2 hdf aai meeting demo slides
play

2. HDF AAI Meeting -- Demo Slides Steinbuch Centre for Computing - PowerPoint PPT Presentation

Jan 07, 2023 •266 likes •506 views

2. HDF AAI Meeting -- Demo Slides Steinbuch Centre for Computing Marcus Hardt KIT University of the State of Baden-Wuerttemberg and www.kit.edu National Research Center of the Helmholtz Association Introduction HDF Proposal: 6 Helmholtz

  1. 2. HDF AAI Meeting -- Demo Slides Steinbuch Centre for Computing Marcus Hardt KIT – University of the State of Baden-Wuerttemberg and www.kit.edu National Research Center of the Helmholtz Association

  2. Introduction HDF Proposal: 6 Helmholtz Centres (AWI, DESY, DKFZ,FZJ, GSI, KIT), 10 M € /a Focus on hardware , to “satisfy the additional resource needs of a wide spectrum of scientific domains covering the Helmholtz research fields Energy, Earth and Environment, Health, Key Technologies and Matter”... ...“ data centres will be federated ”... ...“the federation is open and extensible for additional data centres from Helmholtz, universities and other research institutions in Germany ”... ...“Links to European and international research data and supercomputing infrastructures like EUDAT, EU-T0, WLCG, PRACE and NDS will be established”... ...“ enable a better cooperation of scientists in Germany with their international colleagues and ESFRIs ”... 2

  3. Goals 1. Extensible Federated Authentication and Authorisation Infrastructure 2. Compatible with international initiatives 3. Resources mainly in Germany, but international users Derived / technical Goals: 1. Be in line with european activities focusing around the European Open Science Cloud EOSC 2. Enable the participating centres to connect services to federated infrastructure • Including non-web services 3. Enable Principal Investigators / Virtual Organisations => allocate resources on behalf of their group => manage membership and authorisation for their groups 4. Enable global researchers to use services provided by Centres (Given they are properly authorized and their identity is adequately understood) 5. Ensure that federated users are well known , based on solid authentication => Policies 6. Proof of Concept Demonstrator: • Example services • Deployment 7. Policies 3

  4. General Plan in HDF-AAI Unity is the SP-IdP-Proxy http://unity.helmholtz-data-federation.de Use OIDC to integrate services Group based access control Services filter access by group membership Delegated Group Management E.g. Communities can self manage their membership Centres can provide services for selected communities Delegated Authentication / Identity verification Services trust other centres to do their thing right 4

  5. Architecture Based on existing solutions DFN-AAI Federation for IdPs (each HDF Partner already operates one) Based on international developments: AARC Blueprint Architecture (BPA) SP-IdP Proxy: Unity This allows Users with home-account Authenticate to SAML services (Web-portals) OpenID Connect services (Web, REST-APIs, Unicore-Grid) X.509 services (EGI-Grid) Commandline services (e.g. SSH) Data Storage Services All using Single Sign On (SSO) 6

  6. Architecture model 7

  7. Demos Goals Demonstrate current capabilities Motivate additional services to make use of HDF AAI Demos 1: Login for a known user 2: Single sign on for additional services 3: Access cmdline-based services Services that are available for demo: Unity Icinga Monitoring WaTTS token translation OpenStack dCache / Prometheus Adding users via FEUDAL LSDF Storage 8

  8. Demo – Login Prerequisites User has a home-account in DFN-AAI User is already known to infrastructure User is member of the “MyExampleCollab” Virtual Organisation User goes to a service of his choice 9

  9. Demo – Login Prerequisites User has a home-account in DFN-AAI User is already known to infrastructure User is member of the “MyExampleCollab” Virtual Organisation User goes to a service of his choice Service redirects user to unity Choose home-IdP 10

  10. Demo – Login Prerequisites User has a home-account in DFN-AAI User is already known to infrastructure User is member of the “MyExampleCollab” Virtual Organisation User goes to a service of his choice Service redirects user to unity Choose home-IdP Unity redirects user to home-IdP 11

  11. Demo – Login Prerequisites User has a home-account in DFN-AAI User is already known to infrastructure User is member of the “MyExampleCollab” Virtual Organisation User goes to a service of his choice Service redirects user to unity Choose home-IdP Unity redirects user to home-IdP Double redirect Home-IdP => unity => service => User can use the service 12

  12. Demo Single Sign On (SSO) Now we will use a different service... ...just a bit later on the same day 13

  13. Demo – SSO Prerequesites User was already logged in to another service (i.e. less than 4h ago) User goes to a different service of his choice User chooses “HDF” to login Redirects happen quickly, in the background, without the user noticing Sessions live between 10min and 1h User is immediately logged in 14

