| <!-- Content -->
<div class="container-fluid">
  <!-- Banner -->
  <div class="row pt-4 pr-4 pb-5" style="background: linear-gradient(#4051a3ff, white); height: 15em;">
    <img
      src="https://wiki.geant.org/download/attachments/148090083/dashboard-banner.svg"
      class="mx-auto"
      style="height: 100%; width: 100%"
    />
  </div>
  <!-- Head -->
  <div class="card-deck mb-3">
    <div class="card">
      <div class="row no-gutters">
        <div class="col-md-4 p-2" style="background-color: goldenrod;">
          <img
            src="https://wiki.geant.org/download/attachments/148090083/trophy.svg"
            class="card-img"
          />
        </div>
        <div class="col-md-8" style="background-color: #e6e6e6;">
          <div class="card-body text-center">
            <div class="card-text font-weight-bold" style="font-size: xx-large;">13</div>
            <p class="card-text"><small class="text-muted">Completed activities</small></p>
          </div>
        </div>
      </div>
    </div>
    <div class="card">
      <div class="row no-gutters">
        <div class="col-md-4" style="background-color: #c2adeb;">
          <img
            src="https://wiki.geant.org/download/attachments/148090083/gears.svg"
            class="card-img p-2"
          />
        </div>
        <div class="col-md-8" style="background-color: #e6e6e6;">
          <div class="card-body text-center">
            <div class="card-text font-weight-bold" style="font-size: xx-large;">4</div>
            <p class="card-text"><small class="text-muted">Ongoing activities</small></p>
          </div>
        </div>
      </div>
    </div>
    <div class="card">
      <div class="row no-gutters">
        <div class="col-md-4" style="background-color: lightyellow;">
          <img
            src="https://wiki.geant.org/download/attachments/148090083/idea.svg"
            class="card-img p-2"
          />
        </div>
        <div class="col-md-8" style="background-color: #e6e6e6;">
          <div class="card-body text-center">
            <div class="card-text font-weight-bold" style="font-size: xx-large;">10</div>
            <p class="card-text"><small class="text-muted">Pending ideas</small></p>
          </div>
        </div>
      </div>
    </div>
    <div class="card">
      <div class="row no-gutters">
        <div class="col-md-4" style="background-color: lightblue;">
          <img
            src="https://wiki.geant.org/download/attachments/148090083/student.svg"
            class="card-img p-2"
          />
        </div>
        <div class="col-md-8" style="background-color: #e6e6e6;">
          <div class="card-body text-center">
            <div class="card-text font-weight-bold" style="font-size: xx-large;">2</div>
            <p class="card-text"><small class="text-muted">Student projects</small></p>
          </div>
        </div>
      </div>
    </div>
    <div class="card">
      <div class="row no-gutters">
        <div class="col-md-4" style="background-color: lightsalmon;">
          <img
            src="https://wiki.geant.org/download/attachments/148090083/team.svg"
            class="card-img p-2"
          />
        </div>
        <div class="col-md-8" style="background-color: #e6e6e6;">
          <div class="card-body text-center">
            <div class="card-text font-weight-bold" style="font-size: xx-large;">13</div>
            <p class="card-text"><small class="text-muted">Active members</small></p>
          </div>
        </div>
      </div>
    </div>
  </div>
  <!-- Timeline -->
  <div class="col-9 offset-3 p-0">
    <div class="card border-0">
      <div class="row no-gutters">
        <div class="col-9 offset-1">
          <img
            src="https://wiki.geant.org/download/attachments/148090083/timeline.svg"
            class="card-img"
          />
        </div>
        <div class="col-2" style="background-color: #e6e6e6;">
          <div class="card-body text-center">
            <div class="card-text font-weight-bold" style="font-size: xx-large;">3 / 6</div>
            <p class="card-text"><small class="text-muted">Iterations</small></p>
          </div>
        </div>
      </div>
    </div>
  </div>
  <hr />
  <!-- Overview section -->
  <div class="accordion d-print-none" id="overview-panel">
    <div class="row">
      <div class="btn-group col-4" role="group">
        <button
          class="btn btn-outline-primary"
          id="tab-main-head"
          type="button"
          data-toggle="collapse"
          data-target="#tab-incubator-body"
        >
          Incubator
        </button>
        <button
          class="btn btn-outline-primary"
          id="tab-topics-head"
          type="button"
          data-toggle="collapse"
          data-target="#tab-topics-body"
        >
          Topics
        </button>
        <button
          class="btn btn-outline-primary"
          id="tab-timeline-head"
          type="button"
          data-toggle="collapse"
          data-target="#tab-timeline-body"
        >
          Timeline
        </button>
      </div>
    </div>
    <!-- Incubator tab -->
    <div class="row collapse show" id="tab-incubator-body" data-parent="#overview-panel">
      <div class="col-4">
        <div class="list-group" role="tablist">
          <a
            class="btn btn-outline-primary list-group-item list-group-item-action active"
            id="incubator-vision-head"
            data-toggle="list"
            href="#incubator-vision"
            role="tab"
            >Vision & Mission</a
          >
          <a
            class="btn btn-outline-primary list-group-item list-group-item-action"
            id="incubator-process-head"
            data-toggle="list"
            href="#incubator-process"
            role="tab"
            >Process Methodology</a
          >
          <a
            class="btn btn-outline-primary list-group-item list-group-item-action"
            id="incubator-roles-head"
            data-toggle="list"
            href="#incubator-roles"
            role="tab"
            >Community Engagement
          </a>
        </div>
      </div>
      <div class="col-8">
        <div class="tab-content" id="incubator-content">
          <div class="tab-pane fade show active" id="incubator-vision" role="tabpanel">
            <p>
              The GN4-3 WP5 T2 Trust and Identity Incubator (“T&I Incubator”) aims to develop,
              foster and mature new ideas in the Trust and Identity space in Research and Education.
