17 research outputs found
Federated Identity Management for Research Collaborations
This white-paper expresses common requirements of Research Communities seeking to leverage Identity Federation for
Authentication and Authorisation. Recommendations are made to Stakeholders to guide the future evolution of Federated
Identity Management in a direction that better satisfies research use cases. The authors represent research communities,
Research Services, Infrastructures, Identity Federations and Interfederations, with a joint motivation to ease collaboration
for distributed researchers. The content has been edited collaboratively by the Federated Identity Management for
Research (FIM4R) Community, with input sought at conferences and meetings in Europe, Asia and North America
Common ELIXIR Service for Researcher Authentication and Authorisation
Linden M, Prochazka M, Lappalainen I, et al. Common ELIXIR Service for Researcher Authentication and Authorisation. F1000Research. 2018;7: 1199.A common Authentication and Authorisation Infrastructure (AAI) that would allow single sign-on to services has been identified as a key enabler for European bioinformatics. ELIXIR AAI is an ELIXIR service portfolio for authenticating researchers to ELIXIR services and assisting these services on user privileges during research usage. It relieves the scientific service providers from managing the user identities and authorisation themselves, enables the researcher to have a single set of credentials to all ELIXIR services and supports meeting the requirements imposed by the data protection laws. ELIXIR AAI was launched in late 2016 and is part of the ELIXIR Compute platform portfolio. By the end of 2017 the number of users reached 1000, while the number of relying scientific services was 36.
This paper presents the requirements and design of the ELIXIR AAI and the policies related to its use, and how it can be used for serving some example services, such as document management, social media, data discovery, human data access, cloud compute and training services
GOTRIPLE:a user-centric process to develop a discovery platform
Social sciences and humanities (SSH) research is divided across a wide array of disciplines, sub-disciplines and languages. While this specialization makes it possible to investigate the extensive variety of SSH topics, it also leads to a fragmentation that prevents SSH research from reaching its full potential. The TRIPLE project brings answers to these issues by developing an innovative discovery platform for SSH data, researchers’ projects and profiles. Having started in October 2019, the project has already three main achievements that are presented in this paper: (1) the definition of main features of the GOTRIPLE platform; (2) its interoperability; (3) its multilingual, multicultural and interdisciplinary vocation. These results have been achieved thanks to different methodologies such as a co-design process, market analysis and benchmarking, monitoring and co-building. These preliminary results highlight the need for respecting diversity of practices and communities through coordination and harmonization
Authentication and Identity Management for the EPOS Project
The increase in the number of online services emphasizes the value of authentication and
identity management that we, even without realizing, depend on. In EPOS this authentication
and identity management are also crucial, by dealing and being responsible for large amounts
of heterogeneous data in multiple formats and from various providers, that can be public or
private. Controlling and identify the access to this data is the key. For this purpose, it is
necessary to create a system capable of authenticating, authorizing, and account the usage of
these services. While services in a development phase can have authentication and authorization
modules directly implemented in them, this is not an option for legacy services that cannot be
modified. This thesis regards the issue of providing secure and interoperable authentication
and authorization framework, associated with correct identity management and an accounting
module, stating the difficulties faced and how to be addressed. These issues are approached by
implementing the proposed methods in one of the GNSS Data and Products TCS services, that
will serve as a study case. While authentication mechanisms have improved constantly over
the years, with the addition of multiple authentication factors, there is still not a clear and
defined way of how authentication should be done. New security threats are always showing
up, and authentication systems need to adapt and improve while maintaining a balance between
security and usability. Our goal is, therefore, to propose a system that can provide a good user
experience allied to security, which can be used in the TCS services or other web services facing
similar problems.A importância da autenticação e gestão de identidades, de que dependemos inconscientemente, aumenta com o crescimento do número de serviços online ao nosso dispor. No EPOS,
devido à disponibilização e gestão de dados heterogéneos de várias entidades, que podem ser
públicas ou privadas, a existência de um sistema de autenticação e gestão de identidades é
também crucial, em que o controlo e identificação do acesso a estes dados é a chave. Numa
fase de desenvolvimento dos serviços, estes módulos de autenticação e autorização podem ser
diretamente implementados e é possÃvel existir uma adaptação do software aos mesmos. No
entanto, há serviços já existentes, cujas alterações implicam mudanças de grande escala e
uma reformulação de todo o sistema, e como tal não é exequÃvel fazer alterações diretas aos
mesmos. Esta dissertação aborda o desenvolvimento de um sistema de autenticação e autorização seguro e interoperável, associado a uma correta gestão de identidades e um módulo de
controlo, identificando os problemas encontrados e propondo soluções para os mesmos. Este
desenvolvimento é aplicado num dos serviços do TCS GNSS Data and Products e servirá como
caso de estudo. Embora os mecanismos de autenticação tenham melhorado continuamente ao
longo dos anos, com a adição de vários fatores de autenticação, ainda não existe um método
único e claro de como a autenticação deve ser feita. Novas ameaças estão sempre a surgir e
os sistemas atuais precisam de se adaptar e melhorar, mantendo um equilÃbrio entre segurança
e usabilidade. O nosso objetivo é propor um sistema que possa aliar a segurança a uma boa
experiência para o utilizador, e que possa ser utilizado não só nos serviços do TCS, mas também
em outros serviços web que enfrentem problemas semelhantes
Towards Interoperable Research Infrastructures for Environmental and Earth Sciences
This open access book summarises the latest developments on data management in the EU H2020 ENVRIplus project, which brought together more than 20 environmental and Earth science research infrastructures into a single community. It provides readers with a systematic overview of the common challenges faced by research infrastructures and how a ‘reference model guided’ engineering approach can be used to achieve greater interoperability among such infrastructures in the environmental and earth sciences. The 20 contributions in this book are structured in 5 parts on the design, development, deployment, operation and use of research infrastructures. Part one provides an overview of the state of the art of research infrastructure and relevant e-Infrastructure technologies, part two discusses the reference model guided engineering approach, the third part presents the software and tools developed for common data management challenges, the fourth part demonstrates the software via several use cases, and the last part discusses the sustainability and future directions
AARC: First draft of the Blueprint Architecture for Authentication and Authorisation Infrastructures
AARC (Authentication and Authorisation for Research Communities) is a two-year EC-funded project to develop and pilot an integrated cross-discipline authentication and authorisation framework, building on existing authentication and authorisation infrastructures (AAIs) and production federated infrastructure. AARC also champions federated access and offers tailored training to complement the actions needed to test AARC results and to promote AARC outcomes. This article describes a high-level blueprint architectures for interoperable AAIs
Towards Interoperable Research Infrastructures for Environmental and Earth Sciences
This open access book summarises the latest developments on data management in the EU H2020 ENVRIplus project, which brought together more than 20 environmental and Earth science research infrastructures into a single community. It provides readers with a systematic overview of the common challenges faced by research infrastructures and how a ‘reference model guided’ engineering approach can be used to achieve greater interoperability among such infrastructures in the environmental and earth sciences. The 20 contributions in this book are structured in 5 parts on the design, development, deployment, operation and use of research infrastructures. Part one provides an overview of the state of the art of research infrastructure and relevant e-Infrastructure technologies, part two discusses the reference model guided engineering approach, the third part presents the software and tools developed for common data management challenges, the fourth part demonstrates the software via several use cases, and the last part discusses the sustainability and future directions
Landscaping Country Report Portugal
This landscape analysis report aims to provide an overview of the policies, practices,
roadmaps, and strategies around funding, procuring, providing, accessing, and sharing
of services and resources in the EOSC scope in Portugal.info:eu-repo/semantics/publishedVersio