CILogon 2.0 at REFEDS 30

Jim BasneyScott Koranda

CILogon 2.0

This material is based upon work supported by the National Science Foundation under grant numbers 0850557, 0943633, 1053575, 1440609, and 1547268 and by the Department of Energy under award number DE-SC0008597. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the United States Government or any agency thereof.

CILogon www.cilogon.org

Project Goals

❏ CILogon-COmanage Integration❏ VO collaboration management❏ International Interfederation (eduGAIN)❏ Supporting Campus Cyberinfrastructure

(LDAP and SSH Key Management)❏ Levels of Assurance and Multi-factor

Authentication❏ Web Single Sign-On Gateway (IdPoLR,

SAML AA, SAML-OIDC, ORCID)

Team Members

❏ Jim Basney❏ Terry Fleury❏ Jeff Gaynor❏ Venkat Yekkirala

❏ Heather Flanagan❏ Scott Koranda❏ Benn Oshrin❏ Arlen Johnson

Science Partners

❏ NANOGrav Physics Frontiers Center

❏ Laser Interferometer Gravitational-Wave Observatory (LIGO)

❏ Data Observation Network for Earth (DataONE)

Cyberinfrastructure Partners

SAML SP

OIDC Provider

X.509 CA HSM

OIDC SP

MFA (OATH)

COmanage

Identities

MFA Tokens

SSH Keys

Groups

Attributes

SAML AA

User Registry Interface

eduGAIN IdP

Google IdP

Science App

OAuth SP

ORCID IdP

Science App

InCommon IdP

COmanage

DBLDAPServer

CILogon Web App X.509 CA

X.509 CA

CILogon Web App

SAML AA

SAML to OpenID Connect Gateway

❏ Supporting only e-Science clients❏ Client review & approval by CILogon staff❏ Compatible with R&S? New entity category?

❏ User consent based on requested scopes❏ openid, profile, email❏ org.cilogon.userinfo (eppn, affiliation)❏ edu.uiuc.ncsa.myproxy.getcert

(to allow X.509 certificate issuance)❏ VO attributes

OpenID Connect Claims

❏ Including eduPerson attributes in OIDC ID Token claims❏ Standard OIDC claims: name and email❏ eduPersonScopedAffiliation❏ Use IANA JSON Web Token Claims

registry?

Thanks!

jbasney@ncsa.illinois.eduskoranda@sphericalcowgroup.com

CILogon 2.0 at REFEDS 30

Technology

REFEDS MET, PEER and MDUI

TIER TechEx Oct2015 REFEDS Meeting · 2016-07-18 · [3 [3] Membership%and%Program%EarlyNPhase%Funding%Model Internet2 Members Program Participants Dynamically Scalable%Operations

FIM4R Update - REFEDS · Provide usability essentials Security Incident Response Readiness Sensitive Research User Experience R&E federations Increase research representation in FIM

BigData Express: Toward Predictable, Schedulable, and High ...grp-workshop-2019.ucsd.edu/presentations/4_WU-GRP-2019-BigData… · –CILogon-based security (certificate version)

CILogon 2.0 MAGIC SC16

Federated Access to US CyberInfrastructure Jim Basney jbasney@ncsa.uiuc.edu CILogon This material is based upon work supported by the National Science

CILogon and InCommon: Technical Update

20170426-Basney-CILogon - Internet2€¦ · 09/05/2017 · CILogon An Integrated Identity and Access Management Platform for Science Jim Basney jbasney@ncsa.illinois.edu April 2017

CILogon 2 - conference.eresearch.edu.auconference.eresearch.edu.au/wp-content/uploads/2018/10/1150-Scot… · CILogon 2.0 An Integrated Identity and Access Management Platform for

OSG All-Hands Meeting 2016 · • Based on CI Connect Platform 10 •Globus Platform [CILogon + InCommon + X509] •Identity Management. •Groups, Projects. •Login Host •Auto

Web 2.0 Library 2.0 Librarian 2.0

Case Studies in Identity Management for Scientific Collaboration 2014 Technology Exchange Jim Basney jbasney@ncsa.illinois.edu CILogon This material is

REFEDS Overview

What will the Sir/i trust framework change for FIM4R? · h"ps://aarc-project.eu Authen4caon and Authorisaon for Research and Collaboraon Hannah Short REFEDS, Vienna What will the

Why did AARC extend RAF? · The REFEDS Assurance Frameworkwas explained in a previous webinar. The AARC (Authentication and Authorisation for Research and Collaboration) project developed

Federated Access to US CyberInfrastructure Jim Basney jbasney@illinois.edu CILogon This material is based upon work supported by the National Science Foundation

Web 2.0 Library 2.0 Librarian 2.0

Web 2.0, Enterprise 2.0, BI 2.0…

Scott Koranda Jim Basney CILogon 2€¦ · 17/05/2016 · CILogon CILogon 2.0 Project 3 year NSF CICI award January 2016 - December 2018 Provide an integrated open source Identity

REFEDs update