belnet r&e federation belnet – mario vandaele bnc 2011 – 24 november 2011
TRANSCRIPT
Belnet R&E FederationBelnet – Mario Vandaele
BNC 2011 – 24 November 2011
2Belnet R&E Federation24.11.2011
Agenda
What?
Why?
How?
Q&A
“Evolving to streamlined access for web services”
3Belnet R&E Federation24.11.2011
What: Belnet R&E Federation?
Identity & Access Management
Research &Education
Community
IdentityProviders
Federated Partners CommercialNon-profitGovernment
AgenciesOther
Federations
ServiceProviders
4Belnet R&E Federation24.11.2011
What: Belnet R&E Federation?
4Belnet R&E Federation24.11.2011
Identity & Access Management
Research &Education
Community
IdentityProviders
Federated Partners
ServiceProviders
Administration?
Legal?
Technical?
BelnetR&E
Federation
TrustedMediator
5Belnet R&E Federation24.11.2011
Why: the Belnet R&E Federation?
Why a federation approach and not another one?
Let us briefly go back in time, when:
– users were still new to the network
– security & privacy concerns were minimal
LAN
6Belnet R&E Federation24.11.2011
Why: Belnet R&E Federation?
User = johnPwd = abc123
User = janePwd = abc456
User = jdoe1Pwd = def123
User = jdoe2Pwd = def456
User = johndoePwd = ghi123
User = jd456Pwd = jkl123
User = john456Pwd = mno123
User = jd123Pwd = pqr123
User = jdoePwd = ghi456
User = jd123Pwd = jkl456
User = jane123Pwd = mno456
User = jd456Pwd = pqr456
1991
7Belnet R&E Federation24.11.2011
Why Belnet R&E Federation?
User = johnPwd = abc123Birth dateHome address…
User = jdoePwd = def123Birth dateHome address…
User = johnPwd = abc123Birth dateHome address
User = jdoePwd = def123Birth dateHome address
User = jdoePwd = def123Birth date
User = johnPwd = abc123Birth date
8Belnet R&E Federation24.11.2011
Why: Belnet R&E Federation?
2001
9Belnet R&E Federation24.11.2011
Why: Belnet R&E Federation?
Identity & Access Management
Role-BasedAccesControl
AddModDel
One account& passwordper user
2001
The Cloud
10Belnet R&E Federation24.11.2011
Why: Belnet R&E Federation?
SoftwareasaService
User = johnPwd = abc123
User = jdoe1Pwd = def123
User = johndoePwd = ghi123
User = jd456Pwd = jkl123
User = john456Pwd = mno123
User = jd123Pwd = pqr123
User = janePwd = abc456
User = jdoe2Pwd = def456
User = jdoePwd = ghi456
User = jd123Pwd = jkl456
User = jane123Pwd = mno456
User = jd456Pwd = pqr456
20112011 or
1991?
11Belnet R&E Federation24.11.2011
Why: Belnet R&E Federation?
11Belnet R&E Federation24.11.2011
Identity & Access Management
Research &Education
Community
IdentityProviders
Federated Partners
ServiceProviders
BelnetR&E
Federation
12Belnet R&E Federation24.11.2011
Why: Belnet R&E Federation?
12Belnet R&E Federation24.11.2011
Identity & Access Management
ServiceProvider 1
BelnetR&E
Federation
ServiceProvider 2
IdentityProvider 1
IdentityProvider 2
Identity & Access
Management
Identity & Access
Management
One agreement
One language:SAML2
1-timesetup
1-timesetup
“Evolving to streamlined access for web services”
One account& passwordper user
13Belnet R&E Federation24.11.2011
How: Belnet R&E Federation?
How to join the Belnet R&E Federation?
Belnet R&E Federation:
– 15 december 2011
– Belnet
– Contact: [email protected] to subscribe
Q&A