A single, unifying technology that enables you to effectively manage and control access to a wide range of web and non-web services and applications.
Started 1 Apr 2013
Development complete, with ongoing updates.
This initial open source development project was completed in March 2015.
The work from this project led to the creation of the Assent service and the ongoing updates and developments to the open-source Moonshot technology community project. (The Assent service was retired in December 2020.)
Services that can use Moonshot include cloud infrastructures, high performance computing, grid computing and commonly deployed services such as email, file store, remote access and instant messaging.
Moonshot is a technology, based on the IETFs Application Bridging for Federated Access Beyond web (abfab) open standards that aims to enable federated access to virtually any application or service.
Moonshot builds on deployed, proven technology, including:
- Authentication as used by eduroam (EAP/RADIUS)
- Authorisation as used by many national federations (SAML)
- Service/application integration as used by many major applications (operating system security APIs).
What we've done so far
In April 2013 we began a pilot project to implement Moonshot technology with participating pilot sites. This has helped us to gather and understand requirements, at both a technical and usability level. This engagement has shaped and driven the continued development of the code to a stable level, now deployed and utilised by an increasing number of pilot sites.
In March 2015 we established and made available a trust router, the Assent service, which pilot sites have started connecting to. The trust router is a scalable mechanism which enables organisations who are running Moonshot to communicate with one another. Trust routers are an important part of our infrastructure that can help different groups of users (communities of interest) to gain access to resources at a level of security that they are happy with.
Feedback from some of the participating pilot sites include:
University of Glasgow
“Glasgow is seeking to test Moonshot authentication on its own Cloud storage and sharing platform, allowing federated access to UK staff and students and reducing the overhead of managing accounts for externals. We currently have a local Moonshot IdP which is connected to the live campus eDirectory infrastructure, and are looking at deploying an initial Moonshot-enabled SSH server for first testing with a live service, before investigating integration with Apache Web Server.”
John Watt, University of Glasgow IT Services - IDM
University of Murcia
The University of Murcia in Spain who have been deploying and testing Moonshot in several applications, ranging from the more complex ones, such as OpenStack Cloud services, to the more traditional ones, such as SSH. The research team from Murcia, consisting of Gabriel López, Alejandro Pérez and Rafael Marín say:
“We have been also testing the Trust Router software, and we are currently working on the establishment of dynamic trust relationships between the University of Murcia's Moonshot-based services, and external testbeds such as those running at the University of Kent (UK) and Janet. This work has been mainly done under the CLASSe project as part of the GEANT GN3+ European project.”
What we're continuing to do
Work has not stopped. Since the launch of Assent, we're continuing to:
- Gather requirements and feedback, improving the core software in response with new features
- Engage with the research and educational communities to find use cases and promote the use of Moonshot as a solution
- Add to the supported OS platforms where requested by the communities
Stay in touch
The Moonshot wiki provides information at an introductory and in-depth, technical level, along with FAQs and instructions for deploying and working with Moonshot and trust router technology.