13 - Federating GÉANT Services

Mandeep Saini (DANTE), Brook Schofield (TERENA), Maja Wolniewicz (UMK)

The environment created by federations enables integration in the area of identity management by allowing organisations to share identity information between their respective security domains. It establishes a trust relationship between a service provider (SP) and an identity provider (IdP), which allows an end user to use a single federated identity. In the absence of federation within GÉANT, it was difficult for GÉANT services to take advantage of such services. Instead of establishing a GÉANT federation, however, the decision was taken to simulate the federation for GÉANT services by using Federation Proxy. The reasons for taking this approach were as follows:
· Federation incurs high overheads.

· Connecting GÉANT services to individual IdPs directly was feasible but not scalable.

· Federation Proxy provides a quick and simple solution.

The Poster provides details of the Federation Proxy approach, which enables services to take advantage of the federation environment in the absence of actual federation.

Download file