              The incubator will investigate new technologies that currently have no place (yet) in
              the services ecosystem of the GÉANT project. This may include to test and experiment
              with potential new features for existing GÉANT services. In addition also business
              case development for potential new services and developments that would improve data
              protection and privacy aspects in services or software are in scope.
            </p>
            <div>
              <a
                href="https://wiki.geant.org/x/wbAuBw"
                target="_blank"
                class="btn btn-outline-primary"
                >Activity Process</a
              >
            </div>
          </div>
          <div class="tab-pane fade" id="incubator-process" role="tabpanel">
            <p>
              The T&I incubator runs four to eight incubator activities per project year in
              parallel. These incubators typically take about 6 months and employ an agile
              methodology to enable rapid development of ideas. Preferably at least two subject
              matter experts work together with support from the project team. Subject matter
              experts are recruited from within the team or, preferred, sponsored by their NRENs. In
              addition, the project team facilitates the incubator track by providing a scrum master
              and dedicated developers.
            </p>
            <div>
              <a
                href="https://wiki.geant.org/x/O4LYBw"
                target="_blank"
                class="btn btn-outline-primary"
                >Development Process</a
              >
            </div>
          </div>
          <div class="tab-pane fade" id="incubator-roles" role="tabpanel">
            <p>
              Main Incubator Board (MIB) aims to represent a broad view on Trust and Identity
              related developments in R&E. MIB members are senior subject matter experts from the
              European NREN trust and identity community. They evaluate new ideas and provide advice
              to the work package lead. They are also responsible for reviewing activities at the
              end of each incubator cycle and providing recommendations on how to proceed. The
              incubator team presents their results regularly to the the MIB's and the wider
              community. In the middle and at the end of a cycle there are two events public events,
              so called sprint demos.
            </p>
            <div>
              <a
                href="https://wiki.geant.org/x/sbAuBw"
                target="_blank"
                class="btn btn-outline-primary"
                >Selection Process</a
              >
            </div>
          </div>
        </div>
      </div>
    </div>
    <!-- Topics tab -->
    <div class="row collapse" id="tab-topics-body" data-parent="#overview-panel">
      <div class="col-4">
        <div class="list-group" role="tablist">
          <a
            class="btn btn-outline-primary list-group-item list-group-item-action active"
            id="topics-identity-head"
            data-toggle="list"
            href="#topics-identity"
            role="tab"
            >Identity and Access Management</a
          >
          <a
            class="btn btn-outline-primary list-group-item list-group-item-action"
            id="topics-standards-head"
            data-toggle="list"
            href="#topics-standards"
            role="tab"
            >Standards and Protocols</a
          >
          <a
            class="btn btn-outline-primary list-group-item list-group-item-action"
            id="topics-security-head"
            data-toggle="list"
            href="#topics-security"
            role="tab"
            >Security and Privacy</a
          >
        </div>
      </div>
      <div class="col-8 tab-content" id="topics-content">
        <div class="tab-pane fade show active" id="topics-identity" role="tabpanel">
          Identity and Access Management (IAM) is about creating and managing digital identity for
          users, which can be used to represent a person in the digital world. Using state of the
          art authentication and authorization methods ensures that only the owner can access his
          identity and only entitled can access a resource. In this area, it is all about Identity
          Providers, Identity Federation, Service Providers and Discovery Services. Your project may
          improve existing software solutions or create new applications for a global community.
        </div>
        <div class="tab-pane fade" id="topics-standards" role="tabpanel">
          Building on top of existing infrastructure and applications, Standards and Protocols is
          about creating new ways to for applications and users to communicate. This area is all
          about protocols and standards used or being developed in the global Trust and Identity
          community, like the Security Assertion Markup Language (SAML) and Open ID Connect (OIDC),
          which will be used to integrate new capabilities in an already existing large
          infrastructure.
        </div>
        <div class="tab-pane fade" id="topics-security" role="tabpanel">
          Security is an integral part of most applications and infrastructures. Ensuring data
          protection, privacy and safety by using measures like encryption and cryptography is
          nowadays mandatory. In this area, you may investigate, test and integrate new security
          features in existing Trust & Identity applications or to create new services that help
          secure our community, by working on for example multi factor authentication or HSM
          technologies.
