european eduroam service
play

European eduroam service Miroslav Milinovi University Computing - PowerPoint PPT Presentation

Mar 21, 2023 •335 likes •640 views

European eduroam service Miroslav Milinovi University Computing Centre, University of Zagreb, Zagreb, Croatia <miro@srce.hr> EuroCAMP Cork, Ireland, May 2009 Contents eduroam technology eduroam service organisation

  1. European eduroam service Miroslav Milinović University Computing Centre, University of Zagreb, Zagreb, Croatia <miro@srce.hr> EuroCAMP Cork, Ireland, May 2009

  2. Contents  eduroam technology  eduroam service  organisation  infrastructure elements  supporting elements  Current status and plans EuroCAMP 2009, Cork 2009: 2/29

  3. Roaming requirements  Identify users uniquely at the edge of the network  Enable guest usage  Scalable  local user administration and authentication  Easy to install and use  at the most one-time installation by the user  Open  Secure EuroCAMP 2009, Cork 2009: 3/29

  4. Federations  Federations enable sharing of resources (synergy effects, joining a federation instead of many bilateral agreements)  A federation is constituted by a set of agreements between members (peers)  In a federation (agreement) there needs to be a common set of rules (organisational and technical)  Federations can be part of bigger federations  Federations can be interconnected  Confederation = federation of federations (federating principles applied to federations themselves) EuroCAMP 2009, Cork 2009: 4/29

  5. eduroam technology  Security based on 802.1X  Integration with VLAN assignment  Protection of credentials  Authentication based on EAP  Different authentication mechanisms possible by using EAP (Extensible Authentication Protocol)  Roaming based on RADIUS proxying Remote Authentication Dial In User Service  Transport-protocol for authentication information   Trust fabric based on:  Technical: RADIUS hierarchy  Policy: Documents/contracts that define the responsibilities of user, institution, NREN and the respective federation EuroCAMP 2009, Cork 2009: 5/29

  6. eduroam architecture: ubiquitous network access Supplicant Authenticator RADIUS server RADIUS server User User (AP or switch) University A University B DB DB user XYZnet joe@university_b.hr Commercial Employee VLAN VLAN Central RADIUS Student Proxy server VLAN • Trus ust: : RADIUS S & & polic icy docum ument nts • 802. 2.1X 1X + EAP signalling • (VLAN LAN assign ignment ent) data EuroCAMP 2009, Cork 2009: 6/29

  7. eduroam confederation RADIUS hierarchy confederation level servers .PT .DK federation (NREN) level servers inst-1 inst-2 inst-3 inst-4 institutional level servers tom@inst-1.dk EuroCAMP 2009, Cork 2009: 7/29

  8. eduroam goes global http://www.eduroam.org EuroCAMP 2009, Cork 2009: 8/29

  9. (European) eduroam service  work started in TF-Mobility, continued in GEANT2: JRA5 (Roaming and Authorisation) & SA5 (eduroam service activity)  eduroam user experience: “open your laptop and be online”  to provide secure network access inside the confederation boundaries (to the end users)  eduroam is a secure international roaming service for members of the European eduroam confederation (a confederation of autonomous roaming services) EuroCAMP 2009, Cork 2009: 9/29

  10. European eduroam confederation principles  Members are European NRENs/NROs  Members sign European eduroam policy commiting to the organisational and technical requirements  Mutual access – no fees  Authentication at home - Authorisation at visited institution  Home institutions are/remain responsible for their users abroad  Members promote eduroam in their countries  European eduroam may peer with other regions (confederation level) EuroCAMP 2009, Cork 2009: 10/29

  11. Confederated eduroam service  Encompasses all the elements necessary to support the Service  confederation infrastructure  establishing trust between the member federations  monitoring and diagnostic facilities  central data repository (eduroam database)  confederation level user support EuroCAMP 2009, Cork 2009: 11/29

  12. eduroam service model eduroam service (governed by eduroam group) eduroam confederation service (provided by OT) national eduroam service ... (provided by national eduroam NREN/NRO) service (provided by NREN/NRO) EuroCAMP 2009, Cork 2009: 12/29

