status: Recognised & Endorsed
Chair (s): Carlo Maria Zwölf, Hannah Short
Group Email: [group_email]
Secretariat Liaison: firstname.lastname@example.org
A strategic element to maintaining a competitive advantage in research is by focussing energies in areas of innovation, which is facilitated by sharing of resources and support of inter-disciplinary collaborations at the national and international levels. The primary impediment to this resource sharing and collaboration is the lack of an effective FIM (Federated Identity Management) ecosystem.
The FIM interest group (FIMig) is an international cross-domain interest group to work on all issues related to the use FIM for the implementation of AAIs (Authentication and Authorization Infrastructures) in research infrastructures.
Not all research data and computing resources are publicly available so that access needs to be constricted sometimes, e.g. until a dissertation has been published, or because highly sensitive personal data are included. Thus AAI technologies should be a part of RDA activities.
Solving the problem of constraining access to services and data to authorized people is a fundamental problem in research infrastructures where solutions are usually seen as combinations of an authentication part (identifying the user) and an authorization part (determining a persons access rights).
Although there are many possible solutions to enable an AAI, the FIM approach is especially well suited for research infrastructures that are distributed over many sites and need to be scalable. User friendliness is an important issue: that the technology requires no specialized knowledge from the end users. Through the release and delivery by FIM of roles and other specific user attributes, FIM can also directly be used for access control of protected resources, although this is not a requirement.
The interest group considers as its main task to discuss and propose solutions for the problems that are experienced by research infrastructures that need FIM services in order to operate their facilities and to serve their user communities. This agrees with the RDA ideal of a bottom-up approach where the data-practioners, in this case organised in thematic research infrastructures, are the major driving force. Past experience has taught us that solutions are required on managerial, operational, legal and technological planes, which means that representation also of enabling organizations and software producers is needed.
The starting point of FIMig are the discussions by the FIM4R group (http://cds.cern.ch/record/1442597?ln=en) where a number of research communities have prepared a common AAI requirements document (http://cds.cern.ch/record/1442597/files/CERN-OPEN-2012-006.pdf) and initiated a number of pilot developments. This group is mainly EU based but the results and conclusions reached are not geographically restricted and valuable input has been received from colleagues in Asia and the USA. Creating a discussion platform within RDA will enable it to broaden the current discussions within FIM4R group using RDA contacts (thinking here especially of US and AUs colleagues) and of course the special RDA group discussion facilities.
Efforts will be made to ensure a balanced representation of existing organizations that are stakehoders in the FIM landscape. These are the academic identity federations and their inter- organizations, as are the research community organizations and the projects through which they work realizing research infrastructures.
Beyond Interest Groups, the RDA includes also Workgroups. These are much more focussed on solving specific use-cases by (reference-) implementations and need to have a well defined timeline for their realisation. The RDA FIMig envisages kickstarting such workgroups, operating under a FIMig umbrella to solve specific problems when it thinks this is feasible and useful. This is thought to be the most productive way of achieving progress and working towards the goal of providing an interoperable, production AAI service to the multi-domain research community and beyond.
The provisional FIMig members:
Daan Broeder, MPI for Psycholinguistics, NL email@example.com Bob Jones, CERN, CH Robert.Jones@cern<NOSPAM>.ch
Peter Gietz, DAASI International, D
Tommi Nyronen, CSC, FI
Andrea Baldi, ESA, IT
Philip Kershaw, STFC, UK
David Kelsey, STFC, UK
Mirjam van Daalen, SwissFEL, CH
Romain Wartel, CERN, CH
Dean Flanders, FMI, CH
Wolfgang Pempe, DFN, D
Larry Lannom, CNRI, USA
Giridhar Manepalli CNRI, USA
Jim Basney NSCA, USA
Glenn Moloney, NeCTAR, AU
Nigel Ward, NeCTAR, AU
Tom Fifield, University Melbourne, AU
Federated Identity Management for Research Collaborations
This white-paper expresses common requirements of Research Communities seeking to leverage Identity Federation for Authentication and Authorisation.
0 | Add new comment