Fall 2009 Internet2 Member Meeting

close
Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

Application of Shibboleth in the Australian Research Collaboration Service

Time 10/07/09 03:00PM-04:00PM

Session Abstract

The Australian Collaboration Research Service (ARCS) benefits from federated identity and access management enabled by the Shibboleth-based Australian Access Federation (AAF).

Integrating Federated authentication with existing research infrastructures presents several challenges, however, including integration with the Australian Grid, managing authorisation rights, and integrating Shibboleth with non-web-based research services.

Australian Grid services are built on standard protocols which rely on X.509 certificates for authentication. ARCS has implemented the SLCS profile of the IGTF, by which Grid trusted X.509 certificates are generated from end-user attributes. The ARCS SLCS Server also provisions default VO membership.

Research services typically require authorisation rights administered and issued by the services themselves. ARCS has developed a registration and authorisation rights management service, the ARCS Access Service. Users are required to register with the ARCS Access Service, upon which they are issued default authorisation rights. Non-default authorisation rights may be issued either by end-user request or automatically based on end-user information.

Existing research services, and new services based on existing protocols, require use of non-web-based interfaces. Applying Shibboleth to such research services presents a "square-peg in round-hole" problem. Mechanisms and security aspects related to integrating Shibboleth and non-web interfaces (e.g. data access via webDAV) have been addressed.


Speakers

Speaker Neil Witheridge Australian Research Collaboration Service

Presentation Media

media item thumbnail Use of Shibboleth by ARCS (pdf)

Speaker David Fleig Wayne State University

Speaker Neil Witheridge Australian Research Collaboration Service

Secondary tracks Middleware International Cyberinfrastructure

gold Sponsors