***    Presentation about VO platform used in GEANT by Jean M.    ***
 
-First goal was to connect sharepoint to use federated AAI. Pieces of work:
1.define attributes that shaprepoint uses. SP defines which groups and attributes they need 
2. enrolling users through comanage, authorization is from grouper groups
 
-comment by Niels V.D:
It is a generic process for VOs:
1. enrolling people in VOs and assigning groups 
2. mapping grups to roles
3. getting this data to the service 
 

Q: what was the most difficult part to set this for GEANT ?
A:the requirements for sharepoint, and implementing all the steps to make it work. Jean M. will make a white paper documenting this. Mandeep already started to write documentation.
 
 
Q: What are the other systems using comanage?
A:
-tools portal -  already implemented 
-sympa in plan- SGA2 for generic mailing lists for tasks
-for GEANT wiki it is planned to be publicly open
 
***    Intro to VOPaaS   ***

-Looked at existing VOs and looked what they have set up, which components they introduced. VOPaaS dev. team aim is to support new VOs that will need  AAI and leverage eduGAIN.
-Started to build a platform that would have a simple set of services:
1. On boarding service, where VOs can define their workflow for on boarding, depending on their requirements. Workflows are translated into attribute definitions that express membership of a person to the VO. SP first accept auth from the HO of the user, and then queries the VOPaaS for additional user attributes and/or group
2. Service to support persons who are not from R&E - from companies/government etc. There are already guest IdPs. VOPaaS service is to get those existing social identites and guest idp. 
 
Q: Does VOPaaS  provide "real" services? 
A:VOPaaS will work at first with existing collaboration services that NRENs are providing:  filesender, webconf, doodles etc. If VOPaas would ever provide services would be to provide content-less services.Other efforts are to support VOs to connect their services to VOPaaS.
 
Q: Which protocols are used VOPaaS?
A: auth and HO attributes via eduGAIN. Additional attributes and groups via SAML and VOOT
 
Q: What is the deployment model?
A: Want to enable NRENs to be contact point to support research communities
 
Q: How to we help VO managers to make this an easy process?
A: It is assumed that VO manager should be a bit more technically capable than a "normal" vo user. VOPaaS will provide trainings. Maybe use NRENs to deliver local trainings.
 
Q: what would be challenges to convince research communities to use the service?
A:
-SP integration
-why not to use other solutions such as google aps
-sustainability