Community News

Trust and Identity on the West Coast

It’s been a busy week for the GÉANT Trust and Identity family at the Internet2 Global Summit in San Diego.  As well as enjoying the beautiful weather, we’ve been active presenting, participating and learning in sessions throughout the conference.  There were too many meetings and discussions to capture fully, but here are some of the highlights and lessons from our week.

One of our first sessions of the week was the focus on international security efforts with a focus on the “T” part of our portfolio. This session discussed the importance of building trust environments to support effective security service delivery on a global scale. We joined presenters from CANARIE, Internet2, Jisc and AARNet to talk about how we are building trust environments and the importance of looking at all aspects of trust from technical, policy and human perspectives. This included updates from the Global NREN Security Forum, security developments in Canada and information on GÉANT groups such as TF-CSIRT, SIG-ISM and WISE. The session was netcast and is available to watch!

Our next stop was an update on GDPR, with a general update and then a specific focus on the GÉANT Trust and Identity services. With over 100 people in attendance, it was clear that GDPR has become globally pervasive. The interactive session included some questions to the room on their thoughts on GDPR, and the results below speak for themselves.

The GÉANT team of Marina, Nicole, Pal and Miro presented the detailed work that has been undertaken to ensure the GÉANT Trust and Identity services are fully GDPR ready, and to ensure the community has the support it needs to meet obligations. More information on this work is available on the GÉANT wiki.

An opportunity to learn was next up on the agenda, at a session on Trust and Identity at Internet2.  I was particularly impressed with the InCommon Baseline Expectations programme, which is seeking to improve the maturity of entities within InCommon in a series of important areas such as security and well-formed and complete metadata. This is a topic that is very important for eduGAIN and something we hope to address with the upcoming eduGAIN Best Current Practice work that will be rolled out over the next 12 months, seeking to improve the quality of metadata and maturity across all eduGAIN entities.

The eduGAIN Steering Group meeting was an opportunity for us to bring a regular eduGAIN meeting to a live audience in San Diego, and to be joined by Federation Operators around the globe. Topics included the current membership status, finalising the new SAML profile for eduGAIN, the impact of GDPR and its implementation in eduGAIN and some open questions about the implementation of the REFEDS Research and Education entity category.

The MACE directories BoF focused on a topic close to my heart: how do we ensure long-term homes and sustainability for the standards we use within our community?  MACE-Dir has been a working group at Internet2 for a significant number of years and is responsible for essential schema – such as eduPerson.  As working groups within I2 are reorganised, MACE is considering the best long-term home for its outputs and work.  The group had an interesting and focused discussion on the importance of development being:

  1. close to the people who care about and use the work;
  2. easily communicated to people who are not involved in the work on a daily base;
  3. developed in open fora.

REFEDS is keen to support MACE-Dir as it moves forward to its next incarnation.

One of our final sessions was a showcase of the family of federated identity work that is currently supported by the GÉANT community. This included an overview of the AARC blueprint and policy work, how CILogon is implementing AARC recommendations, an update on FIM4R, details on planning for the new large-scale “GN4” project and a report on work GÉANT is undertaking to support the APAN region.   With the wealth of work produced, it can be difficult to prioritise what is important to the community.  A quick audience quiz highlighted the need to ensure we get the basics right and to not innovate to far ahead of ourselves without the focus on the core.

There were many more sessions, conversations, ideas, thoughts and plans than I can include in this post and we head home with many new work items!  With thanks to the Internet2 team for hosting us – we hope to see many of you at TechEx in October.

Skip to content