Versions Compared

Old Version 11

changes.mady.by.user Pieter van der Meulen

Saved on

compared with

New Version 12

changes.mady.by.user Peter Clijsters

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

It is our ambition to let SURFsecureID grow into the default strong authentication solution for Dutch education and research institutions. The following activities are planned:

    Support multiple tokens per user
    Released
    Facilitate the re-use of tokens from commercial vendors
    We created an interface (GSSP), php library and example that facilitates adding new token types to stepup
    Released 
  • More fine-grained authorization: allow RAs and RAAs users to work for more multiple institutions
    In development
    Support for IRMA tokens
    In development
    Support for U2F tokens
    Developed, waiting for browser support, and standardization. Planned in 2019Q2.

  • Study integration options for Microsoft Azure MFA with SURFsecureID

    In progressPreliminary research is done. POC planned.

  • Remote registration facility
    Planning
    Periodic security audit
    Planning H2 2018
    Preliminary research is done. POC phase has started.

  • Full self-service registration
    Supporting low level of assurance by eliminating the identification and activation process. Planned.

  • Support OpenID Connect
    This will piggyback on the planned integration of SURFsecureID in SURFconext. Planned.Enable SURFsecureID for SURFconext OpenID Connect

  • User deprovisioning, i.e. remove token registrations that have not been used for a long time

  • Improve integration of SURFsecureID with legacy applications
    Ongoing.

  • Use Azure MFA as a token for SURFsecureID
    POC phase

  • Support for IRMA tokens
    In development

  • Support for FIDO2 / WebAuthn tokens
    In developmentSupport context-based strong authentication
    Finished a Proof of context using SURFconext Authorization service (PDP)

In addition to these more innovative activities, we will continue to improve our service:

  • Functional improvement of Registration portal, RA Management portal, supporting processes and documentation
  • Grow the number of connected Identity Providers and Service Providers
  • Best practices on strong authentication SURFsecureID implementations
  • Knowledge dissemination on strong authentication, Levels of Assurance, etc.
  • Periodic security audit

Activities and priorities in this road map may change over time depending on input of our members. We encourage you to engage in our periodic SURFconext meetings or contact us at info@surfconext.nl to discuss your strong authentication needs.

Released or old roadmap items:

  • Support context-based strong authentication
    Finished a Proof of context using SURFconext Authorization service (PDP)

  • Support multiple tokens per user
    Released 12 juli 2018

  • Facilitate the re-use of tokens from commercial vendors
    We created an interface (GSSP), php library and example that facilitates adding new token types to stepup
    Released 12 september 2018
  • Support for U2F tokens
    Developed, waiting for browser support, and standardisation