Tør du (lade være) med at bruge WAYF? David Simonsen Middelfart, DeIC-konferencen 2015
Problemer og løsninger
Problemer og løsninger Problem, institution: behov for mange tjenester (Wiberg, 2006 https://www.terena.org/activities/eurocamp/april06/slides/day1/torbjorn-wiberg.pdf)
Problemer og løsninger Problem, institution: behov for mange tjenester Løsning: Institutioner køber Off-The-Shelf / out-sourcing + AAI (Wiberg, 2006 https://www.terena.org/activities/eurocamp/april06/slides/day1/torbjorn-wiberg.pdf)
Problemer og løsninger Problem, institution: behov for mange tjenester Løsning: Institutioner køber Off-The-Shelf / out-sourcing + AAI Problem, tjenester: kompleks og dyr brugerstyring, skalering (Wiberg, 2006 https://www.terena.org/activities/eurocamp/april06/slides/day1/torbjorn-wiberg.pdf)
Problemer og løsninger Problem, institution: behov for mange tjenester Løsning: Institutioner køber Off-The-Shelf / out-sourcing + AAI Problem, tjenester: kompleks og dyr brugerstyring, skalering Løsning: Tjenester benytter extern brugerstyring (Wiberg, 2006 https://www.terena.org/activities/eurocamp/april06/slides/day1/torbjorn-wiberg.pdf)
Problemer og løsninger Problem, institution: behov for mange tjenester Løsning: Institutioner køber Off-The-Shelf / out-sourcing + AAI Problem, tjenester: kompleks og dyr brugerstyring, skalering Løsning: Tjenester benytter extern brugerstyring Problem, institutioner + tjenester: teknisk integration, jura, brugervenlighed, inter-føderation (Wiberg, 2006 https://www.terena.org/activities/eurocamp/april06/slides/day1/torbjorn-wiberg.pdf)
Problemer og løsninger Problem, institution: behov for mange tjenester Løsning: Institutioner køber Off-The-Shelf / out-sourcing + AAI Problem, tjenester: kompleks og dyr brugerstyring, skalering Løsning: Tjenester benytter extern brugerstyring Problem, institutioner + tjenester: teknisk integration, jura, brugervenlighed, inter-føderation Løsning: Føderation / knudepunkt, databehandler (Wiberg, 2006 https://www.terena.org/activities/eurocamp/april06/slides/day1/torbjorn-wiberg.pdf)
Dagens risikovurdering
Dagens risikovurdering Datatyveri (3/10) : 15 mio identiteter
Dagens risikovurdering Datatyveri (3/10) : 15 mio identiteter Heartbleed
Dagens risikovurdering Datatyveri (3/10) : 15 mio identiteter Heartbleed Phishing
Dagens risikovurdering Datatyveri (3/10) : 15 mio identiteter Heartbleed Phishing Identity Management
Dagens risikovurdering Datatyveri (3/10) : 15 mio identiteter Heartbleed Phishing Identity Management Multi-protokol-landskab
Dagens risikovurdering Datatyveri (3/10) : 15 mio identiteter Heartbleed Phishing Identity Management Multi-protokol-landskab Know-how
Brugerstyringshistorietime
Brugerstyringshistorietime 1 bruger Mange programmer Central computing
Brugerstyringshistorietime 1 bruger Mange programmer 1 bruger-db Mange programmer Central computing Network computing
Brugerstyringshistorietime 1 bruger Mange programmer 1 bruger-db Mange programmer 1 bruger Mange programmer Central computing Network computing Central computing
Brugerstyringshistorietime 1 bruger Mange programmer 1 bruger-db Mange programmer 1 bruger Mange programmer Fødereret bruger-db'er Mange tjenester Central computing Network computing Central computing Network computing
Hvad er WAYF?
Hvad er WAYF? Spørg WAYF: Hvem er det der banker?
Hvad er WAYF? Spørg WAYF: Hvem er det der banker? Svar: det er Peter Anker
Hvad er WAYF? Spørg WAYF: Hvem er det der banker? Svar: det er Peter Anker Fra SDU, studerende, panker@sdu.dk
Hvordan bruges WAYF?
Hvordan bruges WAYF?
