Page History

• Analysis of user- community requirements
• Existing AAI and available technologies for federated access
• First Draft of the blueprint architecture (still work in progress, but preliminary work available here)

Pilots started (status January 2016)

Based on the guiding documents of the AARC architecture (JRA1) and the AARC policy harmonisation (NA3) activities we commenced a first cycle of pilots:

• In task 1 "Guest Access" we started a pilot to involve Libraries in the identification and hands-on implementation of relevant solutions to support their migration from IP-based authentication against publishers' online resources to a SAML/federated bases approach 
• In task 2 "Attribute Management" a pilot aiming at testing the usability of SAML based attribute authorities to regulate service access authorization has started. In the specific case of this pilot the services to be approached are Cloud services. The Attributes Authority used in this context is PERUN developed by CESNET
• In task 3 "Access to Resources" quite some progress has been made in establishing token translation pilot services. One pilot focuses on the application of CI-Logon components + add-ons to bridge the gap between the world of SAML based authentication (NRENs) and that of certificate based authentication (GRID and e-infrastructure providers). In a second pilot we assess the feasibility to enable non-web single sign-on based on LDAP Facade, developed by the Karlsruhe Institute of Technology. At the same time we started to engage a number of service providers to pilot with provisioning their services as a service provider or attribute authority. One example is ORCID. ORCID.org offers researchers a persistent life long digital ID. Providing access to ORCID with a federated account and including ORCID as an Attribute Authority may provide interesting clues for Research Communities & AAIs. Read more about the pilot with ORCID in AARC: see powerpoint

With these efforts we already identified interesting clues, challenges and future paths for development to bridge different research infrastructures and communities. By performing these pilots we will be able to assess suitability of the chosen components in practice and how well they match with user and security requirements. Further details and updates will follow soon.

More details per task are available here: