This activity is the continuation of the former IdP as a Service Business case activity, which goals and direction was fundamentally changed. It is about designing an open source software targeted at NRENS that is capable of automating the process of deploying and managing IdPs. This software shall offer a platform that can be used by institutions to configure, create and deploy an IdP through an easy to use graphical user interface (GUI). Instead of just implementing such a software, an open design of such a platform shall be defined based on the features needed in the R&E community. This design shall be used to create a reference implementation for the open source community, but it will enable other vendors to offer similar products as well. 

The activity will contain the following tasks:

IdP as a Service Software Design
Creation of a specification that describes a Minimum reference architecture and Minimal Viable Product definition for an IdP as a Service platform in the context of R&E federations. We validate this against the eduGAIN community and present it as a baseline for any IdP as a Service offering.
This way we offer value as we set the baseline for any requirements and potential procurement by NRENs or federations.

Creation of a Reference implementation
We create a Reference implementation of the above ‘IdP as a Service baseline’. This reference implementation provides a simple, easily deploy-able solution that offers techncally all the features of the ‘IdP as a Service baseline’. Support is however out of scope. It is an open source product which may be picked up by whoever wants to use it. We may support an NREN community around this product. We should make running this IdP as a Service platform as easy as deploying a Wordpress instance. Yet clearly, to offer such a platform properly and securely, much more is needed, which is left to the operators.

This way we create a product that can be used to validate the baseline. At the same time we offer a solution to those NRENs who need something and want to offer such a platform themselves. Finally we enable commercial vendors to offer a solution based on this if they want to do so.

Vendor products
We invite vendors to (self) asses their service offerings against the above ‘IdP as a Service baseline’. We publish these results in our community. They may offer a solution based on the reference implementation, but now including support features and possibly additional technical features. However if they have another product they want to use that is fine as long as it meets the baseline needs.

• Collect requirements from the R&E community
• Define a software specification and design based on the community requirements
• Develop a prototype that implements all basic requirements
• Provide all basic required functionality
• Gather initial feedback from potential users

The the software created is based on the already existing open source software samlidp.io (https://github.com/samlidp/samlidp.io). This software does already include a sound code base and was already used in production at samlidp.io

Technologies: PHP, Simphony, SimpleSAMLphp

The business case of this activity is to enable NRENS to offer an IdP as a Service solution by providing them a software solution that supports the automatic deployment and management of R&E compliant IdPs.

• The software design generally allows compliance to CoCo and GDPR requirements.
• The software itself is based on commonly used technologies and implements state of the art security measures to ensure security, privacy and data protection.
• The implementation of security measures and compliance to privacy and local laws is up to the organization using the software to offer a service.

This activity is successfully finished when:

• A feature specification of a software that supports an IdP as a Service offering is described
• A technical design and reference architecture of the software is created
• The specification and design package is published and verified by the community
• A software prototype using the specification and design is implemented
• The prototype is documented and publicly available

The aim of the Incubator is to deliver a sustainable open source software to the community.

A long term goal is to gather organizations from the R&E community to take care of the software. A further involvement of the Incubator or the GÉANT project is not in scope of this activity. There might be consecutive activities started if demanded by NRENS.

Ongoing