Umbrella Bring the Umbrella system into production Next

Зарегистрируйтесь, чтобы просмотреть полный документ!

Umbrella Bring the Umbrella system into production Next steps 1 Björn Abt - Swiss. FEL PSI 05. 06. 12

Umbrella Productionalize the Umbrella • • 2 Following steps need to be implemented to allow productional use of the Umbrella system: Deploy Umbrella on state-of-the-art hardware. A proactive monitoring of the Umbrella system is necessary to find errors or crashes in realtime and to react on them. The user data needs to be backed up and made sure that it can be restored(!). Geographical distribution and clustering of the Umbrella both helps in high-availability and load-balancing. Ideally a DNS based geographic load balancing strategy is used to ensure that endusers will reach the nodes closest to them. Naming conventions for the federation metadata must be established and cultivated. A clear directive on how service providers must be configured must be provided. Björn Abt - Swiss. FEL PSI 05. 06. 12

Umbrella Productionalize Umbrella Security Check • A professional and independent security check must be conducted to ensure the integrity of the security of the Umbrella: – A conceptual check to find flaws in the design – A penetration test to find holes in the implementation • • 3 This security check will deliver a review with found flaws and proposed solutions. A counter measure catalogue must be established and gradually implemented. After implementing counter measures the Umbrella must be tested on these flaws again. Ideally a periodic security check on the Umbrella is conducted to maintain a high level of security to its users. Björn Abt - Swiss. FEL PSI 05. 06. 12

Umbrella Productionalize Umbrella Rollout the Umbrella • The implementation of a distributed system cannot be done in one step. Following partitioning is planned: – Rollout and productionalization of the Identity Provider and all central services – Integration of local services and web user offices. • • The functionalities of the Umbrella system have been modularized. This allows a step-by-step implementation and also skipping steps. Still unclear on the selection of the rollout strategy: – Step-by-step facility SP integration – All facilities at once SP integration 4 Björn Abt - Swiss. FEL PSI 05. 06. 12

Umbrella Productionalize Umbrella extensions to implement Umbrella extensions Mandatory extensions Optional extensions • 5 User Authentication Attribute Updater Proposal Module Indico Security Token Service . . . The optional extensions can be skipped if unwanted but not the User Authentication Björn Abt - Swiss. FEL PSI 05. 06. 12

Umbrella Productionalize Umbrella Rollout strategy • Step-by-step facility SP integration strategy: – 2 -3 facilities to start integration with – Other facilities can join on demand – Extensions can be implemented on demand • All facilities at once SP integration: – All facilities start at one point and implement at least 'User Authentication' – Other extensions can be implemented on demand Pros Step-bystep All facilities 6 Cons Resource friendly Ensure functionality at an early stage Björn Abt - Swiss. FEL No timely readiness Difficult planing of resources PSI 05. 06. 12

Umbrella Productionalize Umbrella Thank you for your attention! 7 Björn Abt - Swiss. FEL PSI 05. 06. 12

Скачать презентацию Umbrella Bring the Umbrella system into production Next

df3784eca72ef9de6e4ba3a1a3752e10.ppt

Количество слайдов: 7