In Focus Trust and identity

T&I News from the GÉANT Symposium

One year after the official launch of the GN4-3 project, participants gathered at the Symposium in Ljubljana, Slovenia. The Trust & Identity team had participated in a range of technical and strategic meetings and took the opportunity to celebrate the launch of the InAcademia service.

InAcademia 

The InAcademia team celebrate the launch of the service

Building on top of eduGAIN, InAcademia integrates with research and education federations operated by the NRENs to offer real-time validation of users’ affiliation to specified institutions.

InAcademia verifies in real-time the ’studentness’ of users that request access to services and provides such information to the services in a privacy preserving manner. InAcademia expands the reach of R&E federations by making it easier for services to rely on the federated authentication without having to fully join a national federation.

InAcademia which was piloted in 2019 is now fully operational and new services are being connected. For more information please contact info@inacademia.org or visiting https://inacademia.org .

eduGAIN 

Worldwide growth of eduGAIN

The eduGAIN team used the symposium to present the key developments in the roadmap for 2020. After 10 years from its inception, eduGAIN continues to evolve and grow. The eduGAIN operational team is getting more robust by consolidating day-to-day aspects (such as the metadata feed and related validation tools). The team now also includes a dedicated security incident team, which can be reached at <abuse@edugain.org>.

During 2020, the team will focus on defining baselines to ensure a more consistent behaviour among entities that participate in eduGAIN. This is needed to improve the experience for users when accessing services in eduGAIN and to make sure that eduGAIN continues to offer value to institutions and service providers alike. The work will build on existing best practices developed in FIM4R, AARC, REFEDS and the team will work to turn them into requirements for federations. The work on the baseline is open to anybody interested via the dedicated REFEDS WG.

eduTEAMS 

eduTEAMS expands eduGAIN capability to empower research communities to manage access to their services and their users in a federated manner. eduTEAMS implements the AARC blueprint architecture, enables federated access for different types of services and allows for groups-based authorisation. The number of engagements (mostly with Research Infrastructures) and consequently of developments in different stages grew from 5 to 19 during 2019. Plans exist to introduce eduTEAMS for the GN4-3 project by the end of 2020. Recently, the Photon and Neutron Open Science Cloud (PaNOSC), one of the 5 ESFRI Cluster Research Infrastructures, published an interview on integrating UmbrellaID with eduTEAMS for seamless access to data services.

The eduTEAMS team is working in parallel on a tailored offering for NRENs, with  the service for SURF Research Access Management being the first production implementation of the eduTEAMS NREN offering. The goal is to make the eduTEAMS NREN offering gradually available to more NRENs by the end of 2020.

eduroam 

eduroam continues to expand

eduroam is certainly one of the most popular services and its uptake keeps growing; in 2019 our F-Ticks (monitoring system) recorded an additional 18% year-on-year increase. eduroam also reached another milestone: more than 1 billion international authentication were recorded in 2019. This follows the one billion national authentication recorded in 2016.

It has amazing to have witnessed eduroam usage going from a few hundred participants (and visible spikes in the international authentication statistics) to these latest figures.

The configuration assistant tool (CAT) is proving to be very useful to enable eduroam and support its roll-out with the tool being used by more than 3500 institutions.

To support the deployment of eduroam in smaller institutions, eduroam now offers an eduroam managed IdP service, which outsources the technical setup of eduroam IdP functions to the eduroam Operations Team. The usage of the service keeps increasing, serving now 25 countries. For more information please contact help@eduroam.org.

The team is updating the eduroam policy to align it with the current and future vision of eduroam and more information will be provided shortly.

Enabling communities (EnCo)

The Enabling Community team continues its work to liaise both with other GN4-3 activities as well as the wider T&I community. EnCo supports business development aspects in collaboration with T&I service teams. It also supports T&I engagement activities with the wider eScience community such as FIM4R, REFEDS, IGTF, WISE and general support to maintain AARC results.

How do we manage innovation in T&I ? 

Beside making sure that existing T&I services work smoothly and adding new features to them, the T&I team has an incubator task to manage innovation. The first cycle of the incubator was concluded in December 2019 and the results were presented during the symposium and are also available on the wiki. Since its inception, the incubator has contributed to three open source community projects (SAML.io, Shibboleth OIDC extension and SaToSa).

A new cycle started in January 2020, executing topics proposed by various stakeholders. Ideas can be submitted to the incubator at any time; they will be considered for new cycles if they get supported by at least two NRENs.

The incubator also offers a T&I Mentorship (TIM) programme in collaboration with the GEANT Future Talent Programme and interested NRENs to bring young talent to work in the Incubator for a limited period of time.