technology will itself evolve • XML-based schemes may become a real factor • E.g. XKMS, Web Services Security JISC-CNI Conference, Edinburgh
Authentication Issues on a National Scale • Naming and name-space management • How is uniqueness assured nationally? • What happens in the case of multiple affiliations? • Should real IDs be generally visible to off campus providers? • Trade-offs between privacy, convenience and accountability JISC-CNI Conference, Edinburgh
Authorisation Issues • Determining an individual’s privileges • What attributes (roles) is it useful to consider? • Which are generic and which application-specific? • How many could be defined sector-wide? • Location of the access control decision • At the resource itself (greatest provider control)? • At the institution (i.e. devolution of trust)? • At some intermediate point (e.g. as in the present case in the UK, at the Athens server)? JISC-CNI Conference, Edinburgh
Where Should Control Be Applied? • Logically at the resource itself • The resource owner logically should determine who gets access and who does not; but this may require more user information to be disclosed • For electronic information, this is often delegated (e.g. on the basis of a contract) • A better model for a bibliographic database than for a supercomputer? Or even a telescope? JISC-CNI Conference, Edinburgh
Where is the Complexity Felt? • Do we best achieve interoperability by having the same software interface at • All service providers’ servers? • All campuses? • All users’ local environments (wherever they are)? • More than one of these? • And where the complexity ends up, so do most of the costs … JISC-CNI Conference, Edinburgh
Other Concerns • The single sign-on question • How important is “seamlessness”? • The portal problem • To address this properly is quite hard • Standards and interoperability • There aren’t many, especially for authorisation • The international scene • A system for JISC services is all very well, but what about integrating resources from the wider world? JISC-CNI Conference, Edinburgh
Current UK Developments • EduServ’s development plan for Athens • Single sign-on introduced Spring 2002 • White paper and proposed trial of distributed authentication Summer 2002 • JISC call for projects issued Summer 2002 • With the objective of exploring a range of emerging technologies, particularly for authorisation • JISC is actively working with Internet2-MACE in the US and TERENA in Europe JISC-CNI Conference, Edinburgh
Developments Elsewhere (1) • Shibboleth (Internet2) • Devolves authentication and attribute assertion to campuses • Resource owner requests attributes from campus and makes decisions based on the response • Model allows both campus and user control over attribute release (strong emphasis on privacy) • Open source reference implementation due to be released Autumn 2002 • Publishers getting involved in trial programme JISC-CNI Conference, Edinburgh
Developments Elsewhere (2) • PAPI (Spanish national network) • Distributed architecture: authentication and authorisation both carried out at campus (i.e. campuses have to be trusted by resource owners) • Multi-tier architecture – easy to interface to existing publishers’ services • Open source and in use in a number of sites/consortia in Spain, including some publisher involvement JISC-CNI Conference, Edinburgh
Is a Common View Emerging? • What is clearly needed is a single, widely accepted vendor-independent scheme • At first sight the different projects (PAPI, Shibboleth, Athens+) look very distinct • However they share many components and a common architecture appears feasible JISC-CNI Conference, Edinburgh
And What About the Grid? • Currently the Grid community’s problems appear more complex • Grid middleware relies heavily on X.509 identity certificates, which are far from universal otherwise • Even in the longer term, it may not be possible to standardise on one single Grid authorisation solution • But there may be analogies with other relatively complex problems, e.g. medical middleware JISC-CNI Conference, Edinburgh
Conclusions • Authorisation in particular remains a tough problem • But some of the emerging solutions look promising, for quite large sets of commonly encountered applications • International co-operation in this area is looking very promising JISC-CNI Conference, Edinburgh