EGI Technical Forum

Moonshot in Grids - one year after

20 Sept 2011, 14:40

20m

St Clair 3b (90) (Lyon Conference Centre)

Presentation Technology Individual Presentations

Speaker

Daniel Kouril (CESNET)

Description

Grids have traditionally used certificates which have scaled well globally and given a high level of assurance, but grids would become more useful if they could consume authentication tokens from other authentication infrastructures, also with different levels of assurance. Expected benefits include widening the user base, by making use of existing authentication infrastructure, and improved single sign-on for users. Moreover, central attribute authorities like VOMS have worked well for grids, but being able to make use of institutional attributes will be useful also for new data and services sustainability models, e.g. to support institutional subscriptions. In this presentation we will focus on the Moonshot project that brings the functionality of SAML-based identity federations to the world of non-web applications. Using Moonshot it is possible to rely on home identity providers to perform authentication and issue additional attributes about the users. The user experience from the SAML-based federations suggests that such an arrangement is well perceived. The Moonshot project has been presented already at previous EGI events and elsewhere and elicited an interest from various parties, including large user communities. Therefore, we will present a short introduction of the project and update of its current status, which will be followed by a live demonstration of the technology. In particular we will show how an MyProxy-based online CA can be established, which will issue certificates based on the same authentication and attributes as are utilizied by the Terena Certification Service. We will also describe current status of deployment and present requirements necessary to install the Moonshot technology. Given the interest from the Grid community and an already organized workshop on Moonshot usage in Grids and HPCs, we expect more discussions in this area over the next months, whose outcomes will also be presented in the talk.