Enabling Communities - Building trust for research and collaboration
When exploring the world of Federated Identity, research communities can reap considerable benefit from using common best practices and adopting interoperable ways of working. EnCo, the Enabling Communities task of the GÉANT 4-3 and GÉANT 5-1 Trust and Identity Work Package, provides the link between those seeking to deploy Federated Identity Management and the significant body of knowledge accumulated within the wider community. Individuals from EnCo aim to ensure that outputs from projects (e.g. AARC) and groups (e.g. WISE, FIM4R, IGTF, REFEDS) are well known, available and kept up to date as technology changes. Since many of these groups are non-funded, it’s vital for their survival that projects such as the GÉANT project sponsor individuals to drive progress and maintain momentum. The ultimate aim is to enhance trust between identity providers and research communities/infrastructure, to enable researchers’ safe and secure access to resources.
As we commence the work programme for the GEANT-5 phase, which starts in 2023, it is a good moment to review the impact on the trust and identity world achieved through the previous programme, and how global engagement can be promoted as the community gets ever more interconnected. The next GEANT programme will build on the same open structures of WISE, FIM4R, IGTF and REFEDS, so that shared knowledge is maintained and updated in the future - something essential for interoperability, trust and security.
The Federated Identity Management for Research (FIM4R) community is a forum where Research Communities meet to establish common requirements, combining their voices to send a strong message to FIM stakeholders. For example, in 2020 people from EnCo were among those who led efforts to produce a position paper on the EOSC identity management strategy from the perspective of research communities as well as the rebooting of the FIM4R activities post-pandemic
The WISE community promotes best practice in information security for IT infrastructures for research. EnCo has been and is leading several activities within WISE. This includes the Security for Collaborating Infrastructures working group, which has produced a guidance document to encourage self-assessment against the SCI Trust Framework and is working towards updating the AARC Policy Development Kit (PDK). Also, since information security processes need periodic exercise, the community organises challenges for communications response and mitigation of incidents affecting collaborative communities, and at times even deep forensics - all to make sure communities are prepared, and the various tests complement each other.
REFEDS is the voice that articulates the mutual needs of research and education identity federations worldwide. EnCo has been leading and participating in several activities on both assurance (the REFEDS Assurance Suite) and security to increase the level of trust in federations (SIRTFI). Trust in community for AARC proxy services is further promoted with the IGTF guidance on secure attribute authority operations and exchanging assurance for the infrastructures.
Our target audience are the communities and the infrastructures providing their services.
Aims of the presentation:
- The audience will learn about essential trust, policies and guidance
- Raise awareness of the availability of common resources, including those owned by WISE, FIM4R, REFEDS, IGTF
- Promote participation in these bodies and groups
- Share news of progress, e.g. Updates on the PDK, Sirtfi, Assurance
- Inform about future activities, e.g. trust for proxies and moving towards tokens
- Get input on our new activities