In February 2019, the GÉANT Trust & Identity (T&I) Incubator held its first kick-off meeting, which was met with a sense of anticipation and hope. This new initiative, part of the GN4-3 T&I work package, aimed to create a space for experimenting with new ideas and technology, without drawing significant resources from the T&I services, which must continuously run, upgrade, and maintain themselves.
Words: Mihály Héder, HUN-REN SZTAKI Institute for Computer Science and Control, Andrijana Todosijevic, AMRES, and Grace Cooper, GÉANT
A safe space to take risks
Innovation has always been unpredictable, but that’s what makes it exciting. The Incubator offered a space where uncertainty, novelty and risk could be explored in a controlled way, while still aiming to maximise impact and manage cost. During the initial meeting, key principles were introduced that remain at the heart of our work today. It followed an agile-like approach, using Kanban boards and Scrum Master roles. Activity is organised into short six- or seven-month cycles, ensuring that ideas either show progress early or are stopped. Most topics include subject matter experts in an advisory role, and each cycle brings together a combination of students, junior colleagues, and experts from the GÉANT community to create a hands-on learning environment.
Seven years, eleven cycles, and still evolving
Over time, this approach has been applied across multiple cycles and a wide range of topics, building a substantial body of work that reflects both community priorities and the evolving needs of T&I across GÉANT. What began as a small set of experiments has grown into a portfolio of 52 completed topics, with outcomes ranging from immediate impact to ideas that proved their value years later.
Now entering its eighth year and the 12th cycle, the Incubator continues to evolve. An important lesson from the journey is that innovation isn’t only about trying something new, but also about learning from earlier cycles and using reflection to better understand impact.
Several key patterns began to emerge, including almost every topic choice sourced from the community through various methods, proved to be relevant over time. This reflects the strength of collective expertise within the GÉANT community. For example, in cycle one, we engaged with Trust Marks and developed the OIDC module for Shibboleth IdP, both of which proved to be quite crucial in the upcoming years.
Timing, however, is rarely predictable. Some ideas arrive too early to be adopted, but that does not make them wasted. Our work on ORCID as IdP or Distributed Vetting was explored ahead of its time, only to become relevant later. The same goes for our decisive efforts to OpenID federation and non-web SSO techniques. Because we always record demos and publish documentation, others can pick up the ideas and use them when the moment is right.
Not every experiment succeeds, and that too is part of the model. When results are shared openly, even unsuccessful experiments provide value. When the vendor behind our distributed hardware-based signing module unexpectedly went bankrupt mid-project, it disrupted the proof of concept. This became a valuable lesson in risk management, demonstrating that it is better to test risky ideas in the Incubator, where setbacks become lessons, and not disruptions in production.
Growing talent alongside innovation
Through the Trust & Identity Incubator Mentorship (TIM) programme supported by GÉANT Learning and Development (GLAD), we’ve welcomed 11 students so far. Our current team spans across 14 organisations, driven by young professionals passionate about advancing our shared digital T&I frameworks. Many of those who have participated in the Incubator have gone on to become experts with NRENs, GÉANT, or elsewhere in our ecosystem.
Powered by the GÉANT community
Finally, our progress would not have been possible without you, the wider GÉANT community. Your ideas, questions, and challenges inspire new Incubator topics and keep us moving forward. We love hearing your suggestions at events and meetings, and these conversations fuel our creativity, helping to shape the future of T&I services while staying closely aligned with real community needs.
“Without the Incubator, we could not have started the eduGAIN OIDFed pilot.” Davide Vaghetti, Task Lead of eduGAIN
Seven years on, the incubator remains what it was designed to be. A place where the community can take risks and learn together, turning ideas into shared progress.
To learn more, visit the TIM Incubator website: trustidentity.geant.org/ti-incubator
