2021 NSF Cybersecurity Summit Workshop on Token-Based Authentication and Authorization (WoTBAn&Az 2021)
Basney, Jim
The SciAuth project is co-organizing the 2021 NSF Cybersecurity Summit Workshop on Token-Based Authentication and Authorization (WoTBAn&Az 2021). Please plan to participate. See below for details.
Regards,
Jim
________________________________________
From: Basney, Jim <jba...@illinois.edu>
Sent: Wednesday, August 25, 2021 11:56 AM
To: All IGTF Members (igtf-general)
Subject: 2021 NSF Cybersecurity Summit Workshop on Token-Based Authentication and Authorization (WoTBAn&Az 2021)
Hi all,
The 2021 NSF Cybersecurity Summit Workshop on Token-Based Authentication and Authorization (WoTBAn&Az 2021) will be held online from 10am to 2pm Eastern Time on Monday, October 18, co-located with the 2021 NSF Cybersecurity Summit. Visit https://sciauth.org/workshop/ for details. Registration is open. There is no registration fee.
Please submit a presentation proposal! To present at the workshop, please send the names, affiliations, and emails for the presenters along with the title and a short description of the topic to be presented to work...@sciauth.org by September 14.
Thanks,
Jim
-----
About the Workshop
As the worldwide science, engineering, research and academic communities have become more interdependent to pursue and succeed in their missions, so too has the need for interoperable, usable, and manageable approaches for authentication, authorization and identity (AAI) infrastructure that build upon federated identity and group management solutions to ensure consistent access standards, enforcement and protection of CI resources and assets. Decades of effort in establishing international trust federations and standards for PKI and secure interoperation using digital credentials in the research and education communities have enabled essential interoperability, security and trust for national and international science collaborations. As more web-based computational science and data applications, workflows and automated pipelines are deployed, a more robust, interoperable AAI infrastructure is needed - enter JSON Web Tokens (JWT), an open IETF standard (RFC 7519) for securely exchanging information in digitally signed JSON objects. Many large institutions, science collaborations and national CIs are working to migrate their regional and project-specific AAI infrastructures to JWT-based methods – typically however, in isolation and attending primarily to their local needs and maintaining compatibility with their existing AAI infrastructures. Coupled with international standards for security and authorization information to be contained in these JWTs, we have both an opportunity and an obligation to ensure that best practices are developed and observed to ensure compatibility, interoperability, usability and trust in these implementations.
The inaugural Workshop on Token-Based Authentication and Authorization (WoTBAn&Az 2020) convened online via Zoom on November 30 and December 1, 2020, hosted by TAGPMA. This workshop gathered major R&E CI developers, operators, and service providers, including representatives from Fermilab, Globus, LIGO, SciTokens, WLCG and XSEDE, to present and discuss early implementations of token-based authentication and authorization infrastructures and solutions to understand the challenges faced in migrating to JWT-based AAI, and to identify opportunities and requirements to build common best practices, standards, and trust for token-based authentication and authorization. Several needs emerged from the presentation and discussions, as well as a demonstrated eagerness within the community to collaborate in developing common best practices.
The NSF Cybersecurity Summit offers a unique opportunity to broaden awareness, participation and input to inform the JWT-based AAI development community, and to ensure access to best practices in JWT-based AAI for NSF-sponsored CI stakeholders. The 2021 NSF CyberSecurity Summit Workshop on Token-Based Authentication and Authorization (WoTBAn&Az 2021) will build on the findings, community interest and momentum created by the 2020 workshop to focus on three primary needs: (1) use cases to drive development of interoperable solutions, (2) best practices for token handling by issuers, developers, service operators and users, and (3) security requirements and responsibilities for trust and operations through token lifecycles. The workshop will invite current and prospective developers and stakeholders to contribute their experience and requirements in these areas.
Presentations at the 2020 WoTBAn&Az workshop included:
Token Based Authorisation for WLCG
Globus Auth: expanding the services ecosystem for protected data
LIGO’s use of SciTokens
XSEDE’s Perspective on Token Assurance for Authentication and Authorization
Fermilab’s experience transitioning to token-based AAI technologies
Workshop Chairs
Derek Simmel, Pittsburgh Supercomputing Center
Jim Basney, National Center for Supercomputing Applications
Brian Bockelman, Morgridge Institute for Research
Derek Weitzel, University of Nebraska-Lincoln
Planned Activity and Intended Audience
Following an initial 20-minute welcome and introduction session, four 40-minute presentations or panel sessions from selected contributors will take place, followed by a final 40-minute all-hands discussion and goal-setting session. 5-minute breaks will separate the 40-minute sessions.
The intended audience includes developers, operators, and stakeholders in interoperable JWT-based AAI for the worldwide science, engineering, research and academic communities. We intend for all sessions to be recorded - to capture presenter and audience comments and to make sessions available for later replay online.
Contact Information
Derek Simmel dsi...@psc.edu
Jim Basney jba...@illinois.edu
Brian Bockelman bbock...@morgridge.org
Derek Weitzel dwei...@unl.edu
Acknowledgements
The workshop is co-organized by SciAuth and TAGPMA.