Hvad er WAYF? Central teknisk knudepunkt Proxy for institutionerne Håndterer jura, kontrakter mv. Brugerens samtykke Sikker teknisk installation (7-9-13)
Antal tjenester og institutioner Title 300 225 150 75 0 201004 201006 201008 201010 201012 201102 201104 201106 201108 201110 Institutioner 201112 201202 201204 201206 201208 201210 201212 201302 201304 201306 201308 201310 201312 201402 Tjenester 201404 201406 201408 201410 201412 201502 201504 201506 201508 201510
Hvor meget bruges WAYF? Statistik: https://rasmus.wayf.dk Real time: https://markus.wayf.dk 1 Aarhus University 2 University College Lillebaelt 3 University College Zealand 4 University College South Denmark 5 Lillebaelt Academy of Professional HE. 6 University College of Northern Denmark 7 NemID 8 IT University of Copenhagen 9 University of Southern Denmark 10 VIA University College 1 AU Blackboard 2 BSS-Blackboard (AU) 3 Fronter University College Lillebaelt 4 STADS Self-Service 5 Blackboard UC South 6 Fronter 7 WISEflow 8 Fronter University College Zealand 9 State and University Library System 10 WebUntis
Hvem bygger føderationer?
Inter-føderation NemLog-in Kalmar2 (nordisk) edugain (global)
DeIC HPC, SDU login til hele verden (via edugain)
GNOMIS Nordisk AAI samarbejde Projektforslag
GNOMIS Nordisk AAI samarbejde Projektforslag Kalmar2 interfederation (technical development, evangelism, operations)
GNOMIS Nordisk AAI samarbejde Projektforslag Kalmar2 interfederation (technical development, evangelism, operations) Scanning and updating list of systems and projects and initiatives
Kalmar2 interfederation (technical development, evangelism, operations) Scanning and updating list of systems and projects and initiatives Visualisation of statistics and log (SF, NO, S, DK are interested) GNOMIS Nordisk AAI samarbejde Projektforslag
Kalmar2 interfederation (technical development, evangelism, operations) Scanning and updating list of systems and projects and initiatives Visualisation of statistics and log (SF, NO, S, DK are interested) Quality of operations (e.g. ISO27001) GNOMIS Nordisk AAI samarbejde Projektforslag
Kalmar2 interfederation (technical development, evangelism, operations) Scanning and updating list of systems and projects and initiatives Visualisation of statistics and log (SF, NO, S, DK are interested) Quality of operations (e.g. ISO27001) GNOMIS Nordisk AAI samarbejde Projektforslag Better support for research infrastructures
Kalmar2 interfederation (technical development, evangelism, operations) Scanning and updating list of systems and projects and initiatives Visualisation of statistics and log (SF, NO, S, DK are interested) Quality of operations (e.g. ISO27001) Better support for research infrastructures Four GNOMIS meetings per year GNOMIS Nordisk AAI samarbejde Projektforslag
Kalmar2 interfederation (technical development, evangelism, operations) Scanning and updating list of systems and projects and initiatives Visualisation of statistics and log (SF, NO, S, DK are interested) Quality of operations (e.g. ISO27001) Better support for research infrastructures Four GNOMIS meetings per year Bi-yearly AAI-hackathon (SF, NO, S, DK are interested) GNOMIS Nordisk AAI samarbejde Projektforslag
Kalmar2 interfederation (technical development, evangelism, operations) Scanning and updating list of systems and projects and initiatives Visualisation of statistics and log (SF, NO, S, DK are interested) Quality of operations (e.g. ISO27001) Better support for research infrastructures Four GNOMIS meetings per year Bi-yearly AAI-hackathon (SF, NO, S, DK are interested) GNOMIS Nordisk AAI samarbejde Projektforslag Inter-operability test of SAML2 metadata aggregators
Kalmar2 interfederation (technical development, evangelism, operations) Scanning and updating list of systems and projects and initiatives Visualisation of statistics and log (SF, NO, S, DK are interested) Quality of operations (e.g. ISO27001) Better support for research infrastructures Four GNOMIS meetings per year Bi-yearly AAI-hackathon (SF, NO, S, DK are interested) GNOMIS Nordisk AAI samarbejde Projektforslag Inter-operability test of SAML2 metadata aggregators Further development of software packages (simplesamlphp, PySAML, GO11 etc.)
Trend: eduid
ISO27001 informations-sikkerhed
Hardwarebeskyttelse af kryptonøgler
Medium HSM
Large HSM
The Nordic HSM cluster Sweden HSM 1 HSM 2 HSM 3 HSM 4 Denmark
HSM cluster facts Ejere: SUNET og WAYF (DeIC) Governance: HSM-CAB 40 partioner 24 tilgængelige partioner Jo flere vi er sammen (desto lavere pris)
Redundans
Tør I (lade være med at) bruge WAYF?