  13. eduroam service elements  Technology infrastructure  Supporting infrastructure  monitoring and diagnostics  eduroam web site (http://www.eduroam.org)  eduroam database  trouble ticketing system (TTS)  mailing lists EuroCAMP 2009, Cork 2009: 13/29

  14. Users vs. service elements Service elements User group End user Inst. Level personnel Federation-level personnel Basic monitoring facilities Yes Yes Yes Full monitoring and diagnostics No Yes (limited to the information Yes facilities regarding the respective inst.) Public access to the eduroam Yes Yes Yes web site Access to the internal eduroam No Yes (limited to the information Yes web site regarding the respective inst.) Public access to the eduroam Yes Yes Yes database Access to the all information in No Yes (limited to the information Yes the eduroam database regarding the respective inst.) TTS No Yes Yes Mailing lists No No Yes Support from OT No No Yes EuroCAMP 2009, Cork 2009: 14/29

  15. eduroam infrastructure Eduroam confederation infrastructure Top-level RADIUS Server(s) RADIUS RADIUS Home Federation Remote Federation Federation (National) Federation (National) top level RADIUS top level RADIUS proxy Server(s) proxy Server(s) RADIUS RADIUS HI RI RADIUS Server RADIUS Server RADIUS RI SP HI IdP network User U access AuthN S EuroCAMP 2009, Cork 2009: 15/29

  16. Monitoring: problem definition  Monitor functionality of the eduroam infrastructure  servers  infrastructure  user experience  It is not enough to know that host is accessible  Ultimate goal is to test real users experience  (very) different workflows at RADIUS servers for Accept and Reject  perform both accept and reject logic tests EuroCAMP 2009, Cork 2009: 16/29

  17. Monitoring: concept RADIUS Proxy Server Monitoring Client IdP RADIUS Server Monitoring client is RADIUS client capable of sending various types of RADIUS  request (PAP, EAP, …) RADIUS Proxy Server is monitored server  IdP RADIUS Server is the server that issues the response thus acting as loop-back  server. It’s function is to close the tunnel and create standard well forma ted and specified response. This function might be realized on the monitored server (RADIUS proxy server) EuroCAMP 2009, Cork 2009: 17/29

  18. Monitoring: process Monitoring process is performed in two steps REJECT test and ACCEPT test  Both steps include :  Monitoring client creates RADIUS attributes specific for monitoring purpose   Monitoring client creates RADIUS request based on selected AuthN type (now EAP/TTLS) Monitoring client sends RADIUS request, and starts measuring response time   Monitored RADIUS Proxy Server handles request and sends back the response Monitoring client evaluates received response and updates database.   Monitored server is marked OK if it fulfills both testing steps. Monitored data, saved in database:   is monitoring request accepted by RADIUS proxy server ? (yes/no)  is request properly routed? (currently to eduroam.<tld>)  type of RADIUS request (currently only EAP/TTLS)  is response well formed (equal to expectations)? response time  EuroCAMP 2009, Cork 2009: 18/29

  19. Monitoring servers TLRS monitoring client monitoring database FLRS EuroCAMP 2009, Cork 2009: 19/29

  20. Monitoring infrastructure TLRS(s) TLRS(s) monitoring client monitoring database FLRS(s) FLRS(s) EuroCAMP 2009, Cork 2009: 20/29

  21. Testing on demand realm A FLRS(s) monitoring client TLRS(s) monitoring TLRS(s) database realm B FLRS(s) EuroCAMP 2009, Cork 2009: 21/29

  22. eduroam database The information stored in the eduroam database includes:  NRO representatives and respective contacts   Local-institutions (both SP and IdP) official contacts  Information about eduroam hot spots (SP location, technical info)  Monitoring information Information about the usage of the service  NROs:  should provide respective data (general and usage data)   in the defined XML format available at the specified URL address  should be accessible only from the eduroam database server EuroCAMP 2009, Cork 2009: 22/29

  23. User support: problem escalation scenario (1) home federation OT visited federation fed.-level admin. local institution admin. fed.-level admin. 3 local institution admin. 1,2 4 user EuroCAMP 2009, Cork 2009: 23/29

