AAF logo search

About the Next Generation AAF Project

This project created the next generation Australian Access Federation (AAF) infrastructure and products to make national and international research collaboration easier and more accessible than ever. Major objectives were to:

The project commenced in July 2015 and finished in January 2017.

Project work fell into three major activity streams:

Activity 1 – Government Requirements for AAF Participation

Many government departments and agencies must use suppliers who have implemented the Australian Signals Directorate’s (ASD) Protective Security Policy Framework (PSPF) and Information Security Manual (ISM) requirements. Under this activity the project team:

  1. Identified ASD-compliant infrastructure providers and migrated AAF’s core services to Amazon Web Services.
  2. Determined which PSPF and ISM requirements relate to AAF and developed a range of policies to begin working toward compliance.

Key Benefits

Activity 1 concluded in November 2016. Work will continue beyond the project to align policies and practices to the framework.

Activity 2 – Next Generation Software Extensions

Software extensions enhanced the AAF’s infrastructure underpinning the authentication needs of the NCRIS capabilities and the growing number of eResearch connected organisations. Under this activity the project team:

  1. Developed and released the next generation Discovery Service.
  2. Developed and released the next generation Reporting Service.
  3. Piloted a RADIUS-based authentication extension for non-web-based authentication through the federation.

Key Benefits

These tools operate on the enhanced infrastructure implemented as part of Activity 1.

The next generation Discovery and Reporting Services went live in January 2016. AAF worked with Intersect and AARNet to develop a RADIUS extension for the federation.

Activity 3 – Hosted Identity Provider

Connecting to the federation has meant investments in skill development and infrastructure for IT departments. This can be a significant issue — especially for smaller organisations. The project team developed a Hosted Identity Provider (IdP) to simplify connection to the federation for new subscribers and remove much of the setup and maintenance burden from IdP administrators.

Key Benefits

Initial development wrapped up in January 2017.

What’s next?

The Early Adopter Program will help us identify any show-stoppers, prioritise product improvements and confirm the business model. We expect to launch the hosted IdP service for general availability in the second half of 2017.

For further information contact John Scullen (Project Manager).