Federated AAI Sample Clauses
Federated AAI. The AAI aims to provide authentication and authorization infrastructures for EUDAT. The goal is to build on existing infrastructures and work as much as possible, while integrating with existing community practices (and improving on them, if necessary). 36 EPIC test local resolver: ▇▇▇▇://▇▇▇▇.▇▇▇▇.nl/
3.4.1 Implementation plan
1. SSO for members of the project using a single system to authenticate to collaborative services within the EUDAT project,
2. Federated identity management for pilot user communities initially CLARIN and ENES (selected partly because they use Shibboleth and OpenID respectively), and
3. A full and scalable federated identity management integrated with core EUDAT services, and with a framework for extending to other services. In phase 1, CROWD (which is already used by CSC for their Atlassian Confluence service) was integrated with the request tracker (JIRA) by CSC. Therefore the JIRA service was extended to consume ▇▇▇▇ identity assertions issued by the CROWD system in order to map these to usernames. Other technologies were evaluated, and the results of the evaluations were documented in deliverable D5.1.1 section 3.5.5. Here the focus is on the main candidates for the ▇▇▇▇▇ ▇ ▇▇▇. This evaluation was based on both technical merit and early requirements specified by the communities. The next step was to evaluate the candidates against a more detailed set of user requirements, which are summarized in Table 8.
Federated AAI. Federated AAI is considered to be a service that makes it possible to access EUDAT services while maintaining user identities, roles, access rights, trust and privacy. The implementation plan of the AAI TF consists of three phases: short-, mid- and long-term. The short-term phase, which makes collaborative tools that span three countries (such as the EUDAT wiki, the JIRA ticket system, the EUDAT central- monitoring system and the trouble ticket system) available to project members via SSO, has been completed. Most of the work has gone into the mid-term solution. This involved getting detailed requirements from the communities, developing the overall approach, using credential conversion technologies, evaluating and piloting different technologies, and assessing the community portals. The candidate technology that fulfils most of the requirements is the credential conversion software being developed in the Contrail project. However this software is complex and it is still under development, rather than being completed. There are other candidate technologies (such Shibboleth and SimpleSAMLPhp) that only target web-based access, and omit command-line access. The current status is that work in the task force is very much in progress. Currently there is a lot of activity in the scientific domain in relation to the topic of Federated AAI, or identity management. Federated AAI is considered to be a complex issue, not only from the technical point of view but also in relation to policies on identify management, attribute release and automated registration and deregistration. As EUDAT is a multi-disciplinary scientific project, spanning 13 countries across Europe, it makes Federated AAI a very challenging and demanding for the project. EUDAT is actively engaged in other initiatives in the area of federated identity management, and has: Attended FIM4R60 workshops, Provided input to the AAA Study group61 report62, description of the EUDAT AAI use case, and Presented the EUDAT AAI use case at the ▇▇▇▇▇▇ VAMP63 meeting. It is important for EUDAT to continue to participate in the arena of federated identity management, both in Europe and globally.