Perun AAI and Membership Management Solutions for Research Communities

perun aai n.w
1 / 10
Embed
Share

Explore the Perun AAI solution offering authentication, authorization, identity management, and access management capabilities. Learn about its collaboration with CESNET and Masaryk University, as well as its role in the EGI Federation for VO management. Discover how it enables user enrolment, group hierarchy, and access control through just-in-time provisioning and de-provisioning processes.

  • Research Communities
  • Authentication
  • Authorization
  • Identity Management
  • Access Control
rayaanacharya
lillyma Follow

Uploaded on | 7 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Perun AAI Peter Bal ir k peter.balcirak@cesnet.cz 1

  2. Motivation 2

  3. Motivation AAI 3

  4. Perun AAI Complex AAI Solution Collaboration of CESNET and Masaryk University National & International Involvement e-INFRA CZ Life Science AAI 4

  5. Perun AAI under the hood Authentication Capabilities Single-Sign On - login once, access the whole infrastructure Authorization Capabilities Performs authorization (allowed to access, approved all policies) Packs services with data for making authorization decisions Identity Management Manage user identities (link, manage associated data, ) Access Management Define rules for authorization (e.g. user must be a member of a group) 5

  6. Perun & EGI Federation Perun offered as a core service to EGI communities Serves as a complementary solution for VO management More about the offered service here 6

  7. Membership Management User Enrolment Define registration processes Invitation capabilities User Life-Cycle Control user membership by automatic processes Group Structure Hierarchy, inclusions VO Structure Different communities share services Delegation Passing rights to others 7

  8. Control Access Just-in-time User driven Usually based on entitlements and other attributes Example: Login to a web portal Just-in-case out-of-band provisioning Example 1: Joining a project mailing list Example 2: Controlling user access to rooms GDPR Aspect 8

  9. Control De-Provisioning When It is not only about allocating resources Storages, Mailing lists, Virtual Environments Manual interventions not needed Connected to user life-cycle within the organization GDPR Aspect What if user asks us to remove the account? 9

  10. The end Thank you 10

Related


EGI Marketplace Service Registry Update

EGI Marketplace Service Registry Update

nal_rin
Overview of EGI Online Storage Service Architecture and Interfaces

Overview of EGI Online Storage Service Architecture and Interfaces

lepe_a
Salinity in Seawater: Density, Composition, and Variations

Salinity in Seawater: Density, Composition, and Variations

kyliann
EGI Advanced Computing for Research Workshop Activities

EGI Advanced Computing for Research Workshop Activities

pmac
EGI Installation Check-in Updates and Support Activities

EGI Installation Check-in Updates and Support Activities

elodees
Astronomy and Astrophysics with EGI-InSPIRE

Astronomy and Astrophysics with EGI-InSPIRE

leal228
Accelerated Computing Activity Progress Report at EGI Conference 2016

Accelerated Computing Activity Progress Report at EGI Conference 2016

adewal
Enhancing Research Collaboration with EGI Applications Database

Enhancing Research Collaboration with EGI Applications Database

rupertbr
EGI Federated Cloud Infrastructure Overview

EGI Federated Cloud Infrastructure Overview

melb_nhi
Innovation Management in EGI Federation

Innovation Management in EGI Federation

oghenerun
Research Engagement in EGI: Strategies and Target Groups

Research Engagement in EGI: Strategies and Target Groups

rhik781
DARIAH Requirements and Roadmap in EGI - Insights from EGI Community Forum 2015

DARIAH Requirements and Roadmap in EGI - Insights from EGI Community Forum 2015

sfrai
EGI Project Proposals for Horizon 2020: Driving Innovation in Cloud Computing

EGI Project Proposals for Horizon 2020: Driving Innovation in Cloud Computing

mockler_j
EGI-ACE Federated Access Services: Monthly Meetings & Collaboration Tools

EGI-ACE Federated Access Services: Monthly Meetings & Collaboration Tools

mya_sp
EGI Conference 2021 Outcomes Summary

EGI Conference 2021 Outcomes Summary

mrams
EGI-InSPIRE SA2 Software Provisioning Overview

EGI-InSPIRE SA2 Software Provisioning Overview

tion_12
EGI-InSPIRE Engagement Strategy and Research Infrastructures Overview

EGI-InSPIRE Engagement Strategy and Research Infrastructures Overview

syr_mat
EGI Marketplace: Tools for Federated Service Management Overview

EGI Marketplace: Tools for Federated Service Management Overview

genao_a
Advanced Computing for Research at EGI: Where Information Goes and Plans for the Future

Advanced Computing for Research at EGI: Where Information Goes and Plans for the Future

sayl_484
EGI Data Protection Agenda: GDPR Requirements & Implementation

EGI Data Protection Agenda: GDPR Requirements & Implementation

kadenle
EGI Security Training Program: Expert-Level to Foundation-Level Courses

EGI Security Training Program: Expert-Level to Foundation-Level Courses

feltner_m

More Related Content