• Home

  • Documents

  • ~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to...
21
~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant messaging, voice conferencing services 4.Doesn’t want to be in the identity issuance business for external collaborators 5.Need to allow external + internal collaborators to use A Short description of Internet

~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant

Embed Size (px)

DESCRIPTION

What do we want? Inter-Enterprise Workgroup Collaborations not sexy

Citation preview

Page 1: ~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant

~60 staff

1. Collaborators around the world2. Supports communities of collaborators

external to Internet23. Community uses wiki, mailing lists, instant

messaging, voice conferencing services4. Doesn’t want to be in the identity issuance

business for external collaborators5. Need to allow external + internal

collaborators to use same service instances

A Short description of Internet2

Page 2: ~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant

A MiddlewareUnified Field Theory

Identity Management / Directories Privileges / Groups

Single Sign-On / FederationDiagnostics

Enterprise Integration

from network to application Michael R GettesInternet2

October 2007An interpretation of the original MACE mission

Page 3: ~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant

What do we want?

Inter-EnterpriseWorkgroup

Collaborations

not sexy

Page 4: ~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant

or

Collaborative

Organizations

CO

Page 5: ~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant

Identity

Groups

Privileges

Federated Access

Page 6: ~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant

and …

Applications

“It’s the App stupid!”

Page 7: ~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant

Give

COntrol

To

COmmunity Members

Page 8: ~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant

Integrate withExisting

COmmonIT Infrastructures

in

Higher Education

Page 9: ~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant

FlexibleScalableModular

Page 10: ~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant

COmponents

S H I B B O L E T H

LDAP-PC

Signet Grouper

LDAPDirectory

IdentityMgr

Applications & Network

CO

Page 11: ~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant

stop talkingstart walking

demo

COmanage.internet2.edu

Page 12: ~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant

COmponents

S H I B B O L E T HS H I B B O L E T H

LDAP-PC

Signet Grouper

LDAPDirectory

IdentityMgr

Applications & Network

CO

Page 13: ~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant

Comanage …

is only a demonstration ofthe CO model

a CO fits within a service

delivery strategy

Page 14: ~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant

Application Management

App Access to data ismanaged by LDAP (initially)

Identity data can be distributed by any desired mechanism in the future. SQL databases, feeds, message bus technologies.

Page 15: ~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant

Many COson a single server

(if you wanna do that)

Grouper/Signet/LDAP-PC

Identity Mgr

Grouper/Signet/LDAP-PCGrouper/Signet/LDAP-PCGrouper/Signet/LDAP-PCGrouper/Signet/LDAP-PCGrouper/Signet/LDAP-PCGrouper/Signet/LDAP-PCGrouper/Signet/LDAP-PCGrouper/Signet/LDAP-PC

LDAP

Application setApplication setApplication setApplication setApplication setApplication set

Page 16: ~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant

No local identity issued for external users to access

CO servicesbig win!

O=University,c=USou=People (this is where 50K fac/staff/stu might reside)ou=CO (external identities for CO go here)ou=Groups (a place to store groups for all)

Example directory tree for CO environment

Applications pointed here for identitiesyields the union of internal and external

Page 17: ~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant

Future…Begin addressing issues of “attribute

eCOnomy”Protect CO by Identity Provider…

can solve “IEEE problem”?

Web site wants to

know:Are you a

member of IEEE?

MyUniversity

IEEE-COThis org hasmembershipdata but doesnot manageidentity - a COwith onlyexternal users.

User

HomeIdentity Provider

Page 18: ~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant

Diagnostics

Lifting up shib log filesand making EDDY deposits

Creating a unified and federated view of diag data•Network data: flows, snort, snmp•System stats: cpu, i/o, mem, etc…•Infrastructure: shib, ldap, authN, etc…•Application: http, confluence, sympa, calendar

etc, etc, etc…

http://web.cmu.edu/eddy

Page 19: ~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant

Network Layer?Why not?

Integrate with Grids?Why not?

Addresses VO scenarios?Why not?

Page 20: ~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant

VOVO?CO

Page 21: ~60 staff 1.Collaborators around the world 2.Supports communities of collaborators external to Internet2 3.Community uses wiki, mailing lists, instant

Make your opinion known…

Should Internet2 use COmanage for service delivery?

