The UK academic community is currently in the process of deploying Shibboleth technologies to support local (existing) methods of authentication for remote login to resources. This project will explore a collection of case studies from the education and medical domains including those dependent upon Grid technologies.

GLASS:GLASgow Implementation of Shibboleth

The UK academic community is currently in the process of deploying Shibboleth technologies to support local (existing) methods of authentication for remote login to resources. To demonstrate the suitability of Shibboleth for identity and service provisioning across the University of Glasgow, the GLASS project will explore a collection of case studies from the education and medical domains including those dependent upon Grid technologies. This will serve as a useful barometer for the wider Scottish, UK and international academic communities on the suitability of Shibboleth for identity and service provision, and to the Grid community in understanding the relationship between Shibboleth solutions and Grid requirements.

Aims and Objectives

The project will investigate and adopt Shibboleth through a variety of case studies in both education and medical domains in the University of Glasgow. By working with the Computing Service of the university, the project will investigate how the integrated directory infrastructure for unified user account management currently being rolled out across the University of Glasgow can be utilized in a Shibboleth environment. By working with the Southern General Hospital and VOTES project team, the project will implement a Grid Portal with robust Grid-based authentication and authorization mechanism to access Brain-IT data and images.

The specific objectives of GLASS project are to:

  • Develop use cases for Shibboleth-based identity provision using the nSure account management system at GlasgowUniversity
  • Implement software and solutions demonstrating the most pertinent Shibboleth use cases
  • Design various Grid scenarios utilizing Shibboleth where authorization and rich variety of attributes and roles are needed
  • Implement scenarios where Grid based VOs are established and subsequently accessed through Shibboleth including identification of attribute sets needed for authorization
  • Documentation of lessons learned in using Shibboleth in Grid environment
  • Design of Shibboleth use cases and authorization policies for access to brain trauma data sets
  • Implementation of use cases and demonstration of implemented scenarios to NHS and other institutions involved in Shibboleth 

Project Methodology

This work will be undertaken in three phases.

Phase 1
Development of the case studies, including university-wide identity provision, SSO, unified account management, etc..

Phase 2
Dynamic establishment of VOs through Shibboleth with the collaboration from DyVOSE, BRIDGES, VOTES, and other projects at NeSC Glasgow.

Phase 3
Shibboleth-based access to medical data sets with the collaboration from the Institute of Neurological Sciences at Glasgow Southern General Hospital

Implications / Deliverables / Stakeholders

The project will deliver the Case Studies in various areas where Shibboleth technology can be adopted at the University of Glasgow. This will include implementing numerous non-Grid Shibboleth Case Studies including the WebSurf system of University of Glasgow, University of Glasgow Moodle, University Web Mail and file storage. Furthermore numerous Grid-based scenarios with Shibboleth will be explored including access to a range of Grid resources and medical data sets where fine grained security is required. We will provide detailed experience reports to summarize all the issues, challenges, and solutions in the process of adoption of Shibboleth.

The deliverables will be widely disseminated. It is expected the project will have a major impact upon UK e-Science and the already identified limitations of the existing security software being used there. Also it is expected to demonstrate a new way of open collaboration of communities with well engineered, scalable security infrastructures.

Project Partners

Mr Peter Mitchell
Computing Service
JamesWattNorthBuilding
University of Glasgow
Glasgow G12 8QQ
Email: p.mitchell@compserv.gla.ac.uk
Tel: +44-(0)141-330-4854

Mr David Anderson
Computing Service
JamesWattNorthBuilding
Email: d.anderson@compserv.gla.ac.uk
Tel: +44-(0)141-330-4841

Dr Ian Piper
Brain-IT Group Coordinator
Intensive Care Monitoring
Dept. Clinical Physics
5th Floor, Institute of Neurological Sciences
Southern General Hospital
1345 Govan Road, Glasgow, UK, G514TF
Tel:+44(0)141-201-2595
Fax: +44(0)141-201-2592
Email: ipiper@clinmed.gla.ac.uk
Mob:+44(0)7835-110411

Project Staff

Project Manager

Prof. Richard Sinnott
Technical Director, NeSC Glasgow,
246c KelvinBuilding
University of Glasgow
Glasgow G12 8QQ
Scotland, UK
Home page: http://www.dcs.gla.ac.uk/~ros
Email: r.sinnott@nesc.gla.ac.uk
Tel: +44 (0)141 330 8606
Mob: +44-(0)7952-376627
Fax: +44-(0)141-330 8625

Project Team

Dr. John Watt
Security Focused Grid Course Developer, NeSC Glasgow
Home page: http://www.dcs.gla.ac.uk/contacts/search.cfm
Email: j.watt@nesc.gla.ac.uk
Tel: +44 (0)141 330 8647
Fax: +44-(0)141-330 8625

Jipu Jiang
Grid Engineer, NeSC Glasgow

Bookmark and Share
Summary
Start date
1 March 2006
End date
28 February 2007
Funding programme
Core Middleware Infrastructure programme
Project website
Topic