Developing AAI Workflow and Architecture for End Users

aai wp6 view n.w
1 / 9
Embed
Share

"Explore the evolution of Authentication and Authorization Infrastructure (AAI) for end-user applications, focusing on different user needs and proposed improvements in workflow and architecture. Learn how to integrate services effectively while enhancing user experience and security."

  • AAI Workflow
  • End Users
  • Authentication
  • Authorization
  • Architecture
rayaanacharya
kingjo Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. AAI WP6 view Marco Fargetta (marco.Fargetta@ct.infn.it) INFN Catania

  2. Different AAI for different users WP6 aims at developing application services for end users They use applications and do not care about the execution platform These could be different from service users/platform developers E.g., some applications need to deploy PaaS services in advance and not at user request Science Gateways and mobile applications should use the authentication that best fits their requirements Access to remote facilities made with credentials provided by SG administrators E.g., robot certificate, token 2 INDIGO INDIGO- -DataCloud DataCloud 27/05/2025 27/05/2025

  3. Current AAI workflow in CSGF eTokenServer Identity Provider 1. sign in User6. get the results Local/ Grid/ Cloud SG Admin 3 3 27/05/2025 27/05/2025

  4. Current AAI workflow in CSGF The SG portal drives both user authentication and authorisation Authentication with SAML and authorisation using roles stored in a LDAP back-end Tracking is needed to identify the user generating any interaction EGI extension to include user names in robot proxies will simplify the tracking The portal implements the user front-end and the abstraction layer for the applications Not easy to integrate with mobile applications 4 4 INDIGO INDIGO- -DataCloud DataCloud 27/05/2025 27/05/2025

  5. Proposed improvements Move the libraries for the infrastructure interaction into a separate service The new service has to provide RESTful API s for SGs and mobile applications Integrate all the API s of the PaaS and IaaS components and add all further needed logic Include other technologies to authenticate users on different e- Infrastructures These should not require end-user explicit authentication Extend the authorisation supporting different services Role DB could be available in the PaaS Something like Microsoft Azure Active Directory Service EGI LToS User Management Portal compatibility Authorisation roles distributed inside SAML token (through AARC project) 5 5 INDIGO INDIGO- -DataCloud DataCloud 27/05/2025 27/05/2025

  6. Proposed architecture Community Community Identity Identity Providers Providers User User Could be the same SGW INDIGO AuthZ App 1 App 2 App 3 App n SGW 1 SGW n AuthZ AuthZ WP6 API Frontend ? WP5 IAM WP4 6 6 INDIGO INDIGO- -DataCloud DataCloud 27/05/2025 27/05/2025

  7. Proposed architecture Communities are free to select any AuthN/AuthZ methods for their users A reference implementation using SAML will be deployed by WP6 in the general purpose SG The AuthZ service should contain the role(s) each user has in the SG The SG is responsible to translate the roles to action in the infrastructure Authentication to the e-infrastructure to be agreed with WP4 and WP5 7 7 INDIGO INDIGO- -DataCloud DataCloud 27/05/2025 27/05/2025

  8. Conclusions SG and mobile apps should not have any constraints concerning authentication; the most open possible SG users can be different from PaaS users 8 8 INDIGO INDIGO- -DataCloud DataCloud 27/05/2025 27/05/2025

  9. Thank you! Questions? 9 9 INDIGO INDIGO- -DataCloud DataCloud 27/05/2025 27/05/2025

Related


way to get AAI Sports Scholarship scheme for under 18 years

way to get AAI Sports Scholarship scheme for under 18 years

OBCRIGHTS
The Unhealthy Truth About Food Coloring - Risks and Effects Revealed

The Unhealthy Truth About Food Coloring - Risks and Effects Revealed

giselle
Op zoek naar Waterslang 32mm? Rubberwebshop.nl is een betrouwbare online

Op zoek naar Waterslang 32mm? Rubberwebshop.nl is een betrouwbare online

Rubber
Op zoek naar kabelmat ? Hier geven we u de beste quility-producten in

Op zoek naar kabelmat ? Hier geven we u de beste quility-producten in

Rubber
Progress Summary of ARCTIC WP6 Activities

Progress Summary of ARCTIC WP6 Activities

cami_ry
Indigo: A Story of Gandhi's Struggle for Justice in Champaran

Indigo: A Story of Gandhi's Struggle for Justice in Champaran

anju_66
Unveil the Secrets of Alexandria on a Customized Tour

Unveil the Secrets of Alexandria on a Customized Tour

Step1
Advancements in Aperiodic Dispersed-Dot Halftoning Using Direct Binary Search

Advancements in Aperiodic Dispersed-Dot Halftoning Using Direct Binary Search

mallick_a
Development of Slavery and Cotton Economy in the Agricultural South

Development of Slavery and Cotton Economy in the Agricultural South

hmac
Siliconen U Profiel | Technischsiliconen.nl

Siliconen U Profiel | Technischsiliconen.nl

online1
EGI Federated Cloud Infrastructure Overview

EGI Federated Cloud Infrastructure Overview

melb_nhi
Challenges and Solutions in Data Security and Authorization for INDIGO-DataCloud RIA-653549

Challenges and Solutions in Data Security and Authorization for INDIGO-DataCloud RIA-653549

maas_ssa
Overview of the INDIGO-DataCloud Consortium

Overview of the INDIGO-DataCloud Consortium

fiorella_d
Transitioning Proof of Concept Services to Production at Scale with MMG in ELIXIR

Transitioning Proof of Concept Services to Production at Scale with MMG in ELIXIR

vardanpi
SEPARATE PROCEDURES AND ROUTES FOR GENERAL AVIATION

SEPARATE PROCEDURES AND ROUTES FOR GENERAL AVIATION

evus694
EGI-ACE Federated Access Services: Monthly Meetings & Collaboration Tools

EGI-ACE Federated Access Services: Monthly Meetings & Collaboration Tools

mya_sp
South Carolina's Economic Prosperity Pathways

South Carolina's Economic Prosperity Pathways

done_nda
European Union Horizon 2020 Research and Innovation Programme

European Union Horizon 2020 Research and Innovation Programme

nevaso
Comprehensive Overview of Indigo Media Kit 2021

Comprehensive Overview of Indigo Media Kit 2021

lamya
Sustainable Accelerating Systems Innovation

Sustainable Accelerating Systems Innovation

fare862
EOSC-Hub Operations Coordination Summary

EOSC-Hub Operations Coordination Summary

ngrap
Collaboration Point Highlights in INDIGO DataCloud WP6

Collaboration Point Highlights in INDIGO DataCloud WP6

rkam

More Related Content