  14. Demo Commandline Based Services 15

  15. Demo – Services that require deployment Some services require deployment of a user account prior to the user logging in Examples: ssh, prometheus User visits the “FEUDAL” service 16

  16. Demo – Services that require deployment Some services require deployment of a user account prior to the user logging in Examples: ssh, prometheus User visits the “FEUDAL” service Provides ssh-key as a credential Chooses services (or VOs) to which he needs to be deployed 17

  17. Demo – Services that require deployment Some services require deployment of a user account prior to the user logging in Examples: ssh, prometheus User visits the “FEUDAL” service Provides ssh-key as a credential Chooses services (or VOs) to which he needs to be deployed User account is deployed into site-local systems 18

  18. Demo – Services that require deployment Some services require deployment of a user account prior to the user logging in Examples: ssh, prometheus User visits the “FEUDAL” service Provides ssh-key as a credential Chooses services (or VOs) to which he needs to be deployed User account is deployed into site-local systems User is shown login information 19

  19. Demo – Services that require deployment Some services require deployment of a user account prior to the user logging in Examples: ssh, prometheus User visits the “FEUDAL” service Provides ssh-key as a credential Chooses services (or VOs) to which he needs to be deployed User account is deployed into site-local systems User is shown login information User can login straight into the end service 20

  20. Demo – Services that require deployment Some services require deployment of a user account prior to the user logging in Examples: ssh, prometheus User visits the “FEUDAL” service Provides ssh-key as a credential Chooses services (or VOs) to which he needs to be deployed User account is deployed into site-local systems User is shown login information User can login straight into the end service Deprovisioning Remove user credentials (e.g. security incident, ...) 21

  21. Additional Demos OpenStack WaTTS 22

  22. Wrap Up HDF AAI Works: Single Sign On Web and non-web services Virtual Organisation / 3 rd party group management: in progress A large range of services can be integrated Policy framework is in place Future work: Observe the uptake of the AAI Infrastructure Observe the uptake of the policy framework Additional (minor) developments: Support for AAI in REST APIs Enhanced support for cmdline Extend VO management capabilities 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Slide with demo video, removed for th pdf-version of the slides Content: CUBIST promotional video

Slide with demo video, removed for th pdf-version of the slides Content: CUBIST promotional video

Slide with demo video, removed for th pdf-version of the slides Content: CUBIST promotional video Watch instead: https://www.youtube.com/watch?v=RC7Ncj2MYbQ Dr. Frithjof Dau, Senior Researcher, SAP AG CUBIST - Kickoff Meeting 21/22.01.2010

1.61k views • 131 slides
Demo I In class on 10/4 & 10/9. 15 min

Demo I In class on 10/4 & 10/9. 15 min

Demo I In class on 10/4 & 10/9. 15 min per team. Must show something real . Email Mo slides by 11am. Mul,-Channel

656 views • 27 slides
DEMO: torus example DEMO: torus example DEMO: torus example M Datar, Y Gur, B Paniagua, MA

DEMO: torus example DEMO: torus example DEMO: torus example M Datar, Y Gur, B Paniagua, MA

DEMO: torus example DEMO: torus example DEMO: torus example M Datar, Y Gur, B Paniagua, MA Styner , RT Whitaker, Geometric Correspondence for Ensembles of Nonregular Shapes, MICCAI 2011 (a)

613 views • 17 slides
Will it blend ? Java agents and OSGi Slides revision : 20190923- ea 7 c 311 1 Welcome 2 About

Will it blend ? Java agents and OSGi Slides revision : 20190923- ea 7 c 311 1 Welcome 2 About

Will it blend ? Java agents and OSGi Slides revision : 20190923- ea 7 c 311 1 Welcome 2 About me 3 Outline Quick demo Java agents primer Usage scenarios OSGi integration Integration testing Testing demo 4 Quick demo 5 Java agents

694 views • 30 slides
CS485/540 Software Engineering Demo Guidelines Cengiz Gnay Dept. Math & CS, Emory

CS485/540 Software Engineering Demo Guidelines Cengiz Gnay Dept. Math & CS, Emory

CS485/540 Software Engineering Demo Guidelines Cengiz Gnay Dept. Math & CS, Emory University Fall 2013 Some slides courtesy of Joan Smith Gnay (Emory) Demo Guidelines Fall 2013 1 / 3 Schedule Before presentation Pre-load demo

