The FIM4R Community came together once more on the 8th of December 2019, in New Orleans, for its 14th workshop. Being co-hosted with Internet2’s Technology Exchange provided an opportunity to discuss FIM4R among a difference demographic – this time only a small proportion of participants represented research communities, with the remainder bringing the perspectives of Federations, Identity Providers (IdPs), Campuses, Software Maintainers and National Research and Education Networks (NRENs). Discussion in the room was rich and explored a number of new areas.
GÉANT and Internet2 both gave a summary of their reaction to the FIM4R v2 whitepaper, demonstrating areas in which they have implemented change and questioning whether some of the FIM4R Recommendations were the right ones to have been raised. In particular, our recommendation to “increase research representation in governance” led us to unpack the structure of decision making power at campuses and try to identify where such efforts should be focused. FIM4R’s call for increased R&S entity category support came into question; was this the correct “ask” given the inevitability of Research Communities maintaining many such attributes themselves?
There was widespread consensus in the room that “doing FIM for Research is hard”. The learning curve to understand, design and deploy an effective AARC-BPA-compliant Authentication and Authorisation Infrastructure (AAI) is unaffordably high to many Research Communities, either in terms of dedicating personnel time or in hiring specialist consultants. Each Research AAI tackles the same complex issues independently (such as identifying persistent identifiers, providing intuitive IdP discovery, encouraging attribute release from Identity Providers etc.) with a resulting Infrastructure that still fails for a significant minority of their researchers. These discussions prompted further conversations during the week around how to de-duplicate such effort and provide a community service that Research Communities can use to ease their uptake of Federated Identity Management.
We heard an update from AEGIS (AARC Engagement Group for Infrastructures) which aims to ensure unified adoption of technical and policy guidelines across e-Infrastructures to support the evolving AAI model of chains of SP-IdP-proxies protecting research services. AEGIS is now open to relevant observers wishing to follow their efforts.
So, what is the role of FIM4R in the future? We as FIM4R should step up and do our bit to help Research Communities enter the FIM community – the new page on “Getting Started with FIM” is a first step towards that (all suggestions and improvements are welcome!). Another effort, which will be coordinated with the GN4 Project, hopes to see webinars produced to aid with decreasing the learning curve. The EOSC (European Open Science Cloud) Project is looking to us to for input in supporting an EOSC AAI that works for Research, we will be putting together a short position paper in the coming months. Federations still struggle to convince Higher Education Organisations of the need to support Research Communities – typically a University may only have a handful of researchers from any one Research Community. Perhaps by pooling our data on which universities benefit from our Research Services through FIM we can help make the case for FIM4R Recommendations even stronger? We will be coming back to this at future meetings.
Many thanks to Internet2 and Incommon for their support in funding and organising this meeting! We will meet again on February the 17th at the TIIME Workshop in Vienna.