  24. User support: problem escalation scenario (2) home federation OT visited federation 4b 4a fed.-level admin. 4 local institution admin. 3 fed.-level admin. 5 local institution admin. 1,2 6 user EuroCAMP 2009, Cork 2009: 24/29

  25. eduroam current status: connected to the TLRSs  34 countries  2 TLRSs  links to APAN, Canada, ... EuroCAMP 2009, Cork 2009: 25/29

  26. eduroam current status: monitored TLRS/FLRS  monitoring service is in place  all three scenarios implemented (testing on demand is protected)  publicly available via www.eduroam.org (monitor.eduroam.org)  further development is planned EuroCAMP 2009, Cork 2009: 26/29

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Wirefree Wirefree European mobile eduroam data procurement footprint + services GN3+ SA7-T5

Wirefree Wirefree European mobile eduroam data procurement footprint + services GN3+ SA7-T5

Mobile + Wi-Fi = Wirefree eduroam + 4G LTE Wi-Fi as a Service Wirefree Wirefree European mobile eduroam data procurement footprint + services GN3+ SA7-T5 Why do NRENs need to look at mobile networks? Mobile SIMs give Changing SIMs phones

876 views • 11 slides
Eduroam in a box Eduroam in a box (take 3) (take 3) Rok Pape, ARNES, Barcelona, 06.09.2005

Eduroam in a box Eduroam in a box (take 3) (take 3) Rok Pape, ARNES, Barcelona, 06.09.2005

Eduroam in a box Eduroam in a box (take 3) (take 3) Rok Pape, ARNES, Barcelona, 06.09.2005 ARNES EduRoam 1/2 ARNES EduRoam 1/2 WPA/WPA2 Wireless network WPA Enterprise ( + WPA2 where available) Dynamic VLANs Support for

329 views • 17 slides
Eduroam in Australia APAN29 Middleware Workshop February 9, 2010 What is eduroam? Guide for

Eduroam in Australia APAN29 Middleware Workshop February 9, 2010 What is eduroam? Guide for

Eduroam in Australia APAN29 Middleware Workshop February 9, 2010 What is eduroam? Guide for users 2 Eduroam Infrastructure .nl .au .ca .cn .hk .jp .edu org1.edu.au org1.edu.au RADIUS AP1 AP1 AP1 AP1 AP1 AP1 3 AU Eduroam

151 views • 12 slides
GN2 JRA5: eduroam transition to service TtS meeting, 3rd technical workshop in Cambridge J.

GN2 JRA5: eduroam transition to service TtS meeting, 3rd technical workshop in Cambridge J.

Connect. Communicate. Collaborate GN2 JRA5: eduroam transition to service TtS meeting, 3rd technical workshop in Cambridge J. Rauschenbach, DFN JRA5 Team JRA5 eduroam service Connect. Communicate. Collaborate The first JRA5 service will

981 views • 21 slides
ED EDUROAM U UPDATE BIG NUMBERS, NEW TOOLS, GLOBAL REACH Introduction eduroam In Context

ED EDUROAM U UPDATE BIG NUMBERS, NEW TOOLS, GLOBAL REACH Introduction eduroam In Context

28 October 2020 ED EDUROAM U UPDATE BIG NUMBERS, NEW TOOLS, GLOBAL REACH Introduction eduroam In Context Introduction eduroam Update Global Coverage Local Coverage Deployment Suggestions Usage Statistics Monitoring

500 views • 21 slides
Collaboration with ISPs for Large-Scale Deployment of eduroam in Japan Hideaki Goto NII /

Collaboration with ISPs for Large-Scale Deployment of eduroam in Japan Hideaki Goto NII /

31st APAN meeting Feb. 21-25, 2011, Hong Kong Collaboration with ISPs for Large-Scale Deployment of eduroam in Japan Hideaki Goto NII / Tohoku University, Japan 1 eduroam JP National eduroam operation and promotion 19 institutions

165 views • 12 slides
Mobile AP eduroam light AP Tomi Salmi, CSC/Funet 31st TF-MNM, 2013-10-15 @ Malaga

