Storage task force
Shibboleth-features and challenges in PowerFolder Sync & Share 11 FEB 2014
Roadmap for today • Introduction • Use cases / Installations • The challenges of Sync & Share – Federated AAI – Large scale distributed storage – Individualization • Le fin
Background & Contact • PowerFolder , headquartered in Meerbusch next to Düsseldorf, Germany, develops and provides Sync- and Share- Solutions since 2007 for Business, Education- and Research- Organizations. The medium-size company serves thousands of customers worldwide, who prefer to keep their data on own storage while profiting from the efficiency and comfort to access their data anywhere from any device. • Contact – Christian Sprajc sprajc@powerfolder.com Founder and CEO +49 2132 97 92 292 – PowerFolder support@powerfolder.com Technical Support +49 2132 97 92 291 PowerFolder Niederlöricker Str. 62 40667 Meerbusch, +49 2132 97 92 290 https://www.powerfolder.com
PowerFolder – Federated Sync and Share - easy to use, rock-solid Secure Collaboration Mobile Sync & Access with Externals Client Backup Client Sync Secure Collaboration
• Sync and Share cloud available to German universities and research organizations • University of Göttingen, Max-Planck Society • 50 GB storage for members, 10 GB for students. Optional upgrades available. • Login via LDAP, Database and RADIUS • Integration with Self-Service and Support Portal
• Largest EDU-Sync and Share cloud in Germany • 9 Universities plus ~65 higher educational institutions • Reach: 350.000 students, 100.000 employees • Funded by the Ministry of Science, Research and Art • PowerFolder scored with its years of experience, its service and flexibility…
• Single Sign on user authentication via Shibboleth: • AAI Metadata + Discovery Service (WAYF) • Plus sharing with external users (no quota) • Integration with bwIDM and Web-Registration portal • 10 GB storage initially - optional upgrades available • Part of the bwLSDF project: 10 PB storage in total
PowerFolder - Installed userbase Million Users 1,8 1,6 1,4 1,2 1 Million Users 0,8 0,6 0,4 0,2 0 2011 2012 2013 2014
Popular internet memes by PowerFolder developers Memes 20 18 16 14 12 10 Memes 8 6 4 2 0 2010 2011 2012 2013
Popular internet memes by PowerFolder developers
The Challenges 1. Federated AAI 2. Large scale distributed storage 3. Individualization Integration
The Challenges 1. Federated AAI
1. Federated AAI • How to provide single sign login to users • By ensuring the provider does not get: – ANY credentials of the users – at ANY time • Throughout all ways of access…
1. Federated AAI - throughout all ways of access Client Mobile Apps Web-Browser Win, Linux & Mac iOS & Android WebDAV?
1. Federated AAI – Web Access Todays AAI easily support web access…
1. Federated AAI – Sync clients For sync clients it can become tricky…
1. Federated AAI – Sync clients - Shibboleth • SAML V2.0 Enhanced Client or Proxy profile • IdP: Requires Shibboleth v2.5 • SP: Requires Apache/mod_shib v2.5 • Groundwork and examples are available • E.g. Libraries by ;) • But integration is the key…
1. Federated AAI – Sync clients – IdP selection
1. Federated AAI – WebDAV • WebDAV protocol does not work well with Shibboleth / SAML • SAML redirect profile – redirects aren‘t followed • SAML POST profile not supported – Requires parsing of HTML Forms – Usually solved via JavaScript in Shibboleth – No HTTP Session Handling
1. Federated AAI – WebDAV • It’s a pain in the bum • Discovery problem • Workarounds may compromise user’s security and experience • or break the standard!
Conclusions - Federated Sync and Share with AAI 1. Web – Solved 2. Clients/Apps – Solved 3. WebDAV - Hard
The Challenges 2. Large scale / distributed storage
2. Large scale / distributed storage • Flexible – Service resources should scale up and down according to current load • Highly available – e.g. upgrades should not affect the service availability • Efficient – Utilize distributed storage locations and network connections
2. Large scale – flexibility and high availability Web Client Client Apache Apache PowerFolder PowerFolder PowerFolder Service Node 1 Service Node 2 Service Node N Storage
2. Large scale – Peer-to-Peer brings efficiency Client Client Client Client Replication Replication node node AA & File transfer PowerFolder AA & File transfer (fallback) Service P2P File transfer
Conclusions - Large scale / distributed storage 1. Flexibility & HA – Solved 2. P2P helps to keep to load and traffic low – thus saves costs! 3. Built-in replication available – on storage level supported
The Challenges 3. Individualization / Integration
3. Individualization / Integration • Legal agreement – User has to agree to the terms and conditions of the service • Provisioning – Different user groups/roles should get different quotas/permissions • Account lifecycle management
3. Individualization / Integration First time User Provisioning Web- PowerFolder Registration HTTP API calls Service Portal Browser: Account activated!
Conclusions - Individualization / Integration Terms and conditions of the service, account provisioning and lifecycle management is an integral part of Sync & Share projects!
Le fin Thank you Q&A
Get in contact • Contact us for free EDU On-Premise Trial. • Download: http://www.powerfolder.com • Wiki: http://wiki.powerfolder.com Contact : Christian Sprajc sprajc@powerfolder.com Founder and CEO +49 2132 97 92 292 PowerFolder support@powerfolder.com Technical Support +49 2132 97 92 291 PowerFolder contact@powerfolder.com Niederlöricker Str. 62 40667 Meerbusch +49 2132 97 92 290 https://www.powerfolder.com
Recommend
More recommend
