You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Participants

Proposers
NameOrganisation
Niels van DijkSURF
GN4-3 project team
NameOrganisationRole
Branco
Core team member
MihalySZTAKICore team member


Stakeholders
Name

Organisation

Role 
ChristosGÉANT
David G

KlaasGÉANT
Leif

Mikeal Linden

Activity overview

Description

This activity explores the use of a distributed approach to provide digital identities.

Activity goals

The aim of this activity is to collect requirements and use cases for the use of distributed identity to enable a subsequent POC.

Activity Details

Technical details

Researchers needs access to many, often distributed, resources. For this propose, many services support federated identity, which leverages the identity management solutions from a home institution to handle authentication and provide a basic set of profile information in the form of claims. In most cases, the home institution profile needs to be complemented with information from the research community, like for example group memberships. Also additional registries may need to to be consulted, e.g. to get specific identifiers like ORCID.
The combined set of information is then delivered at a service so it may allow the user in. Today this flow is typically facilitated by a community AAI, where a membership management component acts as the community registry and a proxy is used to collect and then redistribute the required profile information.

A new paradigm, Distributed Identity, tries to let user be in direct control of the profile information they share with services. Rather then letting others provide claims towards a service, the users collects claim themselves from various sources and independently provides these when so requested by services. The services can check the validity of these claims against a central verifiable claims registry.

This activity investigates the functional requirements for such a system by interviewing key stakeholders. Next it tries to create a proof of concept platform to test and validate the requirements. The intent is not to build up a Distributed Identity platform from the ground up, but to use an existing platform. However creation of certain bridging elements to handle protocol translation is assumed to be required as part of the activity.

Business case


Risks



Data protection & Privacy

The activity does not affect data protection or privacy.


Definition of Done (DoD)



Sustainability


Activity Results

Results

The activity is still ongoing

Meetings

Date

Activity

Owner

Minutes




















Documents

No files shared here yet.



  • No labels