Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Participants

...

Panel
titleContact dataProposers


NameOrganisation
GARR



Please provide contact details for
Panel
title
GN4-3 project team


participants involved in this activity
 
Name
Email
OrganisationRole
Submitter name & email:
mario.reale@garr.itP.I.Other participants
GARRPI
michael.schmidt@lrz.de
DFN-LRZScrum master, Member
Tamas

Tamas Frank

frank.tamas@wigner.mta.hu
KIFUDev
Sergio Gómez
sergio@uco.es
RedirisDev
alan.lewis@geant.org
GEANT associationMember
Niels van Dijk
niels.vandijk@surfnet.nl
SURFNETMentor



janusz.ulanowski@heanet.ie
Panel
titleContact data of Parties involvedStakeholders


Name

Organisation

Role 
Davide VaghettiGARRGN4-3 eduGAIN service owner
Marco MalavoltiGARRGN4-3 Campus IdP Toolkit developer
 Janusz Ulanowski HEANet

Please provide names and contact details for additional (external) organisations involved in this Incubator project

Organisation Name
Person names
Person emailRole within pilot
GN43- WP5 T1

Marco Malavolti

marco.malavolti@garr.itOcciasional support for Ansible Dev 
 HEANet Janusz Ulanowski
 Initial / Occasional support for APIs
   


Activity Overview

Panel
titleDescription

The GN4-2 project developed a solution to offer an IdP as a Service solution for hosted IdPs. This incubator investigates the business case of this solution to investigate how this solution could be made into a sustainable service offering.
When the incubator is finished, a business model for the provisioning of the GEANT IdP-a-a-S IdPaaS platform will be made available, defined in its fundamental parts. The business model will define for the IdP-a-a-s IdPaaS platform the following key points:

  1. Added value of the IdP-a-a-S IdPaaS platform with respect to the current provisioninig model for Identity providers in eduGAIN / GEANT community
  2. What will be the provided product: Deployment model and service provisioning scenario, after identification of the service target users
  3. Key benefits for : a) End Users b) Individual Home Institutions IdP managers c) Federation operators
  4. Product Service deployment requirements and service lifecycle management
  5. Raugh estimate of the costs to provide the service

In addition to the business model, the Incubator IdP-a-a-S IdPaaS task will work to consolidate the current provided GN4-2 platform, with the aim ofto:

  1. Add a set of minimal required functionaliy functionality to make the product consistent and attractve attractive for target users, like:
    1. Add to the current "spawn new IdP" functionality also the "IdP management/Configuration updates" functionality.
    2. Make the platform to be an eduGAIN Service Provider accessible via federated credentials.
    3. Add the necessary hooks to onboard Home Organization IdP admins ( without federated credentials available initially).
  2. Consolidate the product in terms of robustness, testing, stress testing , and scalability.
  3. Package the product to ease the deployment.
  4. Integrate the platform with the required additional services to support a reasonable and concrete deployment scenario.
  5. Document the service for
    1. End Users
    2. Service Providers
    3. Service Maintainers

Also, given the option to adopt a full fledged developed solution made available by the SAMLIDP.IO company, this task will assess the possibility to endorse this platform, further developing it where/if needed, and bless it as the provided solution as an alternative to the GN4-2 Campus IdP platform.


Panel
titleGoals
  • Develop
Panel
titlePilot goals

Please describe the goals of pilot, including activities, participants, the community(ies) that require a solution. Describe when the pilot is done and how to measure the success of it, in a SMART way.

  • It develops an initial (crude but working) demo of the service
  • Defines Define target audience and collects collect target audience
  • Collects Collect requirements from target audience
  • Provides Provide all basic required functionality
  • Gathers Gather initial feedback from potential users
  • Paves Pave the way towards PLM cycles if required
  • Contributes Contribute to validating associated cost model


Provide a pointer to background
Panel
titleBackground information
information

GN4-2 Platform (P1):

Node.js general introduction / tutorials material ( APIs)

Intro video https://www.bing.com/videos/search?q=node.js+introduction&docid=608046180896409050&mid=715B13197C185AD899FE715B13197C185AD899FE&view=detail

SAMLIdP.io Platform (P2):

...


Activity Details

Please describe the technical for this pilot.
Panel
titleTechnical details
details

Technologies P1 : Ansible, JavaScript, Node.js, React, Python

Technologies P2: Simphony, SimpleSAMLphp

P1 Architecture Overview Document: https://docs.google.com/document/d/1ho3WClfRVJ5sjUDqskmjBDSKpvPPoL6vlUXfcHGXKRA/edit#

P2 Architecture Overview Document: http://bit.ly/samlidpio-arch (including further developments)

New required/desirable features for the Campus IdP platform: https://goo.gl/GH7J2D


Panel
titleBusiness case

What is the business case for this Incubator project? Who would be customers of this solution and what would potential business case look like?

The business cases is based on an initial survey for NRENs on (cloud) IdP solutions conducted in GN4-2 (IdP_NREN_Survey.pdf).

...

Panel
titleData protection & Privacy
  • Compliance to the GEANT CoCo GDPR related Entity Category should ensure compliance to EU Regulation on Data Protection ( EU GDPR) for the operators of this product.
  • The product by itself should implement commonly agreed technical solutions to ensure security, privacy and data protection.


Panel
titleDefinition of Done (DoD)

This activity is successfully finished when:

  • Minimal viable product definition for the IdP as a service offering is created
  • The MVP has been discussed and validated with the community
  • An analysis is made and reported around the business case for delivering a solution for IdP as a Service
  • A working prototype is made available for installation by an NREN

How do data protection and privacy impact this Incubator project? Think about e.g. handling of personal data of users

<Enter here>


Panel
titleSustainability

The aim of the incubator is to come up with a deploy-able solution for NRENs
The software product(s) may be further developed with a community of NRENs using the product, potentially with support of the GEANT project

Activity Results

Panel
titleResults

The activity as defined in this project description was redesigned to reflect fundamental changes to the initial goals and requirements.

The initial idea was to deliver a fully fledged IdP as a Service solution to organisations by creating a platform hosted by either GÉANT or NRENS. During the course of this activity it turned out that this does not match the demand of the R&E community. Although there is a potential market for an IdP as a Service offering, especially for small and medium sized institutions, this solution should be very lightweight in a way that is is really easy to use, deploy and support basic functionality only. There is also no real demand for a GÉANT hosted service or supported product, because the time to market is considered a critical aspect by the community. There is also a high interest in combining locally hosted software with commercial and NREN offerings, which requires a highly modular software design.

Considering the reasons stated above, it was decided that a major change of the activities direction is required to match the community needs, which is documented in the IdP as a Service RfC. Therefore, the activity described will be changed and the effort to create a IdP as a Service solution will be continued under the new name IdP as a Service Software Solution with a different mission statement.

When this Incubator project is completed, do you intend to continue using the solution? If yes, can you describe how you intent to sustain it? (E.g. through own staff, by using an e-Infrastructure provider, ...)

<Enter here>

Meetings

Date

Activity

Owner

Minutes

February 6, 2019

Kickoff meeting

 Michael SchmidtIdP service kick off.pdf
 March 29, 2019 Minutes Alan Lewis
 April 04 2019 Minutes Alan Lewis
    
    









Documents

(Attach any documents to this page to get them listed.)

...