Name: VO Standards in Authorization systems
Start: 2018-06-18T09:00:00-07:00
End: 2018-06-19T17:10:00-07:00
Location: No location set

VO Standards in Authorization systems

from Monday 18 June 2018 (09:00) to Tuesday 19 June 2018 (17:10)

Monday 18 June 2018

09:00 Welcome
Welcome
09:00 - 09:05

09:05 Teams
Teams
09:05 - 09:20
Brief presentation of participants

09:20 OATs: Italian Astronomical Archives (IA2) and SKA activities
OATs: Italian Astronomical Archives (IA2) and SKA activities
09:20 - 09:50
A brief description on structure and activities carried out @OATs will be presented. Focus will be on Italian Astronomical Archives and on SKA related activities. Some consideration on the future desiderata will be reported.

09:50 CADC activities
CADC activities
09:50 - 10:20
Introduction to the CADC activities and services offered to the Astronomical community

10:20 Break
Break
10:20 - 10:40

10:40 Authentication and Authorization Use cases
Authentication and Authorization Use cases
10:40 - 12:10
Description of some use cases (CADC and IA2). SKA requirements and other telescopes needs.

12:10 Discussion
Discussion
12:10 - 13:00

13:00 Lunch
Lunch
13:00 - 14:00

14:00 User Registration, Account Linking, Grouping management systems and unique identifier
User Registration, Account Linking, Grouping management systems and unique identifier
14:00 - 14:20
Best practices suggest to register the users of resources. Some telescope's requirements state the account linking is desirable. Are the GMSs ready for it? Grouper does not allow the account linking, for example. Some scientists would like to be identify by their ORCID. How to merge all those things together?

14:20 GMS as VO standard
GMS as VO standard
14:20 - 14:50

14:50 Credential Delegation Protocol
Credential Delegation Protocol
14:50 - 15:20

15:20 Break
Break
15:20 - 15:30

15:30 GMS and the credential delegation protocol @ CADC
GMS and the credential delegation protocol @ CADC
15:30 - 16:00
How GMS store the information about the group membership and how the credential delegation protocol is foreseen to intervene in the process.

16:00 Conclusions and discussion
Conclusions and discussion
16:00 - 16:20
Tuesday 19 June 2018

09:00 GMS and GROUPER
GMS and GROUPER
09:00 - 10:00
How to interoperate the GMS and Grouper systems.

10:00 Credential delegation: X.509 vs OAuth2
Credential delegation: X.509 vs OAuth2
10:00 - 11:00
Current implementation of credential delegation is based on X.509 certificates. Is it feasible and how to use instead of X.509 a OAuth2 token? What are pro and contra (security, API reliability, complexity etc..) ?

11:00 Break
Break
11:00 - 11:20

11:20 Discussion - Authorization sharing with the account linking
Discussion - Authorization sharing with the account linking
11:20 - 12:50
How to include the sharing of Authorization tokens using the account linking mechanism?

12:50 Lunch
Lunch
12:50 - 13:50

13:50 Discussion - Authorization sharing with the account linking - cont.
Discussion - Authorization sharing with the account linking - cont.
13:50 - 15:50

15:50 Break
Break
15:50 - 16:20

16:20 Conclusions and any other business
Conclusions and any other business
16:20 - 16:40