APAN Home

 Middleware Workshop
 Chairman :  

 Yasuo Okabe ( Kyoto University, Japan )

 Members :  

 Nate Klingenstein (Internet2, USA)
  Kento Aida (NII, Japan)

 Objectives :  

This session will encourage the collaborations of middleware developers and those responsible for identity management and directory services to discuss ways to get campuses ready for middleware technologies so that end users can connect to the network and access resources (online journals, collaborative services, grid applications, wireless roaming, etc.) in a secure, scalable and manageable way. This workshop may also include some Grid Middleware talks.

 Target Audience :  Open for any attendees, especially researchers, application developers and operators working on academic networks, AAI and Grid.
 Expected Number of Participants :  30
 Agenda :  

Session One: 14.00 - 15.30

14:00 - 14:30    eduGAIN and Interfederation -Collaboration between Asian and European Countries by Access Management Federation -                           Brook Schofield, TERENA

Abstract : National identity federations in Europe have been successful in supporting the collaboration, access and sharing of services between their members for many years. As new federations emerge they face the problem of attracting services to join their federation and how to collaborate with researchers connected to anther identity federation.

eduGAIN, a global initiative to enable the trustworthy exchange of information between participating organisations via their home identity federation, can bootstrap the interfederation efforts of your existing or emerging federation, while removing the need to bilaterally peer with multiple federations or services.

This presentation will provide a status update on eduGAIN including examples on how institutions and services are supporting interfederation.


14:30 - 14:55    Update on Japanese Federation GakuNin in 2011 - Motonori Nakamura and Kazu Yamaji, NII   Slides

Abstract : The Japanese academic access federation, GakuNin, is deploying federated identify in Japan using the SAML 2.0 standard, primarily with Shibboleth software. GakuNin entered production operation in 2010, and has grown today to 28 IdPs and 22 SPs. This talk summarizes the GakuNin progress in the 2011 and our future plan in addition to the current status of the eduroam deployment in Japan. In order to accelerate its activity, the federation focuses on additional technologies beyond just operational management. Of these new technologies, we will specifically introduce our user consent acquisition system, new discovery service tool, virtual organization system and its related services.


14:55 - 15:20    Design and Implementation of Shibboleth Authentication for Web Forward Proxy - Takaaki Komura, Kyoto University   Slides

Abstract : We propose a web forward proxy server which is capable Shibboleth authentication method for proxy authentication. With this proxy Single Sign-On would benefit a user and also authentication using Shibboleth protocol solves problems in basic authentication and digest authentication supported by existing web forward proxy servers. The proposed proxy needs to recognize attributes in Shibboleth protocol and to issue session cookies pretending a web origin server which user want to access. Also the proxy intercepts the session cookie, which sent by web browser to the web origin server, and verify the user. We implemented the proxy and evaluated it by accessing to electronic journal sites from network on Kyoto University.

15:20 - 15:30 Discussion


Session One: 16.00 - 17.30

16:00 - 16:25    Authentication Mechanism for High Performance Computing Infrastructure in Japan - Kento Aida, NII

Abstract : We are now building High Performance Computing Infrastructure (HPCI), which is organized by distributed supercomputers and storages in Japan. The goal is to build supercomputing environment, where users can easily utilize the distributed resources to run their applications. This talk presents an authentication mechanism for HPCI. The authentication mechanism enables single sign-on to supercomputer/storage resources and federates user account management systems distributed over supercomputing centers. We use Grid Security Infrastructure (GSI) for enabling single sign-on and Shibboleth for federation of distributed account management systems. We plan to start production level operation of HPCI with "K computer", nine supercomputers and two high-performance storages in the fall of 2012. This talk also presents a roadmap for deployment of HPCI.

16:25 - 16:50    edubase Cloud: An Open Source-based Educational Cloud Platform - Prabin Karanjit, NII

Abstract : Cloud computing offers features such as agility, scalability, self-manageability, cost reduction and has a potential to become paradigm which will change the way to develop and deliver IT services. Cloud features are attractive not only from the business point of view, its usefulness is gradually recognized in the academic institutions conducting educations and researches as well. Cloud computing enables to significantly reduce the effort to build the environment for researches and promotes its reusability. This talk will present a brief introduction to "edubase Cloud" - an open source-based educational cloud computing platform of National Institute of Informatics, Japan.

16:50 - 17:20    A strategic approach to Cloud Security to accelerate Cloud Adoption -   Anil Nileshwar , Cisco

Abstract : Cloud computing represents a dramatic shift to new technologies and new business computing models. While cloud computing increases business agility, scalability, and efficiency, it also introduces new security risks and concerns. These challenges are complex because they involve not only technology issues but also substantial process changes due to the new business computing models. Traditional solutions to security address issues such as multi-tenancy, policies, automation and access control. However CIOs of Enterprises and Service Providers are realizing the need to not just get technology right, but also cover integrated architectures, consistent policies, ownership and governance, to deliver high performance, scalability and operational simplicity. The talk will cover a strategic and architectural approach to build top-class cloud security for public and private clouds.

17:20 - 17:30    Discussion: Possible Collaboration in APAN network - Yasuo Okabe, Kyoto University

 Remarks :  Video Conference facility is needed

© Copyright 2009 - 2011 APAN | | Last updated: 19 Sep 2011