Primary funding is provided by the JISC and ESRC. Based at Manchester Computing, The University of...
-
Upload
domenic-weaver -
Category
Documents
-
view
215 -
download
0
Transcript of Primary funding is provided by the JISC and ESRC. Based at Manchester Computing, The University of...
1Primary funding is provided by the JISC and ESRC. Based at Manchester Computing, The University of Manchester.
1
A2Z – Akenti Access to zetoc
Ross MacIntyre
A2Z Overview
2
Project Aims
• Implement & Evaluate Akenti in a JISC service environment (zetoc)
• ‘Grid-enable’ the zetoc service & demonstrate accessibility from e-Science project (myGrid)
• Identify associated implementation issues for JISC service providers
A2Z Overview
3
Tasks & Progress
• zetoc demo environment (month1)• Digital certificate authentication (month 2-3)• Akenti installation (month 3-5)• Authorisation policy (month 4-6)• Akenti knowledge transfer (month 5-7)• my-Grid enablement (month 8-10)• Technical evaluation (month 10-12)
A2Z Overview
4
zetoc Search
• Authentication/authorisation – IP/Athens
• Institutional identifier e.g. ‘man’
– eScience Digital Certificate• Dummy institution ‘mid’
• Application links to institution’s settings e.g. library logo
A2Z Overview
5
zetoc Alert
• Authentication/authorisation – Athens
• Personal Username e.g. ‘man-zzaalsrm’• Access Username e.g. ‘man-mimas’
– Application prompts for list name
– eScience Digital Certificate• Environment Variable (SSL_Client_DN)
• Application locates associated alert list(s)
A2Z Overview
10
Stakeholders
• British Library – DATA– BL Reader in Reading Room
(£0)– ‘ac.uk’ (£0)– NHS
• England (£0)• Scotland (>£0)• Wales n/a• N.Ireland n/a
• JISC – MACHINE & SUPPORT– BL (£0)– ‘ac.uk’
• TAU List– HE (£0)– FE (£0)– RC (£500pa)
• CHEST List– Associate (£500pa)– Affiliates (£500pa)
– NHS• England (£4,000pa)• Scotland (£500pa)• Wales (£500pa)• N.Ireland (£500pa)
MIMAS – If licence > £0, has it been paid? (From_To?)
A2Z Overview
11
Root Policy
• Root Policy Issuers DN & CADN• Name of Resource “zetoc”• List of CAs
– Full list of CAs– Where to find their signed certificates
• Use Condition’s Configuration = For each Stakeholder– Who is allowed to issue Use Conditions– Where these Use Conditions are
• Optional Global declaration of locations of attribute certificates
A2Z Overview
12
Use Condition for BL
• Who issued this certificate
• Resource Name = “zetoc”
• Constraints incl. Critical = true
• Logic (group=BL_Reader)||(IP=ac.uk)||
(NHS=England)||(NHS=Scotland & Licence=PAID)
A2Z Overview
13
Logic Evaluation
• Group = BL_Reader -> system IP check• IP=ac.uk -> system IP check• NHS=England -> Akenti requires
certificate signed by NHS_England• NHS=Scotland -> Akenti requires
certificate signed by NHS_Scotland• Licence=PAID -> system check: “yes” in
a file somewhere.