Bridging the connectivity gap: Tuakiri hosted IdP connects small research organisations into R&E identity federations
For most members of the R&E community, Identity Federations have become an everyday tool they use without even thinking about it – accessing journal subscriptions, research repositories, collaboration platforms with their institutional account, without having to deal with “yet another” set of credentials to manage.
To make access via Identity Federations work in this seamless way, administrators with highly specialised skills need to first setup the connection between the Identity Management System (IdMS) and the Identity Federation, deploying an Identity Provider (IdP) – and then provide ongoing maintenance for this system. However, this requirement had so far put Identity Federations outside the reach of small research organisations, who do not have the manpower and the specialised technical skills to setup and maintain an IdP server.
To bridge this gap and help smaller organisations join Tuakiri, the New Zealand Access Federation, REANNZ has created a hosted solution: Tuakiri Hosted IdP. Tuakiri Hosted IdP is designed to be scalable, where the additional cost of connecting an organisation (in terms of computational resources and effort required) would be minimal.
The solution expects organisations already have an existing IdMS, hosted with one of the major cloud providers (Google Apps / GSuite or Office 365 / Azure AD) – though this list is not a hard restriction. There is minimal configuration to be done on the member side (connecting the Tuakiri Hosted IdP as a SAML Service Provider), and the rest gets done by the automation tools used at REANNZ (after recording information about the connected IdMs).
This talk will present the Tuakiri Hosted IdP solution in further detail, and the REANNZ team will be there to engage with members interested in adopting this solution.
ABOUT THE AUTHOR
Dr. Vladimir Mencl has been part of the New Zealand R&E community since 2006 and has been involved in identity and access management projects since the early days of the BeSTGRID project. When the Tuakiri project moved to REANNZ, Vlad joined REANNZ where he is part of the Systems team as a Senior Software Engineer.