AAF logo search

Technology Roadmap

Click on this diagram for more information:

Technology Roadmap diagram
Technology Roadmap diagram
Technology Roadmap diagram
Technology Roadmap diagram
Technology Roadmap diagram

Subscriber requirements

Activity

Description

Status

Funded

Internationalisation

Connecting AAF to the global Federation network to enable AAF subscribers to collaborate internationally with other eduGAIN federations.

Active

Seeking funding

Boost Program 2015

The Boost program identifies a target group of AAF subscribers to take part in a review and analysis activity. This activity will then report on the findings to assist subscribers with maturing their SP.

Proposed

AAF operations

New core attributes

A plan for new core attributes and changes to the current AAF core attributes.

  • CommonName (cn): Remove single space requirement and any other formatting requirements. Move this to an optional attribute
  • EPPN: Determine the need to make this a core attribute especially in line with its usage within Research Entity Descriptor bundle
  • GivenName, Surname: Promote to core attributes.
  • eduPersonOrcid: ORCID identifiers are meant to uniquely identify the researcher to whom they are registered, so they are personally identifying information by design.

Planning

AAF operations

ASD requirements for governmentbr> (Shib V2.4.4 – V3 for all subscribers)

Understand requirements of key government organisations, self-assessment, gap analysis and refinement of AAF systems:

  • understand the ASD requirements of government organisations in the context of the AAF
  • undertake a self-assessment and gap analysis for PSPF and ISM requirements and how they relate to the AAF
  • refinement of AAF systems and policies to meet ASD requirements.

Active

Dept. of Education project funding

IdP Shibboleth V3 upgrade

The AAF is working with IdP’s to upgrade to Shibboleth version 3 (V3).This upgrade is in preparation for end-of-life of previous versions and will need to be completed by July 31 2016. The AAF has developed an IdP Installer that will assist IdP’s with this future upgrade.

Active

AAF operations

ECP rollout

AECP allows Service Providers (SP) to introduce a new class of service that won’t be limited by a browser interface to provide single sign-on functionality.The ECP profile is designed for clients that use desktop applications, server-side code running in a web application and anything else that isn't run in a browser.

Active

AAF operations


AAF Operational (enhancements & extensions)

Activity

Description

Status

Funded

ORCID support

As the Australian ORCID Consortium Lead the AAF now provide technical support for all ORCID members. This support includes:

  • administrative support
  • on-boarding members and running webinars/training
  • central technical support contact for ORCID
  • maintaining documentation for the Consortium and technical documentation.

Active

AAF operations

eduGAIN enabled tools/software

  • Extend the Federation Registry to enable eduGAIN metadata flows
  • Add the AAF Virtual Home to eduGAIN as an IdP
  • Add the AAF Attribute Validator to eduGAIN

Active

Seeking funding

Access control/IDE

Access Control Identity Enhancement (IdE) allows Service Providers to enhance an end users’ (e.g. researchers) identity.

IdE was initially developed to assist research facilities, such as virtual laboratories and cloud platforms to provide a user with enhanced access to services offered by their Identity Provider.

Active

NeCTAR funded project

Service catalogue

To enhance the current AAF service catalogue to include a comprehensive list of all Service Providers and additional information about each service listing.

Planning

AAF operations

Improved reporting statistics

The development of a new, central reporting dashboard to provide information on subscriber utilisation of the federation (i.e. what organisations are authenticating to AAF connected research infrastructure and vice versa).

Planning

Dept. of Education project funding

Enhanced Discovery Services (eduGAIN/ECP)

Redevelopment of the AAF Discovery Service software to deliver:

  • an enhanced user experience across desktop and mobile environments
  • internationalisation of the Discovery Service to enable Australian Research Capabilities to provide their service to their counterparts internationally
  • API access for non-web protocols

Active

Dept. of Education project funding

Hosted IdP

Release a Hosted IdP option to members. AAF will take care of infrastructure management, upgrades and patching on behalf of members. This service will:

  • remove the burden of developing and maintaining expertise in Shibboleth and associated infrastructure from subscribers
  • release subscribers’ scarce identity management resources for higher value activities
  • simplify and accelerate the process of connecting new organisations to the Federation, particularly for small organisations few IT specialists.

Planning

Dept. of Education project funding


Innovation

Activity

Description

Status

Funded

Entity categories

Entity categories are group federation entities that share common criteria. Entity categories have multiple uses, they can facilitate IdP decisions to release a defined set of attributes to SPs without the need for detailed local review for each SP.

Active

AAF operations

Hosted IdP

Develop a AAF hosted and managed Identity Provider instance available to AAF subscribers and potential subscribers, alleviating the need for IT departments to have Shibboleth expertise.

Active - under development

Dept. of Education project funding

eduGAIN aware, Uapprove, Shib 3

Ensure that end user consent, highlights that personal information will be transiting foreign borders once services are accepted by AAF connected IdPs via eduGAIN.

Planning

AAF operations

OpenID Connect /Oauth/Social

OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It allows clients to verify the identity of the End-User based on the authentication performed by an authorisation server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner.

OpenID Connect allows clients of all types, including web-based, mobile, and JavaScript clients, to request and receive information about authenticated sessions and end-users. The specification suite is extensible, allowing participants to use optional features such as encryption of identity data, discovery of OpenID Providers, and session management, when it makes sense for them.

Planning

NeCTAR funded project

Non-web protocols

Looking at options such as Radius to assist in this sphere.

Researching

Partially funded by Dept. of Education project funding

Groups and attribute authorities

The AAF along with NeCTAR and RDS, are involved in long term discussions about requirements for centralised group management and identity augmentation via attribute authority services.

Watching

Not funded


Infrastructure

Activity

Description

Status

Funded

ASD compliant infrastructure

  • Report on the ASD requirements for government organisations
  • A self-assessment and gap analysis for PSPF and ISM requirements
  • Refinement of AAF systems and policies to meet ASD requirements.

Planning

Dept. of Education project funding

Hosted Services

  • AWS
  • Zendesk

Active

AAF Operations