Basney, Jim
The Workshop on Token-Based Authentication and Authorization (WoTBAn&Az) will again be co-located with the NSF Cybersecurity Summit this year. Visit https://sciauth.org/workshop/2022/ for details.
To give a presentation at the workshop, please send the names, affiliations, and emails for the presenters along with the title and a short description of the topic to be presented to work...@sciauth.org by September 6.
Thanks,
Jim
-----
About the Workshop
As the worldwide science, engineering, research and academic communities have become more interdependent to pursue and succeed in their missions, so too has the need for interoperable, usable, and manageable approaches for authentication, authorization and identity (AAI) infrastructure that build upon federated identity and group management solutions to ensure consistent access standards, enforcement and protection of CI resources and assets. Decades of effort in establishing international trust federations and standards for PKI and secure interoperation using digital credentials in the research and education communities have enabled essential interoperability, security and trust for national and international science collaborations. As more web-based computational science and data applications, workflows and automated pipelines are deployed, a more robust, interoperable AAI infrastructure is needed - enter JSON Web Tokens (JWT), an open IETF standard (RFC 7519) for securely exchanging information in digitally signed JSON objects. Many large institutions, science collaborations and national CIs are working to migrate their regional and project-specific AAI infrastructures to JWT-based methods – typically however, in isolation and attending primarily to their local needs and maintaining compatibility with their existing AAI infrastructures. Coupled with international standards for security and authorization information to be contained in these JWTs, we have both an opportunity and an obligation to ensure that best practices are developed and observed to ensure compatibility, interoperability, usability and trust in these implementations.
The inaugural Workshop on Token-Based Authentication and Authorization (WoTBAn&Az 2020) convened online via Zoom on November 30 and December 1, 2020, hosted by TAGPMA. This workshop gathered major R&E CI developers, operators, and service providers, including representatives from Fermilab, Globus, LIGO, SciTokens, WLCG and XSEDE, to present and discuss early implementations of token-based authentication and authorization infrastructures and solutions to understand the challenges faced in migrating to JWT-based AAI, and to identify opportunities and requirements to build common best practices, standards, and trust for token-based authentication and authorization. Several needs emerged from the presentation and discussions, as well as a demonstrated eagerness within the community to collaborate in developing common best practices.
The second Workshop on Token-Based Authentication and Authorization (WoTBAn&Az 2021) was held online from 10am to 2pm Eastern Time on Monday, October 18, co-located with the 2021 NSF Cybersecurity Summit. WoTBAn&Az 2021 was preceded by the October 14-15 OSG Token Transition Workshop. 2021 workshop presentation topics included developments in JWT use for the WLCG, TAPIS API platform, CILogon OIDC authentication for Kubernetes, SciTokens at LIGO, HTCondor, and the transition to JWT use in OSG.
The NSF Cybersecurity Summit offers a unique opportunity to broaden awareness, participation and input to inform the JWT-based AAI development community, and to ensure access to best practices in JWT-based AAI for NSF-sponsored CI stakeholders. The 2022 NSF CyberSecurity Summit Workshop on Token-Based Authentication and Authorization (WoTBAn&Az 2022) will build on the findings, community interest and momentum created by prior workshops to focus on three primary needs: (1) use cases to drive development of interoperable solutions, (2) best practices for token handling by issuers, developers, service operators and users, and (3) security requirements and responsibilities for trust and operations through token lifecycles. The workshop invites current and prospective developers and stakeholders to contribute their experience and requirements in these areas.
Workshop Chairs
Derek Simmel, Pittsburgh Supercomputing Center
Jim Basney, National Center for Supercomputing Applications
Brian Bockelman, Morgridge Institute for Research
Derek Weitzel, University of Nebraska-Lincoln
Planned Activity and Intended Audience
Following an initial 10-minute welcome and introduction session, four 30-minute presentations or panel sessions from selected contributors will take place, followed by a final 30-minute all-hands discussion and goal-setting session.
Dave Dykstra
Will this be a hybrid in-person/online meeting? I don't see it
explicitly say one way or the other. The preconference meetings at
the Summit
https://www.trustedci.org/2022-summit-program
says IN PERSON ONLY but this workshop isn't listed there yet.
Dave
Basney, Jim
The Summit is in-person-only on Oct 18 and hybrid on Oct 19-20, so if we want the Oct 18 workshop to have a remote option, we'll need to run it ourselves. If you'd like to give a presentation remotely, please note that in your submission to work...@sciauth.org.
Thanks,
Jim
________________________________________
From: Dave Dykstra <d...@fnal.gov>
Sent: Monday, August 15, 2022 1:46 PM
To: Basney, Jim
Cc: dis...@sciauth.org
Subject: Re: 2022 NSF Cybersecurity Summit Workshop on Token-Based Authentication and Authorization (WoTBAn&Az)
Dave Dykstra
likely that I will want to observe remotely.
Dave