...
The AARC project is running a pilot with a bridging AAI solution based on the CILogon model to enable resources that use conventional identity and attribute certificates for access control to be used by researchers using exclusively federated credentials. While certificate-based access is effective for many non-web (command-line) and brokered-access (delegation) use cases, exposing this technology to a wide user base is seen as a significant barrier. In this pilot a set of mutually-interconnected third-party software components is composed to hide the technical details of certificate-based access.
It combines authentication using SAML-based identities such as provided by eduGAIN, public-key authentication certificates (PKIX) such as those coordinated by the IGTF, the use of VOMS community membership management statements, and the OpenID Connect authentication protocol, used by many light-weight web applications (e.g. Globus Online and science gateways).
Using the AARC CILogon-like Token Translation Service “TTS” pilot technology, infrastructures such as EGI and ELIXIR can implement AAI controls for their existing resources and services with SAML based credentials in an end-user friendly way.
...
- The AARC CILogon-like TTS pilot - introduction for the IGTF
- Impact of EGI of the AARC CIlogon-like pilot - an introduction
- A CILogon-like TTS IOTA CA for Europe - presentation to the Asia Pacific trust community