        </div>
      </div>
    </div>
    <!-- Timeline tab -->
    <div class="row collapse" id="tab-timeline-body" data-parent="#overview-panel">
      <div class="col-4">
        <div class="list-group" role="tablist">
          <a
            class="btn btn-outline-primary list-group-item list-group-item-action active"
            id="timeline-c1-head"
            data-toggle="list"
            href="#timeline-c1"
            role="tab"
            >Cycle 1 (05 Mar 2019 - 12 Nov 2019)</a
          >
          <a
            class="btn btn-outline-primary list-group-item list-group-item-action"
            id="timeline-c2-head"
            data-toggle="list"
            href="#timeline-c2"
            role="tab"
            >Cycle 2 (15 Nov 2019 - 30 Jun 2020)</a
          >
          <a
            class="btn btn-outline-primary list-group-item list-group-item-action"
            id="timeline-c3-head"
            data-toggle="list"
            href="#timeline-c3"
            role="tab"
            >Cycle 3 (03 Jul 2020 - 09 Feb 2021)</a
          >
        </div>
      </div>
      <div class="col-8">
        <div class="tab-content" id="timeline-content">
          <div class="tab-pane fade show active" id="timeline-c1" role="tabpanel">
            <div class="row col-11">
              <a href="#idp-service" class="btn btn-outline-info col-3 m-1">IdP as a Service</a>
              <a href="#distributed-vetting" class="btn btn-outline-info col-3 m-1"
                >SFA - Distributed Vetting</a
              >
              <a href="#discovery-pilot" class="btn btn-outline-info col-3 m-1">Discovery Pilot</a>
              <a href="#shibboleth-oidc" class="btn btn-outline-info col-3 m-1"
                >Shibboleth OIDC Extension</a
              >
              <a href="#orcid" class="btn btn-outline-info col-3 m-1"
                >ORCID as IdP of last resort</a
              >
              <a href="#cryptech-hsm" class="btn btn-outline-info col-3 m-1">Cryptech HSM</a>
              <a href="#commmunity-tagging" class="btn btn-outline-info col-3 m-1"
                >Community Tagging</a
              >
            </div>
          </div>
          <div class="tab-pane fade" id="timeline-c2" role="tabpanel">
            <div class="row col-11">
              <a href="#metadata-push" class="btn btn-outline-info col-3 m-1">Metadata push MDQ</a>
              <a href="#community-trust" class="btn btn-outline-info col-3 m-1"
                >Community-Based Trust</a
              >
              <a href="#service-report" class="btn btn-outline-info col-3 m-1"
                >Service Status Reporting</a
              >
              <a href="#win-connector" class="btn btn-outline-info col-3 m-1"
                >Connector for Windows</a
              >
              <a href="#webauthn" class="btn btn-outline-info col-3 m-1">WebauthN</a>
              <a href="#feudal" class="btn btn-outline-info col-3 m-1">Instant User Provisioning</a>
              <a href="#status-reporting" class="btn btn-outline-info col-3 m-1"
                >Status Reporting & Notification</a
              >
            </div>
          </div>
          <div class="tab-pane fade" id="timeline-c3" role="tabpanel">
            <div class="row col-11">
              <a href="#status-reporting" class="btn btn-outline-info col-3 m-1"
                >Status Reporting & Notification</a
              >
              <a href="#edulnk" class="btn btn-outline-info col-3 m-1">eduLNK</a>
              <a href="#identity-broker" class="btn btn-outline-info col-3 m-1"
                >Identity Validation Broker</a
              >
              <a href="#pyff-optimization" class="btn btn-outline-info col-3 m-1"
                >pyFF Optimizations</a
              >
            </div>
          </div>
        </div>
      </div>
    </div>
  </div>
  <br />
  <hr class="d-print-none" />
  <!-- Cards -->
  <div class="card-columns" id="card-grid">
    <!-- #include-cards -->
    <!-- Community Tagging (a.k. Pixie Dust) -->
    <div class="card" id="community-tagging">
      <img
        src="https://wiki.geant.org/download/attachments/148090083/community-tagging.jpg"
        class="card-img-top"
        alt="photo"
      />
      <div class="card-body">
        <div class="tags">
          <span class="badge badge-pill badge-primary">Standards</span>
          <span class="badge badge-pill badge-success">Completed</span>
          <span
            class="badge badge-pill badge-info"
            data-toggle="tooltip"
            data-placement="top"
            title="05 Mar 2019 - 12 Nov 2019"
            >Cycle 1</span
          >
        </div>
        <h2 class="card-title">Community Tagging</h2>
        <p class="card-text">
          Research communities have a need to express and potentially share certain trust marks on
          IdPs and SPs. These trust marks may differ from existing trust marks issued by identity
          federations. This is why this activity implemented a proof of concept based on a given set
          of community requirements and investigated in potential scenarios and impacts.
        </p>
        <button
          class="btn btn-info d-print-none"
          type="button"
          data-toggle="collapse"
          data-target="#details-12"
        >
          Show Details
        </button>
        <a
          href="https://wiki.geant.org/x/Z7AuBw"
          class="btn btn-outline-primary float-right"
          target="_blank"
          >Activity page</a
        >
      </div>
      <ul class="list-group list-group-flush collapse" id="details-12">
        <li class="list-group-item">
          <h5>Results & Deliverables</h5>
          <p>The following results were created and delivered:</p>
          <ul>
            <li>
              <a
                href="https://wiki.geant.org/download/attachments/120500327/Community%20tagging%20-%20GAP%20analysis.pdf?version=1&modificationDate=1574693562199&api=v2"
                >Community Tagging GAP analysis</a
              >
            </li>
            <li>Proof of concept using Access Check Tool in conjunction with Jagger</li>
            <li>
              <a
                href="https://wiki.geant.org/download/attachments/126983709/Video1-Jagger_create_fed_and_end_cat.mp4?version=1&modificationDate=1573558150477&api=v2"
                >Video: create a federation and new entity catergory</a
              >
            </li>
            <li>
              <a
                href="https://wiki.geant.org/download/attachments/126983709/Video2-Access_Check.webm?version=1&modificationDate=1573558175315&api=v2"
                >Video: Access Check</a
              >
            </li>
            <li>
              <a
                href="https://wiki.geant.org/download/attachments/126983709/Video3-Jagger_after_Access_check.webm?version=1&modificationDate=1573558184817&api=v2"
                >Video: Jagger after Access Check</a
              >
            </li>
          </ul>
        </li>
        <li class="list-group-item">
          <h5>Ownership & Utilisation</h5>
          <p>The work has been concluded. Documentation on the prototype is available.</p>
        </li>
      </ul>
    </div>
    <!-- Community trust -->
    <div class="card" id="community-trust">
      <img
        src="https://wiki.geant.org/download/attachments/148090083/community-trust.png"
        class="card-img-top"
        alt="photo"
      />
      <div class="card-body">
        <div class="tags">
          <span class="badge badge-pill badge-primary">Identity</span>
          <span class="badge badge-pill badge-success">Completed</span>
          <span
            class="badge badge-pill badge-info"
            data-toggle="tooltip"
            data-placement="top"
            title="15 Nov 2019 - 30 Jun 2020"
            >Cycle 2</span
          >
        </div>
        <h2 class="card-title">Community-Based Trust</h2>
        <p class="card-text">
          This activity examined how identity vetting and token registration can be scaled for
          second-factor authentication scenarios where participants are distributed over EU and
          beyond. As part of this activity a specific flow - based on a community-based approach -
          was investigated. It takes into account the concept of the Web of Trust. While this
          mechanism typically does not work well in broad user groups, it is very well suited to
          distribute trust between small groups where a pre-existing trust fabric is already in
          place, as we typically have in research communities. What was missing is a means to make
          this trust network auditable and transparent. In order to make the trust network
          transparent, this activity identified and developed tools to support this flow.
