User Tools

Site Tools


open:wp4:authnauthzf2f

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

open:wp4:authnauthzf2f [2019/02/05 17:00]
molinaro [Schedule]
open:wp4:authnauthzf2f [2019/02/27 11:57] (current)
molinaro [Schedule]
Line 7: Line 7:
 ---- ----
 ===== Goal ===== ===== Goal =====
-ASTERICS, within the scope of WP4 (DADI) Task 4.3 and WP3 (OBELICS) Task 3.4.2, ​organizes ​a face-to-face meeting on the following topics:+ASTERICS, within the scope of WP4 (DADI) Task 4.3 and WP3 (OBELICS) Task 3.4.2, ​organized ​a face-to-face meeting on the following topics:
   * Authentication&​Authorisation   * Authentication&​Authorisation
   * Single Sign-On   * Single Sign-On
Line 14: Line 14:
   * their relation with the development/​upgrade within IVOA standards   * their relation with the development/​upgrade within IVOA standards
  
 +The A&A meeting was a chance to have a set of experts and interested parties discussing various aspects of the authentication and authorization mechanisms with respect to data and service providing and client access and consuming of the latter in the domain of astronomy and its interoperable framework.
 +
 +The contributed presentations worked out usages specific of the single organizations as well as depicting more genral scenarios and touching critical points in the open standardization framework provided by the IVOA.
 +
 +The outcomes of the meeting included:
 +   * networking different actors (data/​service providers, VO experts, federated authentication experts, identity providers and managers, A&A consumers including both web based and programmatic UI developers)
 +   * solving specific A&A description in the VO framework (e.g. for the TAP protocol)
 +   * identifying pathways to improve credential delegation and its usage
 +   * expressing advantages and drawbacks in hiding data and resources behind authentication layers
 +   * evaluating the risks of having commercial resource vendors provide outsourcing for tasks that, untill now, most research infrastructures provide by themselves
 +
 +The meeting, even if short and dense, proved important for all the attendees and having dedicated discussion events like this continues to prove efficient with respect to lengthy remote discussions.
 +
 +[[aandanotes|Notes]] reporting the various meeting outcomes can be found [[aandanotes|here]]. ​
 ===== Registration ===== ===== Registration =====
 Registration handling is done through the ASTRON provided indico platform. Here you can find the (sibling)[[https://​indico.astron.nl/​conferenceDisplay.py?​confId=199|meeting page]] and the Registration handling is done through the ASTRON provided indico platform. Here you can find the (sibling)[[https://​indico.astron.nl/​conferenceDisplay.py?​confId=199|meeting page]] and the
Line 31: Line 45:
 | 11:00 | Meeting format description ||| | 11:00 | Meeting format description |||
 ^ 11:15 ^ Session 1 ^^^ ^ 11:15 ^ Session 1 ^^^
-| | Brian Major | Authentication&​Authorization at the CADC | {{open:​wp4:​authnauthzf2f:​aaatcadc.pdf|PDF}} |+| | Brian Major | Authentication & Authorization at the Canadian Astronomy Data Centre ​| {{open:​wp4:​authnauthzf2f:​aaatcadc.pdf|PDF}} |
 | | Markus Demleitner | VOSI, A&A, and the real world | {{open:​wp4:​authnauthzf2f:​vosi-reform.pdf|PDF}} | | | Markus Demleitner | VOSI, A&A, and the real world | {{open:​wp4:​authnauthzf2f:​vosi-reform.pdf|PDF}} |
 | 12:30 | **lunch** ||| | 12:30 | **lunch** |||