Mobile AP eduroam light AP Tomi Salmi, CSC/Funet 31st TF-MNM, 2013-10-15 @ Malaga

Mobile AP eduroam light AP Tomi Salmi, CSC/Funet 31st TF-MNM, 2013-10-15 @ Malaga Mobile AP :: What? Why? Consumer-level access point device modified for eduroam Easy way to bring eduroam anywhere Temporary places like

555 views • 4 slides
Case Studies - Case Studies - Eduroam in Slovenia Eduroam in Slovenia Rok Pape ARNES -

Case Studies - Case Studies - Eduroam in Slovenia Eduroam in Slovenia Rok Pape ARNES -

1 Akademska in raziskovalna mrea Slovenije Case Studies - Case Studies - Eduroam in Slovenia Eduroam in Slovenia Rok Pape ARNES - Academic and research network of Slovenia aaa-podpora@arnes.si Eurocamp, Ljubljana, April 2006 2 Start

1.25k views • 18 slides
Public sector roaming: govroam anyone? Mark OLeary Outline Introducing eduroam The

Public sector roaming: govroam anyone? Mark OLeary Outline Introducing eduroam The

Public sector roaming: govroam anyone? Mark OLeary Outline Introducing eduroam The eduroam design pattern Variations on a theme Govroam Next steps Introducing eduroam 10/06/2016 3 NHS-HE Forum govroam Fundamentals A

824 views • 28 slides
Zero touch Connectivity Per Nihln per@sunet.se What are we doing Eduroam The

Zero touch Connectivity Per Nihln per@sunet.se What are we doing Eduroam The

Zero touch Connectivity Per Nihln per@sunet.se What are we doing Eduroam The Cloud Local initiatives IG campaign Concession for mobility Strategy for new services What are we doing Eduroam The Cloud

559 views • 6 slides
EDUROAM UPDATE BIG NUMBERS, NEW TOOLS, GLOBAL REACH PAUL GUNN paul.gunn@reannz.co.nz 2 REANNZ

EDUROAM UPDATE BIG NUMBERS, NEW TOOLS, GLOBAL REACH PAUL GUNN paul.gunn@reannz.co.nz 2 REANNZ

REANNZ LUNCH 19 12TH JUN 19 EDUROAM UPDATE BIG NUMBERS, NEW TOOLS, GLOBAL REACH PAUL GUNN paul.gunn@reannz.co.nz 2 REANNZ Lunch 19 eduroam Update Photo by bert sz on Unsplash INTRODUCTION EDUROAM UPDATE Its eduroam

380 views • 24 slides
News about... -The CRU federation -eduroam.fr -SCS in France -directory schema Federation

News about... -The CRU federation -eduroam.fr -SCS in France -directory schema Federation

News about... -The CRU federation -eduroam.fr -SCS in France -directory schema Federation news... Current members : 27 IdPs 18 SPs (including Elsevier and EBSCO) Future SPs : Microsoft (MSDN-AA) Ovid Lexis

299 views • 9 slides
The European Com m issions science and know ledge service Joint Research Centre the European

The European Com m issions science and know ledge service Joint Research Centre the European

The European Com m issions science and know ledge service Joint Research Centre the European Union Location Fram ew ork: lessons learned and follow up Francesco Pignatelli, Maria Teresa Borzacchiello, Ray Boguslaw ski ( external

546 views • 16 slides
1. Log on to wifi (_The Cloud or Eduroam) using your Username and Password 2. Download the

1. Log on to wifi (_The Cloud or Eduroam) using your Username and Password 2. Download the

1. Log on to wifi (_The Cloud or Eduroam) using your Username and Password 2. Download the PollEveryWhere app. 3. Open the PollEveryWhere app 4. Join a presentation: thumser1 Alternative responses can be as follows: 1. By texting a CODE to 020

539 views • 15 slides
The European Commissions science and knowledge service Joint Research Centre The European

The European Commissions science and knowledge service Joint Research Centre The European

