wiki:GEC10IdentityAndAttributes

Version 2 (modified by tmitchel@bbn.com, 8 years ago) (diff)

--

Identity and Attributes in GENI

Session leaders

Ken Klingenstein, Internet 2
Tom Mitchell, BBN

Time

Tues 1:00 - 2:30 pm

Description

This meeting will seek agreement on an approach to identity and attributes in GENI.

GENI requires a way of positively identifying experimenters and granting them access to tools and resources. Current control frameworks either maintain their own database of users or explicitly outsource this task to an identity provider. In addition to identifying experimenters, GENI needs information about attributes like institutional affiliation, project role, etc.

The goal of this session is to discuss proposals and reach community consensus on a way forward for identity management and attributes in GENI.

Proposal

External identity providers should be added as sources of identity attributes for GENI experimenters. Specifically, an InCommon compatible GENI portal should be developed to allow new GEN users to authenticate using their own institutional accounts. GENI should also standardize a set of identity attributes required for resource manipulation within GENI. A proposed implementation and schedule will be presented.

Background reading

Identity and Access Management (http://www.internet2.edu/pubs/200703-IS-MW.pdf)
Shibboleth (http://www.internet2.edu/pubs/shibboleth-infosheet.pdf)

Agenda

Introduction - Tom Mitchell (5 mins)
IdM Principles and key issues - Ken Klingenstein (20 mins)
Proposed architecture - Tom Mitchell (15 mins)
Invited discussion - Rob Ricci (10 mins)
Invited discussion - Jeff Chase (10 mins)
Open Discussion - All (20 mins)
Consensus and Wrap Up - Tom Mitchell (10 mins)

Attachments (5)