Researchers that want to collaborate (internationally) and providers of resources who want to offer research facilities to collaborative organisations often face questions related to providing access to resources. The SCZ project (SCZ, FIAM for collaborating researchers) tries to solve a number of issues in the field of authentication, authorization and policies. 

This page is for people who want to know more about the infrastructure the SCZ-project is building & piloting. The project also examines whether and, if so, how the SCZ can be offered by SURF as a service.

SURF is collaborating in this project with Dutch institutions, but the general solution is usable in any country. 

Why the SCZ project?

There are a number of specific problems for collaborations between researchers, which we address in the SCZ-project:

Currently, for every new research the wheel is reinvented to arrange for the things mentioned. Collaborations and research are delayed in the start-up phase because providing access takes time.

How does SCZ provide a solution?

In the SCZ project, we want to:

To get an extra idea of what SCZ wants to offer, here we share the 'user stories' (in broad outline) for which we want to offer a solution with SCZ.

Schematic overview of the SCZ solution 

Schematically the SCZ can be drawn as follows:

The picture above shows that the research services are linked to the SCZ proxy: these services only have to make and maintain one link. The picture shows the features of the SCZ infrastructure:

Wondering how a flow of inviting a user to access via SSH looks like? See the video at the bottom of the End user documentation SCZ COmanage .

Planning / timeline / status

In June 2017 phase 1 of the project was completed, and phase 2 started. In phase 1, use cases were drawn up and coordinated with a number of cooperative organizations, an architecture was drawn up and needs were assessed. Phase 2, which runs from now until the third quarter of 2018, is dedicated to realizing the various components and gaining experience through pilots.

SCZ phase 2 focuses on:


Involved collaborations and institutions

We have a listing (a part of) the institutions piloting within our project and what is being piloted.

The institutions involved in pilots are expected to participate in meetings and allow the right people within the institution to test the pilot environment, provide feedback to SURF and participate in talks about new features and requirements.

Apart from pilots, we also frequently present about the project, like for the Health-RI event of Dec 8th 2017, where a poster was crafted to show the value of COmanage for collaborations like BBMRI:

Which technical components are used?

Interested in the components used? See Technical overview of SCZ .

COmanage documentation

Curious about how you can get started in COmanage? We have organised and provide links to End user documentation SCZ COmanage .

Connecting services

Connecting Services to the SCZ environment describes how to services to the SCZ infrastructure.

Why authenticate in a federated way?

Enabling a service / resource for federated authentication means users can 'login' (authenticate) with their institutional account: as soon as they want to acces a service, they are automatically forwarded to the login screen of their institution (or other organization where they have an account, if that can be used, such as a bank). Reasons to arrange this like this:

The European AARC-project has a training-module on what a identity federation is and what its advantages are: Federation-101.

Will this be a SURF service?

SURF is conducting the pilots to also answer this question. In this way, after the pilots, we can draw conclusions about the functionalities: does the SCZ actually solve these problems? We also have a better idea of the feasability to offer this centrally and if so including the costs (in equipment and people) that are needed to offer such a central infrastructure. In the summer of 2018 we will decide on this based on the experiences with the pilots. Naturally, the pilot partners have considerable influence on this process. Should it be decided not to offer the SCZ as a service, we will enter into a phase-out process with each pilot partner, for example SURF can help transfer the infrastructure to a local copy an institution can run locally.

Mailinglist & more information

We have a mailing list for this project. An archive of previously shared messages can be found via . Feel free to sign up for that list via . Interested? Ask? Suggestions? Mail with Raoul Teeuwen ( ). 

If you find the SURFnet SCZ mailinglist interesting, you might also be interested in the following:

"Following some community interest, a new (not COmanage specific) list has been established: cmp-discuss. This is a discussion group for any technologies, policies, or use cases associated with collaboration management platforms, and especially general (non-product specific) topics or topics crossing multiple technologies.

You can join and manage your subscription here:!aboutgroup/cmp-discuss

(The list was set up as a Google Group to avoid associations with any particular project or community.)"

More information in this wiki