Guest or 'Homeless' IdPs are Identity Providers for end users who are not able to access (inter)federated services otherwise, like

  1. nomadic users (those without a “home” organization, such as “long-tail” researchers),
  2. citizen scientists, and
  3. users belonging to an institution that is not able to operate an Identity Provider (IdP), or one which operates a stand-alone IdP which is not part of an established federation.

While target groups 1 and 2 can be categorized as “homeless users”, group 3 will be referred to as “IdP-less users”. For an in-depth coverage of this topic including definition, motivation and existing technical solutions please refer to the AARC deliverable [MJRA1.2] “Guest Identities”.

Considering a classical identity federation, which is typically operated by an NREN, the legal entity acting as federation operator, is the central contractual partner of all participants, both service providers and IdP operators, the latter usually being home organizations. Acting as policy-making authority and legal hub, the federation operator ensures the mutual trust between the participants. Based on this model, this document describes in more detail some variants in the relationship between federation operators and the actors involved in operating an IdP, discusses the applicability of those models to Guest IdPs, and points to a range of sustainability models whose applicability depends on the collaboration scenario.

  • No labels