Date: Fri, 29 Mar 2024 00:38:05 +0000 (UTC) Message-ID: <1821836414.7281.1711672685840@ip-10-10-7-29.ec2.internal> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_7280_958824394.1711672685838" ------=_Part_7280_958824394.1711672685838 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
The MFA Cohortium will be utilizing a CoCoA-based platform for its Sympa= electronic mail lists and Confluence wiki spaces, with other collaboration= services to be added in the future. CoCoA enables administration of users = and groups using these services from a single interface, as well as allowin= g for delegation of administration of subgroups within the larger Cohortium= project. See Backgr= ound on CoCoA below, for more information.
The Cohortium's current services are:
To register to use the CoCoA platform, click <here> and you will be guided through the process.= p>
Both the Registry and the Wiki have a federated login interface, that is= , you need an account with an InCommon Identity Provider to log into each of the applications. If you don't have such an account, = you can use a Google account (if you have one).
To access either the MFA Cohortium Registry or the MFA Cohortium Wiki, y= our Identity Provider (IdP) must release the eduPersonPrincipleName (ePPN) = attribute. Contact your site's help desk or technical support unit and poin= t them to a technical resource that shows them how to configure an IdP to relea= se attributes to Cohortium SPs. If you use Google to access Cohortium r= esources, the necessary attributes will be automatically provided.
Collaboration is at the very center of the R&E mission, with inter-i= nstitutional and international engagements a very common characteristic. To= make such collaborations effective both technically and from a user perspe= ctive requires three components:
CoCoA (Comanage + Conext + Applications) is a blending of two collaborat= ion management platforms, one that focuses on the entire identity life cycl= e process and the Registry that feeds identity information to applications,= and the other that focuses on the user experience. COmanage and OpenConext= are working together to provide a complete, feature-rich identity manageme= nt service and collaboration platform for VOs.
The COmanage Project, funded by the National Science Foundation and Inte= rnet2, is developing tools and resources that allow virtual organizations t= o meet their research objectives without building their own stand-alone ide= ntity management infrastructures. By leveraging external (federated) identi= ty management services and standard group and registry tools, authenticatio= n and authorization are handled in a single, efficient process that integra= tes a mix of collaboration attributes and each member's home organization a= ttributes into all of the various applications that serve a collaboration c= ommunity. It allows a collaboration to seamlessly use a variety of tools in= stead of being locked into a proprietary suite. It also allows collaborator= s to focus on what they do best =E2=80=94 advancing scholarship and researc= h in their field of expertise =E2=80=93 rather than the complexities of ide= ntity management.
OpenConext was developed by SURFnet as part of the SURFworks and GigaPor= t3 programme. It is an opensource technology stack for creating and running= collaboration platforms and creates a powerful front end for users to choo= se for themselves and their workgroups the right applications for their col= laborations. When combined with the COmanage Registry service, collaboratio= ns have a complete solution from front to back for identity management and = collaboration needs.
COmanage can be thought of as a specialized identity management system f= or supporting a Virtual Organization (VO). The needs of VO's are unique in = the identity management world, and while there is some overlap with enterpr= ise identity management, a few specialized requirements come in to play:
For organizations that want to replace an ad hoc (or largely absent) set= of identity management tools within their own cyberinfrastructure, there i= s the COmanage toolkit. The toolkit can provide a coordinated, federated ac= cess control layer to a VO=E2=80=99s wiki, list processing, audio conferenc= ing, etc. as well as potentially their specific domain applications. The CO= manage toolkit provides a rich set of critical components to a VO, includin= g: an identity registry, automatable processes for enrollment, collaboratio= n identity lifecycle maintenance, group attribute management, and provision= ing that developers can connect to the domain science applications in use b= y the VO. From an end user=E2=80=99s perspective, having the COmanage toolk= it working behind the scenes allows individuals to create personal groups a= s well as manage organizational groups that they have permissions for, and = allows the user more control over the information they might share within t= he VO.
Poorly done IdM, with its gaps, frustrations, and spills, takes more tim= e than IdM done structurally. Students enrolled in classes wait for weeks t= o get to scientific resources. Researchers long gone still have active perm= issions, creating serious security concerns. Ad hoc agency reporting requir= ements generate chaotic weeks-long multi-institutional fire. With a platfor= m like CoCoA, these pain points and many others are addressed for VOs and t= heir associated institutions.
More information is available online:
COmanage =3D http://www.internet2.edu/comanage
OpenConext =3D https://wiki.surfnetlabs.nl/display/OpenConext<=
/p>