 ^ 13:30 ^ Session 2 ^^^ ^ 13:30 ^ Session 2 ^^^
-| | Patrick Dowler | Authentication ​Requirements and Use in IVOA Services | {{open:​wp4:​authnauthzf2f:​web-service-auth-jan2019.pdf|PDF}} | +| | Patrick Dowler | Authentication in Web Services ​and TAP-1.1 specific issues ​| {{open:​wp4:​authnauthzf2f:​web-service-auth-jan2019.pdf|PDF}} | 
-| | Mark Taylor | %%GUI%% application client perspective ​| {{open:​wp4:​clientauth.pdf|PDF}} | +| | Mark Taylor | Authentication:​ A Client ​%%[G]UI%% Perspective ​| {{open:​wp4:​clientauth.pdf|PDF}} | 
-| | Franco Tinarelli | %%RAP%% authenticator application demo | notes-here ​|+| | Franco Tinarelli | %%RAP%% authenticator application demo | {{open:​wp4:​authnauthzf2f:​tinarelli_notes_rap.pdf|PDF}} ​|
 | 15:30 | **break** ||| | 15:30 | **break** |||
 ^ 16:00 ^ Session 3 ^^^ ^ 16:00 ^ Session 3 ^^^
-| General discussion (chair: Dave Morris) ||| notes-here |+| General discussion (chair: Dave Morris) ||| [[aandanotes#​day_1_open_discussion|notes]] |
 | | data behind authentication ||| | | data behind authentication |||
 | | labeling data resources for authenticated access ||| | | labeling data resources for authenticated access |||
Line 52: Line 66:
 | | Sara Bertocco | A possible model for SKA Regional Centers interoperability | {{open:​wp4:​authnauthzf2f:​talk_SaraBertocco.pdf|PDF}} |  | | Sara Bertocco | A possible model for SKA Regional Centers interoperability | {{open:​wp4:​authnauthzf2f:​talk_SaraBertocco.pdf|PDF}} | 
 | | Peter Hague | Applications of STOA workflow management in Astronomy | {{open:​wp4:​authnauthzf2f:​Stoa.pdf|PDF}} | | | Peter Hague | Applications of STOA workflow management in Astronomy | {{open:​wp4:​authnauthzf2f:​Stoa.pdf|PDF}} |
-| | Andrea Bignamini | Athentication ​and User Management in Yabi workflows (TBC)| {{open:​wp4:​authnauthzf2f:​Trieste_bignamini.pdf|PDF}} |+| | Andrea Bignamini | Authentication ​and Authorization ​Management in Yabi | {{open:​wp4:​authnauthzf2f:​Trieste_bignamini.pdf|PDF}} |
 | 10:30 | **break** ||| | 10:30 | **break** |||
 ^ 11:00 ^ Session 5 ^^^ ^ 11:00 ^ Session 5 ^^^
-| | Matthew Viljoen | EGI AAI community solutions | pdf | +| | Matthew Viljoen | EGI AAI community solutions | {{open:​wp4:​authnauthzf2f:​20190130_community_aai_with_check-in.pdf|PDF}} ​
-| General discussion (chair: Morris/​Molinaro) ||| notes |+| General discussion (chair: Morris/​Molinaro) ||| [[aandanotes#​day_2_morning_discussion|notes]] |
 | | TAP-1.1 Authenticated endpoints ||| | | TAP-1.1 Authenticated endpoints |||
 | | ADQL-2.1 (& DALI) REGION xtype ||| | | ADQL-2.1 (& DALI) REGION xtype |||
 | 12:30 | **lunch** ||| | 12:30 | **lunch** |||
 ^ 13:30 ^ Session 6 ^^^ ^ 13:30 ^ Session 6 ^^^
-| General discussion (chair: Dave Morris) ||| notes |+| General discussion (chair: Dave Morris) ||| [[aandanotes#​day_2_afternoon_discussion|notes]] |
 | | Credential Delegation ||| | | Credential Delegation |||
 | | Centralised authentication solution ||| | | Centralised authentication solution |||
 | 15:00 | **break** ||| | 15:00 | **break** |||
 ^ 15:30 ^ Session 7 ^^^ ^ 15:30 ^ Session 7 ^^^
-Final remarks, summary and general discussion ​|||+| | DataLink-1.1 revision start splinter ​|| [[aandanotes#​datalink_revision_splinter|notes]] ​|
 ^ 16:30 ^ wrap-up & conclusion ^^^ ^ 16:30 ^ wrap-up & conclusion ^^^
 | 17:00 | //end of the meeting// ||| | 17:00 | //end of the meeting// |||
open/wp4/authnauthzf2f.txt · Last modified: 2019/02/27 11:57 by molinaro