Federation as a Service
Helping NRENs to build identity federations and deliver AAI services
Authentication and authorisation infrastructure (AAI) is one of the key differentiators between national research and education networking organisations (NRENs) and other network providers. Its provision aids the development and delivery of enhanced services to all users.
As the demands of researchers and research projects increase and international collaboration becomes the norm, the need for NRENs to provide effective, secure AAI is inevitable.
By offering AAI, NRENs provide essential value-added services to their users and those users can also take advantage of services and facilities offered by other NRENs. From ubiquitous eduroam access to advanced cloud computing platforms such as ~Okeanos global, AAI is an essential enabler for collaboration.
FaaS – helping NRENs offer AAI services
The development and operation of a national identity federation is not a trivial activity and GÉANT’s Federation as a Service (FaaS) offering was created specially to help.
FaaS supports NRENs in building their identity federations by providing a hosted set of tools for operating their identity federation. FaaS offering was designed with special care on security, as a key enabler of trust in identity federations. In that way, NRENs can establish their federation following best current practices and focus on the development of service and identity provider systems to help rapidly build AAI in their region.
FaaS offering
FaaS offers a toolbox for simplified and secure management of Identity Federation metadata and for exchanging metadata with other federations via eduGAIN. The FaaS offer focuses on scalability, a friendly user interface and high security achieved by relying on an HSM for the protection of cryptographic keys. The toolbox is built using best-of-breed Free/Libre/OpenSource software and is provided as a hosted single tenant service, where each FaaS customer gets its own FaaS instance that can be localized and branded as desired.