        </p>
        <button
          class="btn btn-info d-print-none"
          type="button"
          data-toggle="collapse"
          data-target="#details-2"
        >
          Show Details
        </button>
        <a
          href="https://wiki.geant.org/x/RQL5Bw"
          class="btn btn-outline-primary float-right"
          target="_blank"
          >Activity page</a
        >
      </div>
      <ul class="list-group list-group-flush collapse" id="details-2">
        <li class="list-group-item">
          <h5>Results & Deliverables</h5>
          <p>The following results were created and delivered:</p>
          <ul>
            <li>
              <a href="https://wiki.geant.org/x/lxj5Bw">Community based trust architecture</a>
            </li>
            <li>
              <a
                href="https://wiki.geant.org/download/attachments/133759557/vetting%20flow%20with%20readid.pdf?api=v2"
                >Identity validation service design <small>using readID</small></a
              >
            </li>
            <li>
              <a href="https://wiki.geant.org/x/jwG7C">Fully integrated test environment</a>
            </li>
            <li>
              <a href="https://github.com/mrvanes/commtrust">Publicly available source code</a>
            </li>
          </ul>
        </li>
        <li class="list-group-item">
          <h5>Ownership & Utilisation</h5>
          <p>
            The outcome is intended to be used in the scope of
            <strong>research communities</strong>. In collaboration with the
            <strong>eduTEAMS task</strong> the results can be used to provision and improve the
            Stepup solution of the GÉANT service.
          </p>
        </li>
      </ul>
    </div>
    <!-- Cryptech HSM - Preparation phase -->
    <div class="card" id="cryptech-hsm">
      <img
        src="https://wiki.geant.org/download/attachments/148090083/cryptech.png"
        class="card-img-top"
        alt="photo"
      />
      <div class="card-body">
        <div class="tags">
          <span class="badge badge-pill badge-primary">Security</span>
          <span class="badge badge-pill badge-success">Completed</span>
          <span
            class="badge badge-pill badge-info"
            data-toggle="tooltip"
            data-placement="top"
            title="05 Mar 2019 - 12 Nov 2019"
            >Cycle 1</span
          >
        </div>
        <h2 class="card-title">Cryptech HSM</h2>
        <p class="card-text">
          In many of the T&I services in the R&E sector, there is a need to securely store sensitive
          data like key material. Currently, this is rarely done using Hardware Security Modules
          (HSM) as they are associated with high costs. The goal of this activity was to evaluate
          the capability and applicability of affordable devices from the Cryptech project for use
          cases within the GÉANT project and to set up devices for testing purposes.
        </p>
        <button
          class="btn btn-info d-print-none"
          type="button"
          data-toggle="collapse"
          data-target="#details-13"
        >
          Show Details
        </button>
        <a
          href="https://wiki.geant.org/x/brAuBw"
          class="btn btn-outline-primary float-right"
          target="_blank"
          >Activity page</a
        >
      </div>
      <ul class="list-group list-group-flush collapse" id="details-13">
        <li class="list-group-item">
          <h5>Results & Deliverables</h5>
          <p>The following results were created and delivered:</p>
          <ul>
            <li>Evaluated usage of Diamond Key appliances and capabilities</li>
            <li>
              <a
                href="https://docs.google.com/document/d/18Am5R3MypAuiZyNoEmPVhLLrvrKby3CUlUpnzIDfyZw/edit"
                >Detailed community use-cases for HSM</a
              >
            </li>
          </ul>
        </li>
        <li class="list-group-item">
          <h5>Ownership & Utilisation</h5>
          <p>
            The work could not be concluded as Diamondkey seased operations during the evaluation
            period.
          </p>
        </li>
      </ul>
    </div>
    <!-- Discovery Pilot -->
    <div class="card" id="discovery-pilot">
      <img
        src="https://wiki.geant.org/download/attachments/148090083/discovery-service.jpg"
        class="card-img-top"
        alt="photo"
      />
      <div class="card-body">
        <div class="tags">
          <span class="badge badge-pill badge-primary">Identity</span>
          <span class="badge badge-pill badge-success">Completed</span>
          <span
            class="badge badge-pill badge-info"
            data-toggle="tooltip"
            data-placement="top"
            title="05 Mar 2019 - 12 Nov 2019"
            >Cycle 1</span
          >
        </div>
        <h2 class="card-title">Discovery Pilot</h2>
        <p class="card-text">
          Discovery is used in Federated Identity Management to locate the users home organization.
          This activity evaluated the pilot discovery service ran in the previous GÉANT project and
          investigated if/how the implementation technology Seamless Access developed within the RA1
          project can be used for an implementation in eduGAIN.
        </p>
        <button
          class="btn btn-info d-print-none"
          type="button"
          data-toggle="collapse"
          data-target="#details-9"
        >
          Show Details
        </button>
        <a
          href="https://wiki.geant.org/x/0bAuBw"
          class="btn btn-outline-primary float-right"
          target="_blank"
          >Activity page</a
        >
      </div>
      <ul class="list-group list-group-flush collapse" id="details-9">
        <li class="list-group-item">
          <h5>Results & Deliverables</h5>
          <p>The following results were created and delivered:</p>
          <ul>
            <li>
              <a
                href="https://wiki.geant.org/download/attachments/120500433/eduTEAMS%20Discovery%20Service%20Feedback%20Report.pdf?version=1&modificationDate=1556205985146&api=v2"
                >DSX Dsicovery Service Feedback Report</a
              >
            </li>
            <li>Preparation of handover to eduGAIN service activity</li>
          </ul>
        </li>
        <li class="list-group-item">
          <h5>Ownership & Utilisation</h5>
          <p>
            The work has been concluded in the Incubator and was handed over to the eduGAIN service
            task for the purpose of making a production service.
