The deployment of Shibboleth infrastructure has reached a point in its evolution where it is possible to develop a production service for the UK National Grid Service. The outputs from the ShibGrid and SHEBANGS project provide tools to enable the user to obtain a grid security proxy using Shibboleth credentials and integrate this with the virtual organisation mechanisms now being used by the NGS to enable VO related attributes to be added to a users security proxy.
The next step is now to take these outputs in conjunction with the integration work of the VPMan project, which enables VO roles defined in VOMS and access control policies defined in PERMIS, to be seamlessly integrated to enable the end user and resource providers fine grained policy driven access control over their resources.
Moving these services into production also builds on the current UK Access Federation and will involve development at both MIMAS and EDINA to develop their prototype Shibboleth services into production for use by NGS users.
The output of the project will define a standard production method for grid enabled Shibboleth controlled access to other resources such as VRE’s and institutional repositories. The project will also provide input to the UK Access Management Federation for defining future requirements for the adoption of Shibboleth 2.0 based solutions.