In 2018 and 2019 the SURF SCZ-team conducts pilots with a number of institutions. Goal of the pilots is to investigate the exact needs (what features does SCZ need to provide), test actual software, develop software based on needs and mid 2019 be able to decide on a go/no go on whether SURF can offer this as a service and if so, how to cover the cost etc. In may 2019 institutions advised on developing SCZ to a production read service.
The below table shows institutions that have contacted the SCZ-team and what requirement(s) they've expressed. Each institution has its own dynamics, so some institutions are swift in steps taken to connect (a) service provider(s) and test SCZ, while others have one or more reasons the pilot doesn't progress as fast as some might hope.
Although we try to keep (also) this page current, for the latest information if needed, check with firstname.lastname@example.org . To be added as a pilot, please read
|Institution(s) or collaboration||Requirements||Status|
|Location VUmc of the Amsterdam University Medical Center has been awarded a grant for innovating on the matter of "Enabling future research collaborations to speedier start up of secure collaboration". VUmc tested the SCZ-stack in combination with Azure AD and used LDAP to connect VM's and services to the SCZ environment. They have finished the pilot, gave SCZ a position in their research IT architecture and are looking to scale up.|
From the SCZ perspective, VUmc is testing the guest access functionality, invitation flows, self service/decentralized authorisation, publication of an SP in eduGAIN and non-web-access.
|Successfully connected Azure VM environment, looking to extend pilot.|
UvA/HvA is looking to share local (UvA/HvA) e-resources with the rest of the "world" as part of their internal project "Access to ICT services UvA and HvA for external researchers” ("Toegang tot ICT diensten UvA en HvA door derden onderzoekers”). For the pilot, three service providers are selected to share resources: Geoserver, OpenLab and O2.
|Discussing LDAP structure, configuring flows|
|SURFsara Research Cloud project||Looking to extend the supplied research services with AAI capabilities, invite flows etc. For this pilot, a number of API's are created so SURFsara has machine-based access to certain SCZ functionality.|
From the SCZ perspective, SURFsara is testing the guest access functionality, invitation flows, self service/decentralized authorisation and non-web-access.
|Investigating possibilities to connect services.|
|TU/e||TU/e were looking for a way to securely share data on their storage infrastructure with people off campus. We have connected SCZ to a TU/e Nextcloud instance.||Connecting service.|
Lifescience & Health project (mainly in UMCs) aiming to share data and compute resources. Primarily focusing on non-web SSO and on-boarding workflows and group management solutions. (EU context as well in BBMRI-ERIC).
|Investigating XNAT and R2 connection to SCZ.|
The RUG needs specific attributes to facilitate RUG VRE's to their researchers to allow usage of non-web services and want to see whether SCZ COmanage can supply that functionality. They want to test a workflow for their LDAP with a predefined or random value. Users connected to SURFconext or eduGAIN should be allowed access using their institutional credentials. RUG also wants to use and pilot (Delegated) Group management and configurable enrolment and deprovisioning flows.
|CWI/VRE4EIC||Have connected web based SP and supplied person with Italian CNR identity access via eduGAIN and piloted authorisation based on attributes.|
From the SCZ perspective, CWI/VRE4EIC is testing the guest access functionality, invitation flows, self service/decentralized authorisation and publication of an SP in eduGAIN.
|Successfully completed pilot goal. Looking to extend.|
|UMCU||Wants to use AAI to securely share their HPC environment with on-campus IdP's, and other IdP's. We have finished the initial connection. UMCU is investigating how to proceed.||Setting up connection.|
|MUMC||Want to connect their iRODS-based DataHub portal.||Investigating similar setup we did for SURFsara|
|SURFsara Research Drive||We have connected SURFsara Research Drive to SCZ: Research Drive can be configured as storage option within the SURFsara Research Cloud offering. SURFsara Research Cloud is using SCZ to manage access. This means groups are managed in SCZ. SURFsara Research Drive likes to know about and use that group information, to make it so when someone access the storages, they have the same group authorisation and access in both SURFsara Research Cloud as well as SURFsara Research Drive.|
Astron is involved in the EOSC-hub project in which it needs to evaluate available services for enabling federated access for the LOFAR community. AENEAS is an EU H2020 project to prepare a European/Regional Square Kilometer Array (SKA) Data Center. NIKHEF is 1 of the data hosters. Services considered for federated access are Indico, Docuwiki, mailing lists (e.g. Sympa) and WordPress CMS.
|Evaluating SCZ as one of the possible solutions.|
|UU (U2Connect)||UU has built an iRODS based data management middleware solution to share data with researchers both from within the UU and with researchers from remote institutions; UU has augmented iRODS with a layer called YODA, Your Data. In this pilot, YODA is coordinating user provisioning but is using SCZ COmanage API's to do a large part of the actual work.|
From the SCZ perspective, UU is testing the guest access functionality, invitation flows and non-web-access.
|Deployed, testing/piloting and improving/extending|
|CLARIAH||CLARIAH is running an OpenConext environment to allow access to their resources. They would like to outsource this task to save on operations.|
From the SCZ perspective, CLARIAH is interested in connecting IdP's within and outside of the Netherlands to webbased resources and providing guest access.
|SURFsara iRODS||Providing access to non-web resource iRODS (with MetaLNX) from SURFsara.|
From the SCZ perspective, SURFsara iRODS is testing the guest access functionality, invitation flows, self service/decentralized authorisation, publication of an SP in eduGAIN and non-web-access.
|A demo has been prepared for SURFsara to evaluate|