          </p>
        </li>
      </ul>
    </div>
    <!-- Second Factor Authentication - Distributed Vetting -->
    <div class="card" id="distributed-vetting">
      <img
        src="https://wiki.geant.org/download/attachments/148090083/sfa.jpg"
        class="card-img-top"
        alt="photo"
      />
      <div class="card-body">
        <div class="tags">
          <span class="badge badge-pill badge-primary">Identity</span>
          <span class="badge badge-pill badge-success">Completed</span>
          <span
            class="badge badge-pill badge-info"
            data-toggle="tooltip"
            data-placement="top"
            title="05 Mar 2019 - 12 Nov 2019"
            >Cycle 1</span
          >
        </div>
        <h2 class="card-title">SFA - Distributed Vetting</h2>
        <p class="card-text">
          Several research communities, especially in the life sciences domain, have a need to use
          second factor authentication to improve the quality of their authentication. One of the
          challenges identified was how to securely vet the second factor tokens of the participants
          of a collaboration in a case where the members of the collaboration are very distributed,
          as is the case in most pan-EU research collaborations. This activity investigated,
          together with research communities, how the token registration can be scaled for scenarios
          where participants are distributed over the EU and beyond. The aim of this task was to
          identify ways this vetting can be done.
        </p>
        <button
          class="btn btn-info d-print-none"
          type="button"
          data-toggle="collapse"
          data-target="#details-7"
        >
          Show Details
        </button>
        <a
          href="https://wiki.geant.org/x/zLAuBw"
          class="btn btn-outline-primary float-right"
          target="_blank"
          >Activity page</a
        >
      </div>
      <ul class="list-group list-group-flush collapse" id="details-7">
        <li class="list-group-item">
          <h5>Results & Deliverables</h5>
          <p>The following results were created and delivered:</p>
          <ul>
            <li>
              <a
                href="https://wiki.geant.org/display/gn43wp5/Second+Factor+Authentication+-+Distributed+Vetting?preview=/120500428/133771754/DV-MFA%20Report.pdf2"
                >Final Distributed Vetting Report</a
              >
            </li>
          </ul>
        </li>
        <li class="list-group-item">
          <h5>Ownership & Utilisation</h5>
          <p>
            A final report was delivered. The activity will continue for another incubator cycle.
          </p>
        </li>
      </ul>
    </div>
    <!-- eduLNK -->
    <div class="card" id="edulnk">
      <img
        src="https://wiki.geant.org/download/attachments/148090083/edulnk.jpg"
        class="card-img-top"
        alt="photo"
      />
      <div class="card-body">
        <div class="tags">
          <span class="badge badge-pill badge-primary">Security</span>
          <span class="badge badge-pill badge-warning">Ongoing</span>
          <span
            class="badge badge-pill badge-info"
            data-toggle="tooltip"
            data-placement="top"
            title="03 Jul 2020 - 09 Feb 2021"
            >Cycle 3</span
          >
        </div>
        <h2 class="card-title">eduLNK</h2>
        <p class="card-text">
          eduLNK aims to provide software and potentially a servcie for a secure, persistent and
          privacy preserving link shortener for research and education.<br />
          Link shorteners reduce a lengthy URL on the internet to something short and snappy, and
          sometimes easy to remember. As such it is a very well used and liked functionality within
          our community. Many ‘free’ link shorteners exist, however, their free nature comes with a
          number of challenges, including serving advertisements and data mining the users behaviour
          and interests. Next to privacy concerns, many free link shorteners have a limited lifetime
          for the links they present. This is especially challenging in cases where the link
          shortener was used in, or to reference scientific articles, where the intent is to long
          term preserve the relation between the article and the references. Finally due to its
          proxy like nature, it is impossible to known where a link will actually lead. This makes
          link shorteners very ‘interesting’ tools to lure people into selecting links that lead to
          e.g. malware. eduLNK aspires to deliver a product from and for the communtiy which can be
          trusted and used securely in a privacy preseving way.
        </p>
        <button
          class="btn btn-info d-print-none"
          type="button"
          data-toggle="collapse"
          data-target="#details-15"
        >
          Show Details
        </button>
        <a
          href="https://wiki.geant.org/x/V5HTC"
          class="btn btn-outline-primary float-right"
          target="_blank"
          >Activity page</a
        >
      </div>
      <ul class="list-group list-group-flush collapse" id="details-15">
        <li class="list-group-item">
          <h5>Results & Deliverables</h5>
          <p>This activity is work in progress at the time of writing.</p>
        </li>
        <li class="list-group-item">
          <h5>Ownership & Utilisation</h5>
          <p>This activity is work in progress at the time of writing.</p>
        </li>
      </ul>
    </div>
    <!-- Instant User Provisioning and Deprovisioning -->
    <div class="card" id="feudal">
      <img
        src="https://wiki.geant.org/download/attachments/148090083/feudal.png"
        class="card-img-top"
        alt="photo"
      />
      <div class="card-body">
        <div class="tags">
          <span class="badge badge-pill badge-primary">Identity</span>
          <span class="badge badge-pill badge-success">Completed</span>
          <span
            class="badge badge-pill badge-info"
            data-toggle="tooltip"
            data-placement="top"
            title="15 Nov 2019 - 30 Jun 2020"
            >Cycle 2</span
          >
        </div>
        <h2 class="card-title">Instant User Provisioning</h2>
        <p class="card-text">
          Some systems, like non-web services, cannot be federated easily because they need user
          accounts to be provisioned before they can login. A prototype of an instant deployment
          tool called FEUDAL was developed by KIT. It facilitates provisioning of user accounts
          using virtual organisations (VO). Feudal is based on OIDC: It is an OIDC client, and it
          simply transports the information of the /userinfo endpiont along. Feudal is based on the
          concept of VOs (or authorisation Groups), i.e. the end services provide the information
          which VOs it supports. Feudal web fronted will only display services for provisioning to a
          given user based on his VO membership.