211 views • 6 slides
Slides built from Carter Chapter 5 Some overhead Copy 3d demo project from last week and

Slides built from Carter Chapter 5 Some overhead Copy 3d demo project from last week and

Slides built from Carter Chapter 5 Some overhead Copy 3d demo project from last week and rename project folder to InputDemo Open and rename the project in AssemblyInfo.cs and change game id You can just create a new project Ive

504 views • 46 slides
Wings Demo Walkthrough For a brief overview of Wings, see

Wings Demo Walkthrough For a brief overview of Wings, see

Wings Demo Walkthrough For a brief overview of Wings, see http://www.isi.edu/~gil/slides/WingsTour-8-08.pdf Last Update: August 22, 2008 1 Summary of Wings Demonstration Wings can: Express high-level reusable workflow templates

794 views • 36 slides
Privacy as a Service (slides) Ashish Dandekar, Debabrota Basu, Poh Geong Sen, Jia Xu, St

Privacy as a Service (slides) Ashish Dandekar, Debabrota Basu, Poh Geong Sen, Jia Xu, St

Introduction Li anch eng Demo References Privacy as a Service (slides) Ashish Dandekar, Debabrota Basu, Poh Geong Sen, Jia Xu, St ephane Bressan July 18, 2019 1 / 8 Introduction Li anch eng Demo References Motivation

232 views • 9 slides
Final Project 1. Demo + Presentation 10 Minutes over 2 sessions in week 12 11-1pm and 1-3pm on

Final Project 1. Demo + Presentation 10 Minutes over 2 sessions in week 12 11-1pm and 1-3pm on

Final Project 1. Demo + Presentation 10 Minutes over 2 sessions in week 12 11-1pm and 1-3pm on Tue 6 th April Max 5 slides Suggested format: Summary of the main paper(s) you are basing your implementation on Related info: secondary papers,

197 views • 8 slides
Seven Essential Board Slides Every board meeting should include these seven slides as a minimum

Seven Essential Board Slides Every board meeting should include these seven slides as a minimum

Seven Essential Board Slides Every board meeting should include these seven slides as a minimum check list to assess the companys health. If management and the board cannot agree on these seven slides, then the company is off the rails.

199 views • 16 slides
Cyber@UC Meeting 55 Wireshark Demo If Youre New! Join our Slack: ucyber.slack.com SIGN

Cyber@UC Meeting 55 Wireshark Demo If Youre New! Join our Slack: ucyber.slack.com SIGN

Cyber@UC Meeting 55 Wireshark Demo If Youre New! Join our Slack: ucyber.slack.com SIGN IN! (Slackbot will post the link in #general) Feel free to get involved with one of our committees: Content Finance Public Affairs Outreach

261 views • 14 slides
MNsure July 2018 Navigator/CAC and Broker Webinar Slides and Script Slide 1: Demo of MNsures

MNsure July 2018 Navigator/CAC and Broker Webinar Slides and Script Slide 1: Demo of MNsures

MNsure July 2018 Navigator/CAC and Broker Webinar Slides and Script MNsure July 2018 Navigator/CAC and Broker Webinar Slides and Script Slide 1: Demo of MNsures New Plan Comparison Tool Demo of MNsures New Plan Comparison Tool The

858 views • 30 slides
System Advisor Model (SAM) Introduction Slides and Demo Nate Blair NREL NREL System Modeling T

System Advisor Model (SAM) Introduction Slides and Demo Nate Blair NREL NREL System Modeling T

System Advisor Model (SAM) Introduction Slides and Demo Nate Blair NREL NREL System Modeling T ools 2 System Advisor Model (SAM) System Advisor Model Free software that enables detailed performance and financial analysis for renewable

227 views • 20 slides
US5 Cognitive Systems and Cellular Networks Demo for Year2 Review Meeting Dublin, November 2012

US5 Cognitive Systems and Cellular Networks Demo for Year2 Review Meeting Dublin, November 2012

US5 Cognitive Systems and Cellular Networks Demo for Year2 Review Meeting Dublin, November 2012 The research leading to these results has received funding from the European Union's Seventh Framework Programme (FP7/2007-2013) under grant

326 views • 7 slides
HIP HOP TOP 40 DEMO DEMO The Baka Boyz are consummate pros and their ability to produce

HIP HOP TOP 40 DEMO DEMO The Baka Boyz are consummate pros and their ability to produce

HIP HOP TOP 40 DEMO DEMO The Baka Boyz are consummate pros and their ability to produce great daily and weekend content is going to be needed now more than ever in todays fiscally challenging radio climate. We are About The Baka

