Versions Compared

Old Version 41

changes.mady.by.user Raoul Teeuwen

Saved on

compared with

New Version 42

changes.mady.by.user Raoul Teeuwen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Something has to be arranged to invite people who need access to resources (invites, enrollment). There is a need to manage collaboration groups (membership etc).

  • Providing access to invited people to the actual resources currently often takes a relatively long time (working with system admins of all resources, setting up 'account management', provisioning etc). 

  • Apart from enabling access to browser-based services, for 'non-web' services (think of resources accessed via SSH or WebDAV ) there are currently no possibilities for federated authentication.

  • Giving access to a service to international (in our case non-Dutch) researchers and people without an institutional account (eg from companies involved in the research project, 'guest-access') requires a relatively large amount of work.

  • Authorization often is a problem. Group membership can be used to decide on authorization: what is a user allowed to do within a certain service? This requires a solution that can convert the group information into attributes that are subsequently consumed and interpreted by the resources to be shared (eg wikis, compute or data) for authorizing users.

...

  • Ensure that parties who want to share resources can do so by smoothly (and only once) connecting the resource to the SCZ proxy. The SCZ solution takes care, amongst others, of making the service available via eduGAIN.

  • Provide an environment where institutions and cooperative collaborative organisations can quickly request a collaboration group, assign group managers and then manage that group themselves, invite people, etc.

  • Provide a possibility to manage specific attributes per collaborative organisation.

  • Ensure that people without an edu account can also easily be invited and access the resources, where possible with a higher 'Level of Assurance' than with a social identity.

  • Ensure that non-web resources like SSH and WebDav can be approached via federated authentication (eg institutional account) (for the benefits of federated authentication see "Why federative"? ).

  • Ensure that an institution only has to join the SCZ once in order to give all its researchers (via one or more collaborations) access to the participating services and resources.

...