        </p>
        <button
          class="btn btn-info d-print-none"
          type="button"
          data-toggle="collapse"
          data-target="#details-6"
        >
          Show Details
        </button>
        <a
          href="https://wiki.geant.org/x/-QH5Bw"
          class="btn btn-outline-primary float-right"
          target="_blank"
          >Activity page</a
        >
      </div>
      <ul class="list-group list-group-flush collapse" id="details-6">
        <li class="list-group-item">
          <h5>Results & Deliverables</h5>
          <p>The following results were created and delivered:</p>
          <ul>
            <li>
              <a href="https://wiki.geant.org/x/-4VgBw">Architecture document</a>
            </li>
            <li><a href="https://git.scc.kit.edu/feudal">Publicly available source code</a></li>
            <li>
              <a
                href="https://git.scc.kit.edu/feudal/feudalAdapterLdf/-/blob/incubator-uros-ldap/ldf_adapter/backend/ldap.py"
                >LDAP integration POC</a
              >
            </li>
            <li>
              <a href="https://feudal.scc.kit.edu/"
                >Test environment <small>including eduTEAMS integration</small></a
              >
            </li>
            <li>
              <a href="https://wiki.geant.org/pages/viewpage.action?pageId=148078632"
                >Promoted demo videos</a
              >
            </li>
          </ul>
        </li>
        <li class="list-group-item">
          <h5>Ownership & Utilisation</h5>
          <p>
            The aim of this project was to create an easy to use, adoptable software solution to
            provision server users and provide this tool to the <strong>community</strong>. The
            solution is ready to be picked up and further developed and used by
            <strong>KIT</strong>. They plan to use this software in two
            <strong>"Helmholtz" projects HDF and HIFIS</strong> in Germany for the foreseeable
            future. Besides this, the solution was adjusted to the needs of eduTEAMS. The solution
            was provided to the <strong>eduTEAMS service task</strong> to be integrated into the
            GÉANT service.
          </p>
        </li>
      </ul>
    </div>
    <!-- Identity Validation Broker Service Business Case -->
    <div class="card" id="identity-broker">
      <img
        src="https://wiki.geant.org/download/attachments/148090083/identity-validation.jpg"
        class="card-img-top"
        alt="photo"
      />
      <div class="card-body">
        <div class="tags">
          <span class="badge badge-pill badge-primary">Identity</span>
          <span class="badge badge-pill badge-warning">Ongoing</span>
          <span
            class="badge badge-pill badge-info"
            data-toggle="tooltip"
            data-placement="top"
            title="03 Jul 2020 - 09 Feb 2021"
            >Cycle 3</span
          >
        </div>
        <h2 class="card-title">Identity Validation Broker</h2>
        <p class="card-text">
          Both research communities as well as institutions have a need for proper proof of the
          identity of their users. This ranges from cases where e.g. new students living abroad need
          to be identified as part of the boarding into an institution, to scenarios where access to
          (medical) data puts regelatory demands on the research community. Identity proofing is
          however expensive and scales very poorly, especially in cases where the users are (very)
          distributed. Multiple vendors offer digital, web based identity proofing services already,
          but these service are not very cheap, procurement of such a service is a lengthy and
          potentially expensive effort and in addition, each vendor offers its own, proprietary API.
          These factors hinder uptake and deployment of identity proofing within our community and
          also impedes switching between vendors.
          <br />
          This activity investigates, based on requirements collected from multiple stakeholders, if
          and in which way this situation may be improved.
        </p>
        <button
          class="btn btn-info d-print-none"
          type="button"
          data-toggle="collapse"
          data-target="#details-16"
        >
          Show Details
        </button>
        <a
          href="https://wiki.geant.org/x/WZHTC"
          class="btn btn-outline-primary float-right"
          target="_blank"
          >Activity page</a
        >
      </div>
      <ul class="list-group list-group-flush collapse" id="details-16">
        <li class="list-group-item">
          <h5>Results & Deliverables</h5>
          <p>This activity is work in progress at the time of writing.</p>
        </li>
        <li class="list-group-item">
          <h5>Ownership & Utilisation</h5>
          <p>This activity is work in progress at the time of writing.</p>
        </li>
      </ul>
    </div>
    <!-- IdP as a Service -->
    <div class="card" id="idp-service">
      <img
        src="https://wiki.geant.org/download/attachments/148090083/idpaas.jpg"
        class="card-img-top"
        alt="photo"
      />
      <div class="card-body">
        <div class="tags">
          <span class="badge badge-pill badge-primary">Identity</span>
          <span class="badge badge-pill badge-success">Completed</span>
          <span
            class="badge badge-pill badge-info"
            data-toggle="tooltip"
            data-placement="top"
            title="05 Mar 2019 - 12 Nov 2019"
            >Cycle 1</span
          >
        </div>
        <h2 class="card-title">IdP as a Service</h2>
        <p class="card-text">
          The former GN4-2 project developed a solution to offer an IdP as a Service solution
          (IdPaaS) for hosted IdPs. This activity aimed at investigating the business case of this
          solution and to create a reference design and implementation for an easy to use software
          solution to enable NRENS to provide an IdPaaS offering.
