Enabling Federated Access in International Research Collaborations
Time 04/25/17 03:00PM-04:00PM
Room Meeting Room 5
The adoption of federated identity access in the academic and research institutions is growing rapidly at regional, national and international levels. This has important implications for the assurance associated with identity data and attributes issued and handled by federations, which must rely on their many member institutions to validate identity information consistently.
Established in 2005, the Interoperable Global Trust Federation (IGTF, http://www.igtf.net/) has developed and employed standard profiles and policies for accrediting authentication providers (APs) serving the international research and education (R&E) community. IGTF has recently refactored these AP profiles and policies in terms of authentication assurance levels. IGTF and the Terena Academic CA Repository (TACAR) maintain distributions of accredited authentication provider data. These are used daily by relying parties (RPs) in numerous international HPC and science projects and collaborations to authenticate the identities of users, systems and services worldwide. While the need for trusted authentication providers (APs) continues, the landscape for identity providers (IdPs) relied upon by these APs has changed over time.
In the last five years, eduGAIN (http://www.geant.org/Services/Trust_identity_and_security/eduGAIN) has grown to become a global service that interconnects R&E identity federations around the world, simplifying access to content and resources for the international R&E communities. eduGAIN enables the trustworthy exchange of information related to authentication, authorization and identity (AAI) at a global scale, thus establishing a solid foundation for worldwide federated access in the R&E communities. InCommon, the trust and identity federation operated by Internet2, joined eduGAIN in April 2014, with full participation as of February 2016.
Research requirements for using institutional credentials to access different services has brought the IGTF and the identity federations worlds closer to each other. For instance, the InCommon CILogon service, accredited under the IGTF Identifier-Only Trust Assurance (IOTA) Profile, is serving a rapidly increasing role in facilitating credential issuance using federated IdPs worldwide.
The Authentication and Authorisation for Research and Collaboration project (AARC, https://aarc-project.eu), started in May 2015, is another effort that aims to champion the adoption of federated access for international research collaborations. To that end, AARC has been working together with e-infrastructures, research infrastructures,and AAI architects to collectively define a set of architectural building blocks and implementation patterns to allow the development of interoperable technical solutions for international iand interdisciplinary research collaborations.
In this session, we present the latest developments and the achievements in AAI in the Trust and Identity space, focusing on the aspects of international research collaboration. Leaders representing AARC, eduGAIN, IGTF, InCommon/CILogon and International R&E efforts will give brief presentations summarizing current efforts, lessons learned, and future directions for their projects, followed by an open panel discussion.
Moderator Licia Florio GÉANT
Moderator Derek Simmel Carnegie Mellon University
Speaker Christos Kanellopoulos GÉANT
Speaker Paul Van Dijk SURFnet
Speaker David Groep GÉANT
Speaker Alejandro Lara REUNA (Red Universitaria Nacional)
Speaker James Basney University of Illinois - Urbana-Champaign
Speaker Derek Simmel Carnegie Mellon University
Speaker Christos Kanellopoulos GÉANT
Primary track Trust and Identity