1 / 10

Middleware in Australia - Update TF-ECM2 Malaga 16-Oct-06

Middleware in Australia - Update TF-ECM2 Malaga 16-Oct-06. Alex Reid Director, eResearch/Middleware AARNet. Areas of Middleware Activity in Australia. MAMS (Meta Access Management System): Shibboleth Federation: grant programme to accelerate take-up

vilina
Télécharger la présentation

Middleware in Australia - Update TF-ECM2 Malaga 16-Oct-06

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Middleware in Australia - Update TF-ECM2 Malaga 16-Oct-06 Alex Reid Director, eResearch/Middleware AARNet

  2. Areas of Middleware Activity in Australia • MAMS (Meta Access Management System): • Shibboleth Federation: grant programme to accelerate take-up • Shibboleth extensions (eg ShARPE, Autograph, People Picker) • Shibbolised DSpace, Fedora, Zope/Plone, MediaWiki, … • Shibbolised GridSphere portal, MyProxy • CAUDIT PKI Investigations • Grid & Research Community: • PKI • Nimrod-G • Ontologies • Middleware Action Plan & Strategy Project (MAPS) • NCRIS Platforms for Collaboration – Decisions • eduroam taken over by AARNet • Funding: • SII – multiple rounds • NCRIS • “private”

  3. AHERTF • Preference for lightweight as much as possible • More work on governance needed (eg can we avoid liability issues?) • CAUDIT to convene discussion; no view yet on final owner • High-level overarching policy, 2+ implementations (Shib + PKI) • Parallel, connected OAs • Non-compliance processes - avoid liability if possible - best efforts • User education • Systemic investments: • AHERTF governance & policy development • initial get it up and running • investment to achieve economical & reliable sustainability - this is critical • contribution to operation of OAs • local costs borne locally

  4. Shibboleth • Continue testbed, move to formal when AHERTF ready • Develop policy within AHERTF • Develop agreed attribute sets & naming (eg eduPerson, Aust extensions, how to extend it locally if necessary - note that many institutions are currently planning to re-do their IdP, so a good time to do this) • Align Shib & PKI - formal launch together • OA to manage Shib tasks, eg WAYF & further development & rollout (AARNet?) • Systemic investments: • ongoing tasks of OA • accounting/finance/audit features development • SP implementation assistance • IdP hosting & policy • non-http Shib (for Grid end-users) - WS-* version of Shib

  5. PKI • One body to coordinate all certs across Aust in HE/research sector • Undertake a WebTrust audit • CA/RA policies must be accepted by institutions • Align PKI & Shib • Explore other government standards (eg as used by AGIMO, DST) • OA manage PKI tasks (AusCERT?) • Systemic investments: • ongoing tasks of OA • help existing CAs moving to CA in special cases (eg APAC) • initial audit framework & 1st iteration assessment (set up for least-cost ongoing audit) • IdP hosting (will we need only one for both Shib & PKI?)

  6. Grid Middleware • Will be part of national federation • Develop AAA deeper into the Grid (more for Shib than PKI) • Systemic investments: deeper integration • VOs: • attribute management, not Id management, where possible • attribute definitions beyond VO context (is eduPerson enough or need extending?) • how manage extra attributes, eg after VO closed down? • this area is important to NCRIS • are there multiple ways of doing this? • delegation of attribute management • client tools to use VO membership information • some may need IdP hosting

  7. Authorisation • Encourage shift to policy-based AuthR, vs Id-based • Client tools • Language to express policy (eg see B+, XACML) • Go for small set of widely-used policies • Systemic investments: • demonstrators • human • policy

  8. NCRIS PfC Middleware Agreed 15-Sep • Define functionality of AHERTF • Need more on business case for it; in particular, do we need to cover off on alternative technologies and why we've rejected them? • Can NCRIS accelerate this? • AusCERT to further develop policy/structure for AHERTF • MAMS to develop use cases • Look at how PKI/security structure/standards being proposed relates to AGIMO, etc • Establish a Shibbolised Wiki for the project • Another meeting for late November; then final meeting Feb??

  9. Uncertainties • Funding and location of Operating Agencies • Need use cases, business cases • Need "killer app" for PKI • Need "killer app" for Shib • Funding for non-research-sector components • Capitalising on MAMS momentum

  10. Thank You alex.reid@aarnet.edu.au www.middleware.edu.au http://www.federation.org.au/FedManager/jsp/index.jsp https://mams.melcoe.mq.edu.au/zope/mams http://www.aarnet.edu.au/engineering/middleware/ http://www.eduroam.edu.au/

More Related