        </p>
        <button
          class="btn btn-info d-print-none"
          type="button"
          data-toggle="collapse"
          data-target="#details-8"
        >
          Show Details
        </button>
        <a
          href="https://wiki.geant.org/x/doSRBw"
          class="btn btn-outline-primary float-right"
          target="_blank"
          >Activity page</a
        >
      </div>
      <ul class="list-group list-group-flush collapse" id="details-8">
        <li class="list-group-item">
          <h5>Results & Deliverables</h5>
          <p>The following results were created and delivered:</p>
          <ul>
            <li><a href="#">IDPaaS Reference Implementation</a></li>
            <li>
              <a href="https://wiki.geant.org/display/gn43wp5/IdP+as+a+Service+RfC">IdPaaS RfC</a>
            </li>
            <li><a href="https://github.com/sitya/samlidp">Open-source solution</a></li>
            <li><a href="#">IdPaaS Reference Design</a></li>
            <li>
              <a
                href="https://wiki.geant.org/download/attachments/126977142/IdPaaS%20Screencast.webm?api=v2"
                >IdPaaS Screencast</a
              >
            </li>
          </ul>
        </li>
        <li class="list-group-item">
          <h5>Ownership & Utilisation</h5>
          <p>
            The work has been concluded within the incubator. samlidp.io is available as an open
            source software for the community and may be used by commercial vendors as well.
          </p>
        </li>
      </ul>
    </div>
    <!-- Metadata push -->
    <div class="card" id="metadata-push">
      <img
        src="https://wiki.geant.org/download/attachments/148090083/metadata-push.png"
        class="card-img-top"
        alt="photo"
      />
      <div class="card-body">
        <div class="tags">
          <span class="badge badge-pill badge-primary">Standards</span>
          <span class="badge badge-pill badge-success">Completed</span>
          <span
            class="badge badge-pill badge-info"
            data-toggle="tooltip"
            data-placement="top"
            title="15 Nov 2019 - 30 Jun 2020"
            >Cycle 2</span
          >
        </div>
        <h2 class="card-title">Metadata push MDQ</h2>
        <p class="card-text">
          Metadata is at the heart of the trust fabric of current R&E Identity Federations. For the
          trust to properly propagate, this metadata is first collected from and then distributed by
          the federation towards the federation members. This activity had investigated a new
          proposal called "push MDQ", which introduces a new, potentially highly scalable way of
          distributing metadata.
        </p>
        <button
          class="btn btn-info d-print-none"
          type="button"
          data-toggle="collapse"
          data-target="#details-1"
        >
          Show Details
        </button>
        <a
          href="https://wiki.geant.org/x/7AH5Bw"
          class="btn btn-outline-primary float-right"
          target="_blank"
          >Activity page</a
        >
      </div>
      <ul class="list-group list-group-flush collapse .d-print-inline-block" id="details-1">
        <li class="list-group-item">
          <h5>Results & Deliverables</h5>
          <p>The following results were created and delivered:</p>
          <ul>
            <li>
              <a href="https://github.com/mrvanes/pyFF/tree/websub"
                >Publicly available source code</a
              >
            </li>
            <li>
              <a
                href="https://wiki.geant.org/download/attachments/133759468/Using%20public%20websub%20hubs%20for%20PushMDQ.pdf?api=v2"
                >Use of public websub hubs</a
              >
            </li>
            <li>
              <a
                href="https://wiki.geant.org/download/attachments/133759468/PushMDQ%20implementation%20guidance%20for%20Federations.pdf?api=v2"
                >Implementation guidance for federations</a
              >
            </li>
          </ul>
        </li>
        <li class="list-group-item">
          <h5>Ownership & Utilisation</h5>
          <p>
            All changes made to the pyFF software were uploaded to the official software project to
            be maintained by the <strong>IdentityPython group</strong>. Furthermore, all results of
            the push MDQ analysis and the POC were transferred to the
            <strong>eduGAIN service task</strong> for further improvement of the GÉANT service.
          </p>
        </li>
      </ul>
    </div>
    <!-- ORCID as IdP of last resort -->
    <div class="card" id="orcid">
      <img
        src="https://wiki.geant.org/download/attachments/148090083/orcid.png"
        class="card-img-top"
        alt="photo"
      />
      <div class="card-body">
        <div class="tags">
          <span class="badge badge-pill badge-primary">Identity</span>
          <span class="badge badge-pill badge-success">Completed</span>
          <span
            class="badge badge-pill badge-info"
            data-toggle="tooltip"
            data-placement="top"
            title="05 Mar 2019 - 12 Nov 2019"
            >Cycle 1</span
          >
        </div>
        <h2 class="card-title">ORCID as IdP of last resort</h2>
        <p class="card-text">
          Many research collaborations as well as campus services need a solution to deal with guest
          identity, as in many cases not all users are members of the academic Identity Federations.
          As a result, several federation operators as well as research collaborations operate IdPs
          or proxies to allow users to authenticate through external identity providers like social
          ones. This has led to serious reinventing of the wheel. This pilot aimed to bring the
          widely used ORCID service into the GÉANT IDhub as Identity Provider of last resort.
          Furthermore organisational and legal aspects as well as technical improvements were
          investigated.
        </p>
        <button
          class="btn btn-info d-print-none"
          type="button"
          data-toggle="collapse"
          data-target="#details-11"
        >
          Show Details
        </button>
        <a
          href="https://wiki.geant.org/x/WbAuBw"
          class="btn btn-outline-primary float-right"
          target="_blank"
          >Activity page</a
        >
      </div>
      <ul class="list-group list-group-flush collapse" id="details-11">
        <li class="list-group-item">
          <h5>Results & Deliverables</h5>
          <p>The following results were created and delivered:</p>
          <ul>
            <li>
              <a
                href="https://docs.google.com/document/d/14WcJJd1q3m-kGrtmw_CtCZt3J7XlEszS3S2ASVFJ7Gs/edit#heading=h.y9arht7bm74"
                >Business Case Analysis</a
              >
            </li>
            <li><a href="#">Engagement with ORCID </a></li>
            <li><a href="#">Technical solution based on SaToSa software stack</a></li>
            <li>
              <a
                href="https://wiki.geant.org/download/attachments/120500313/ORCID%20Screencast.webm?api=v2"
                >ORCID Screencast</a
              >
            </li>
          </ul>
        </li>
        <li class="list-group-item">
          <h5>Ownership & Utilisation</h5>
          <p>
            The work has been concluded with the results handed over to be further developed in the
            IDhub.