Rick Summerhill [email protected] Fremon [email protected]

and [email protected] [email protected]


13-Oct-2003 Internet2 End-to-End Performance Initiative: piPEs Eric Boyd, eboyd@internet2.edu Matt Zekauskas, matt@internet2.edu Internet2 International

13-Oct-2003 Internet2 End-to-End Performance Initiative: piPEs Eric Boyd, [email protected] Matt Zekauskas, [email protected] Internet2 International

Documents
Internet2 Security Initiatives DICE Meeting Joe St Sauver, Ph.D. (joe@internet2.edu or joe@uoregon.edu) Manager, Internet2 Security Programs Internet2

Internet2 Security Initiatives DICE Meeting Joe St Sauver, Ph.D. ([email protected] or [email protected]) Manager, Internet2 Security Programs Internet2

Documents
Chris Heermann, Internet2 chris.heermann@internet2.edu

Chris Heermann, Internet2 [email protected]

Documents
Internet2’ION’Service’’ Overview’and’Status’ · Internet2’ION’Service’ • Mul=ple’Domain’Deployments’and’InterDomain’ ServiceProvisioning’ – ION’speaks’the’InterDomain’Controller

Internet2’ION’Service’’ Overview’and’Status’ · Internet2’ION’Service’ • Mul=ple’Domain’Deployments’and’InterDomain’ ServiceProvisioning’ – ION’speaks’the’InterDomain’Controller

Documents
Internet2 Welcome

Internet2 Welcome

Documents
Heather Boyles Director, International Relations Internet2 heather@internet2

Heather Boyles Director, International Relations Internet2 heather@internet2

Documents
Internet2 Update

Internet2 Update

Documents
Chris Heermann, Internet2 chris.heermann@internet2

Chris Heermann, Internet2 chris.heermann@internet2

Documents
Internet2. Internet2: Antecedentes y definiciones

Internet2. Internet2: Antecedentes y definiciones

Documents
Presentacion Internet2

Presentacion Internet2

Technology
Internet2, Security, and DICE Joe St Sauver, Ph.D. (joe@internet2.edu or joe@uoregon.edu) Manager, Internet2 Security Programs Internet2 and the University

Internet2, Security, and DICE Joe St Sauver, Ph.D. ([email protected] or [email protected]) Manager, Internet2 Security Programs Internet2 and the University

Documents
Ppt Internet2

Ppt Internet2

Technology
Internet2 fall12

Internet2 fall12

Documents
Tema3 internet2

Tema3 internet2

Documents
Internet2 Overview

Internet2 Overview

Documents
La Internet2

La Internet2

Documents
Introducción internet2

Introducción internet2

Education
Internet2 ION : How to Connectgroups.geni.net/.../Internet2/200909-IS-ION-HowTo.pdf · Internet2 ION™: How to Connect Internet2 ION (Interoperable On-demand Network) is a revolutionary

Internet2 ION : How to Connectgroups.geni.net/.../Internet2/200909-IS-ION-HowTo.pdf · Internet2 ION™: How to Connect Internet2 ION (Interoperable On-demand Network) is a revolutionary

Documents
Pengenalan internet2

Pengenalan internet2

Technology
Schools and Internet2 - TERENA · Schools and Internet2 SchoolNet BoF TERENA conference Poznan, Poland Heather Boyles Schools and Internet2 …

Schools and Internet2 - TERENA · Schools and Internet2 SchoolNet BoF TERENA conference Poznan, Poland Heather Boyles Schools and Internet2 …

Documents
Cyberinfrastructure and Internet2 Eric Boyd Deputy Technology Officer Internet2

Cyberinfrastructure and Internet2 Eric Boyd Deputy Technology Officer Internet2

Documents
The Internet2 Network and International Connections Heather Boyles Director, International Relations, Internet2 heather@internet2.edu

The Internet2 Network and International Connections Heather Boyles Director, International Relations, Internet2 [email protected]

Documents
Internet2 Overview Bob Riddle, Internet2 12 February 2003

Internet2 Overview Bob Riddle, Internet2 12 February 2003

Documents
Consultor internet2

Consultor internet2

Documents
Internet2 1

Internet2 1

Documents
La internet2

La internet2

Documents
Internet2 Overview Bob Riddle, Internet2 14 February 2003

Internet2 Overview Bob Riddle, Internet2 14 February 2003

Documents
Internet2 Engineering Update Guy Almes Internet2 Chief Engineer Internet2 Membership Meeting Washington — 8 October 1997

Internet2 Engineering Update Guy Almes Internet2 Chief Engineer Internet2 Membership Meeting Washington — 8 October 1997

Documents
Health Activities and Internet2 Mike McGill, Director, Internet2 Health Sciences, mmcgill@internet2.edu Heather Boyles, Director, Internet2 International

Health Activities and Internet2 Mike McGill, Director, Internet2 Health Sciences, [email protected] Heather Boyles, Director, Internet2 International

Documents
Www.internet2.edu. Internet2 Internet2 y Ecuador Heather Boyles heather@internet2.edu Ana Preston apreston@internet2 ESPOL Guayaquil, Ecuador Marzo 26

Www.internet2.edu. Internet2 Internet2 y Ecuador Heather Boyles [email protected] Ana Preston apreston@internet2 ESPOL Guayaquil, Ecuador Marzo 26

Documents