• Projects & Working Groups
• Scientific Computing
• E-Infrastructure for E-Science
  • News
  • Details
  • Projects
  • Submission
  • Download
  • FAQs
  • PWEG
  • Contact
• Cloud Computing
• Learning Infrastructure
• E-Identity
• ICT Law WG
• Mail WG
• Media WG
• Network WG
• Procurement WG
• Security WG
• Storage WG

AAA session

moderator: Patrik Schnellmann; protocol: Thomas Lenggenhager

Projects presented:

1. UNIL Delegation (Etienne Dysli, UNIL)
2. Assurance Levels (Alexandre Roy, UNIL)
3. AMAAIS (Martin Waldburger, Guilherme Machado, UZH)

Discussion:

Answers to questions to Mathias Rufer (WC3 project) on loading money to account linked to student card
- Costs were not questioned?
  No, the alternatives would cost more.
- AAI protected application sits on the reverse proxy in front of SAP.
- Payment goes to the students account, not onto the card.
- Bank pays to the university and it gets automatically transferred
  into SAP to the right account
- UniFR, EPFL and other universities have the same combination (polyright, SAP)

- ETHZ had to remove cardID from AAI again since students did not like it,
  it would make them trackable! The cardID was also in the LDAP...

- Interest in Kerberos SSO on the IdP?
  - Mathias Rufer (UniNE): especially Claroline users could benefit
  - Daniel Lauk (PSI): chance to leverage for AAI, also for internal resources

Project ideas:

- UniBAS: For the competition autumn 2011
  Stronger authN than username/password
  Implement one technology (not yet chosen), likely some one-time password based
  Requirements
  - Useable on every platform
  - Not too expensive

- UniFR (Bruno Vuillemin, idea from Alain Cochard): BE-NE-FRI has some solution to secure and very much limited access to sensitive (administrative) data.
  A data manager specifies the access to a data set.