Research This page is more and more about collaboration, also confirmed in the Dutch NWO 2019-2022-strategy. Researchers that want to collaborate (internationally) and providers of resources who want to offer research facilities to collaborative organisations therefor face the question: how to provide secure access to resources.

A great basis for easy secure access, is using the institutional accounts most researchers have. This for instance allows easy set up, easy validation, and better control when a researcher for instance stops working for an institution.

People from around the world have been thinking about how to solve the access issues, a solution was architected, and project SCZ is building an implementation of that international effort.

We provide an Authentication & Authorisation Infrastructure-as-a-Service focused on the needs of researchers, research projects and providers of resources for researchers. It takes care of user management. The service name: SURF Research Access Management (SRAM). On these pages we describe what the SCZ project and the resulting SRAM-service is about. 

In the European AARC-project (Authentication and Authorisation for Research and Collaboration) the specific identity and access challenges researchers face are addressed, and they made a clear video about the problem:

AARC crafted a blueprint architecture that addresses those challenges. SCZ is basically doing an implementation of that blueprint.

Why the SCZ project?

Researchers have typical access needs that aren't taken care of by the current solutions, and they have documented them in FIM4R-documents (Federated Identity Management for Research). We address a number of those problems in the SCZ-project:

• Providing access to invited people to the actual resources currently often takes a relatively long time (working with system admins of all resources, setting up 'account management', provisioning etc). 

• You want to streamline the invitation process (invites, enrollment). When the collaboration grows, there is a need to manage collaboration groups (membership etc).

• Researchers often want access to 'non-web' services (think of resources accessed via SSH or WebDAV ): those are currently not tied to their institutional accounts, which makes access revocation a problem.

• Research is often international and providing people without an institutional account (eg from companies involved in the research project, 'guest-access') secure access often is a problem.

• Authorization often is a problem. Group membership can be used to decide on authorization: what is a user allowed to do within a certain service? This requires a solution that can convert the group information into attributes that are subsequently consumed and interpreted by the resources to be shared (eg wikis, compute or data) for authorising users.

about a service, offered by SURF, that makes it easier for research collaborations to set up and manage access to (data and compute) services they need for their projects. Using our service saves those collaborations time and enables them to spent more time on research instead of managing infrastructure. Everybody involved benefits: researchers, providers of services for researchers and institutions. Anybody is invited to read about the service, but it is geared towards Dutch led research projects.

Don't want to read the information below but want to know how this can help you? Or have questions? You can send us an email and we'll set up a call!

Why the SCZ project?

Research is more and more about collaboration, also confirmed in the Dutch NWO 2019-2022-strategy. Researchers that want to collaborate (internationally) and providers of resources who want to offer research facilities to collaborative organisations therefor face the question: how to provide secure access to resources.

Researchers have typical access needs that aren't taken care of by the current solutions, and they have documented them in FIM4R-documents (Federated Identity Management for Research). We address a number of those problems in the SCZ-project:

• Providing access to invited people to the actual resources currently often takes a relatively long time (working with system admins of all resources, setting up 'account management', provisioning etc). 

• You want to streamline the invitation process (invites, enrollment). When the collaboration grows, there is a need to manage collaboration groups (membership etc).

• Researchers often want access to 'non-web' services (think of resources accessed via SSH or WebDAV ): those are currently not tied to their institutional accounts, which makes access revocation a problem.

• Research is often international and providing people without an institutional account (eg from companies involved in the research project, 'guest-access') secure access often is a problem.

• Authorization often is a problem. Group membership can be used to decide on authorization: what is a user allowed to do within a certain service? This requires a solution that can convert the group information into attributes that are subsequently consumed and interpreted by the resources to be shared (eg wikis, compute or data) for authorising users.

Currently, for every new research the wheel is reinvented to arrange for the things mentioned. Collaborations and research are delayed in the start-up phase because providing access takes time. What if there was a plug and play service?

People from around the world have been thinking about how to solve the access issues, a solution was architected, and project SCZ is building an implementation of that international effort.

A great basis for easy secure access, is using the institutional accounts most researchers have. This for instance allows easy set up, easy validation, and better control when a researcher for instance stops working for an institution.

In the European AARC-project (Authentication and Authorisation for Research and Collaboration) the specific identity and access challenges researchers face are addressed, and they made a clear video about the problem:

AARC crafted a blueprint architecture that addresses those challenges. SCZ is basically doing an implementation of that blueprint.

We provide an Authentication & Authorisation Infrastructure-as-a-Service focused on the needs of researchers, research projects and providers of resources for researchers. It takes care of user management. The service name: SURF Research Access Management (SRAM). On these pages we describe what the SCZ project and the resulting SRAM-service is about. Currently, for every new research the wheel is reinvented to arrange for the things mentioned. Collaborations and research are delayed in the start-up phase because providing access takes time. What if there was a plug and play service?

How does SCZ provide a solution?

...