316 views • 7 slides
CS324e - Elements of Graphics and Visualization Java Intro / Review A1 Demo Demo of A1

CS324e - Elements of Graphics and Visualization Java Intro / Review A1 Demo Demo of A1

CS324e - Elements of Graphics and Visualization Java Intro / Review A1 Demo Demo of A1 expected behavior Crack a substitution cipher assumes only letters encrypted and assumes upper and lower case substitutions the same initial

312 views • 16 slides
Establishing a Personal Electronic Health Record in the Rhine-Neckar Region Sarajevo 31th of

Establishing a Personal Electronic Health Record in the Rhine-Neckar Region Sarajevo 31th of

Establishing a Personal Electronic Health Record in the Rhine-Neckar Region Sarajevo 31th of August 2009 Oliver HEINZE 1 , Antje BRANDNER 1 , Bjrn BERGH 1 1 Department of Information Technology and Medical Engineering University Hospital

682 views • 19 slides
The Processing and Archiving Unit of the Javalambre Astrophysical Observatory. A. Ederoclite CE

The Processing and Archiving Unit of the Javalambre Astrophysical Observatory. A. Ederoclite CE

The Processing and Archiving Unit of the Javalambre Astrophysical Observatory. A. Ederoclite CE F CA A. Ederoclite UPAD OAJ Heidelberg, 10 June 2013 1 of 17 J-PAS Expected Beginning: 2015 Expected Duration: 5 7 years A. Ederoclite

397 views • 21 slides
Management of Exceptions in Access Control Policies J. G. Alfaro, F. Cuppens, N. Cuppens ENST

Management of Exceptions in Access Control Policies J. G. Alfaro, F. Cuppens, N. Cuppens ENST

Management of Exceptions in Access Control Policies J. G. Alfaro, F. Cuppens, N. Cuppens ENST Bretagne, Rennes RSM/SERES Outline - 2 - Problem domain Main strategies Use of full expressiveness Conclusions and Perspectives

562 views • 28 slides
IOT SECURITY SOFTWARE SOLUTIONS DANNY DE COCK 22 September 2015 SENIOR RESEARCHER

IOT SECURITY SOFTWARE SOLUTIONS DANNY DE COCK 22 September 2015 SENIOR RESEARCHER

IOT SECURITY SOFTWARE SOLUTIONS DANNY DE COCK 22 September 2015 SENIOR RESEARCHER HTTP://GODOT.BE/SLIDES STANDARD CRYPTO-TECHNICAL CONSIDERATIONS IOT = big data, focused on functionality, not security Security is afterthought Each

483 views • 14 slides
61A Extra Lecture 6 Implementing an Object System Today's topics: What is a class? What

61A Extra Lecture 6 Implementing an Object System Today's topics: What is a class? What

61A Extra Lecture 6 Implementing an Object System Today's topics: What is a class? What is an instance? How do we create inheritance relationships? How do we write code for attribute look-up procedures? Tools we'll use:

287 views • 13 slides
Lecture 17: Mutable Linked Lists Brian Hou July 20, 2016 Announcements Homework 6 is due today

Lecture 17: Mutable Linked Lists Brian Hou July 20, 2016 Announcements Homework 6 is due today

Lecture 17: Mutable Linked Lists Brian Hou July 20, 2016 Announcements Homework 6 is due today at 11:59pm Project 3 is due 7/26 at 11:59pm Earn 1 EC point for completing it by 7/25 Quiz 5 tomorrow at the beginning of lecture

777 views • 25 slides
Optimization Tactical Deep Dive How to write copy that converts 5 lessons from 300 A/B tests

Optimization Tactical Deep Dive How to write copy that converts 5 lessons from 300 A/B tests

Optimization Tactical Deep Dive How to write copy that converts 5 lessons from 300 A/B tests Michael Lykke Aagaard Test Junkie / Copy Fanatic ContentVerve.com Experiment 1: Background Experiment ID: MatchOffice.com product page Location:

767 views • 43 slides
MDPP Billin illing and P Payment W Webin inar Amanda Rhee, JD MDPP Expanded Model Lead CMS

MDPP Billin illing and P Payment W Webin inar Amanda Rhee, JD MDPP Expanded Model Lead CMS

Medicare D Diabetes Prevention on Prog ogram ( (MDPP) PP) Su Supplier Su Suppor ort MDPP Billin illing and P Payment W Webin inar Amanda Rhee, JD MDPP Expanded Model Lead CMS Innovation Center May 2 29, 2019 Disclaimer This

688 views • 49 slides

More recommend