The European Commissions science and knowledge service Joint Research Centre The European Open Science Cloud for the Earth Observation Science Community (EOSC4EOSC). EGI Conference 2019 (Federated Data Management) Guido Lemoine

302 views • 14 slides
Building NREN service for a WireFree world Maurice van den Akker Team Manager WireFree SURFnet

Building NREN service for a WireFree world Maurice van den Akker Team Manager WireFree SURFnet

Building NREN service for a WireFree world Maurice van den Akker Team Manager WireFree SURFnet Todays items Excellent WireFree: the new goal for NRENs Building a Wi-Fi/4G/eduroam service together with telcos: MoLAN

408 views • 18 slides
Explora(on of Mass-Radius Rela(on for Low mass White Dwarfs

Explora(on of Mass-Radius Rela(on for Low mass White Dwarfs

Explora(on of Mass-Radius Rela(on for Low mass White Dwarfs Arina Rostopchina University of Texas at Aus6n 2 year Astronomy &amp; Physics student

494 views • 14 slides
Level set methods for robustness measures P. V AN D OOREN CESAME, Universit e catholique de

Level set methods for robustness measures P. V AN D OOREN CESAME, Universit e catholique de

Level set methods for robustness measures P. V AN D OOREN CESAME, Universit e catholique de Louvain joint work with Y. Genin, T. Lawrence, M. Overton, J. Sreedhar, A. Tits What it is about Fast and reliable computation of robustness measures

490 views • 29 slides
CSCI 135: DIVING INTO THE DELUGE OF DATA LECTURE 5 functions, parameters, arguments, and modules

CSCI 135: DIVING INTO THE DELUGE OF DATA LECTURE 5 functions, parameters, arguments, and modules

CSCI 135: DIVING INTO THE DELUGE OF DATA LECTURE 5 functions, parameters, arguments, and modules def polar(x, y): '''convert (x,y) into polar coordinates where the angle is in radians ''' radius = math.sqrt(x*x + y*y) angle = math.atan2(y,

311 views • 19 slides
The Radius of Convergence of a Series Solution Bernd Schr oder logo1 Bernd Schr oder

The Radius of Convergence of a Series Solution Bernd Schr oder logo1 Bernd Schr oder

General Result Example Specific Function The Radius of Convergence of a Series Solution Bernd Schr oder logo1 Bernd Schr oder Louisiana Tech University, College of Engineering and Science The Radius of Convergence of a Series Solution

784 views • 35 slides
Fermilab Accelerator Physics Center Update Pion Production Sergei Striganov nuSTORM

Fermilab Accelerator Physics Center Update Pion Production Sergei Striganov nuSTORM

Fermilab Accelerator Physics Center Update Pion Production Sergei Striganov nuSTORM Workshop Fermilab November 21, 2013 OUTLINE Input parameters update MARS model verification update Target parameters update

541 views • 26 slides
Func Functio tions ns What is a function? Its a method that isnt part of a class.

Func Functio tions ns What is a function? Its a method that isnt part of a class.

3/2/20 CS 224 Introduction to Python Spring 2020 Class #16: Functions Func Functio tions ns What is a function? Its a method that isnt part of a class. Unlike in Java, in Python, it isnt necessary for everything to reside in

153 views • 11 slides
CS6220: DATA MINING TECHNIQUES Matrix Data: Clustering: Part 1 Instructor: Yizhou Sun

CS6220: DATA MINING TECHNIQUES Matrix Data: Clustering: Part 1 Instructor: Yizhou Sun

CS6220: DATA MINING TECHNIQUES Matrix Data: Clustering: Part 1 Instructor: Yizhou Sun yzsun@ccs.neu.edu October 5, 2014 Methods to Learn Matrix Data Set Data Sequence Time Series Graph &amp; Data Network Classification Decision Tree;

717 views • 56 slides
The Unit Circle Many important elementary functions involve computations on the unit circle.

The Unit Circle Many important elementary functions involve computations on the unit circle.

The Unit Circle Many important elementary functions involve computations on the unit circle. These circular functions are called by a different name, trigonometric functions. Elementary Functions But the best way to view them is as

151 views • 14 slides

More recommend