          </p>
        </li>
      </ul>
    </div>
    <!-- pyFF Optimizations -->
    <div class="card" id="pyff-optimization">
      <img
        src="https://wiki.geant.org/download/attachments/148090083/pyff.jpg"
        class="card-img-top"
        alt="photo"
      />
      <div class="card-body">
        <div class="tags">
          <span class="badge badge-pill badge-primary">Standards</span>
          <span class="badge badge-pill badge-warning">Ongoing</span>
          <span
            class="badge badge-pill badge-info"
            data-toggle="tooltip"
            data-placement="top"
            title="03 Jul 2020 - 09 Feb 2021"
            >Cycle 3</span
          >
        </div>
        <h2 class="card-title">pyFF Optimizations</h2>
        <p class="card-text">
          pyFF is an open source and widely used product which is used to provide Discovery and
          Metadata Query services for identity federation. This topic investigates optimizations in
          pyFF operations, including but not limited to, performance and memory consumption. When
          processing the eduGAIN metadata, pyFF memory usage balloons to the gigabytes, hereby
          inflicting some extra cost when running on procured VM's like AWS. The startup/restart
          process speed, and service behavior while being started/restarted may also be improved. In
          particular, the service should never throw 5xx errors while in a normal startup/shutdown
          process.
          <br />The goal of this project is to optimize pyFF memory consumption and (re-)start
          behavior.
        </p>
        <button
          class="btn btn-info d-print-none"
          type="button"
          data-toggle="collapse"
          data-target="#details-17"
        >
          Show Details
        </button>
        <a
          href="https://wiki.geant.org/x/UZHTC"
          class="btn btn-outline-primary float-right"
          target="_blank"
          >Activity page</a
        >
      </div>
      <ul class="list-group list-group-flush collapse" id="details-17">
        <li class="list-group-item">
          <h5>Results & Deliverables</h5>
          <p>This activity is work in progress at the time of writing.</p>
        </li>
        <li class="list-group-item">
          <h5>Ownership & Utilisation</h5>
          <p>This activity is work in progress at the time of writing.</p>
        </li>
      </ul>
    </div>
    <span
      data-toggle="tooltip"
      data-placement="top"
      title="This activity is work in progress at the time of writing"
    ></span>
    <!-- Service report -->
    <div class="card" id="service-report">
      <img
        src="https://wiki.geant.org/download/attachments/148090083/service-report.jpg"
        class="card-img-top"
        alt="photo"
      />
      <div class="card-body">
        <div class="tags">
          <span class="badge badge-pill badge-primary">Identity</span>
          <span class="badge badge-pill badge-success">Completed</span>
          <span
            class="badge badge-pill badge-info"
            data-toggle="tooltip"
            data-placement="top"
            title="15 Nov 2019 - 30 Jun 2020"
            >Cycle 2</span
          >
        </div>
        <h2 class="card-title">Service Status Reporting</h2>
        <p class="card-text">
          The T&I activities of the GEANT project run a multitude of services ranging for eduroam
          and eduGAIN to InAcademia, eduTEAMS and various smaller helper services for eduGAIN
          without a single overview of the state of all these services. The highly distributed
          nature limits our ability to present in a consistent way the status of these services and
          it hinders us in explaining issues when something is wrong. This is relevant both for
          members of the GEANT community as well as other other stakeholders like service owners and
          funding agencies. This activity wanted to create a comprehensive, high level and user
          friendly publicly facing service dashboard for T&I services. Since many freely or
          commercially available services for measuring availability already exist this activity
          investigated and compared them to choose a suitable solution for the GÉANT project.
        </p>
        <button
          class="btn btn-info d-print-none"
          type="button"
          data-toggle="collapse"
          data-target="#details-3"
        >
          Show Details
        </button>
        <a
          href="https://wiki.geant.org/x/-wH5Bw"
          class="btn btn-outline-primary float-right"
          target="_blank"
          >Activity page</a
        >
      </div>
      <ul class="list-group list-group-flush collapse" id="details-3">
        <li class="list-group-item">
          <h5>Results & Deliverables</h5>
          <p>The following results were created and delivered:</p>
          <ul>
            <li>
              <a href="https://wiki.geant.org/x/PQOMC"
                >Requirements for a GÉANT service reporting tool</a
              >
            </li>
            <li>
              <a
                href="https://wiki.geant.org/download/attachments/133759487/Monitoring%20tool%20market%20analysis.pdf?api=v2"
                >Monitoring tool market analysis</a
              >
            </li>
            <li><a href="https://status.inacademia.org">POC based on InAcademia</a></li>
          </ul>
        </li>
        <li class="list-group-item">
          <h5>Ownership & Utilisation</h5>
          <p>
            The result of the market analysis was provided to the
            <strong>T&I service task</strong>.
          </p>
        </li>
      </ul>
    </div>
    <!-- Shibboleth OIDC Extension -->
    <div class="card" id="shibboleth-oidc">
      <img
        src="https://wiki.geant.org/download/attachments/148090083/shibboleth.png"
        class="card-img-top"
        alt="photo"
      />
      <div class="card-body">
        <div class="tags">
          <span class="badge badge-pill badge-primary">Standards</span>
          <span class="badge badge-pill badge-success">Completed</span>
          <span
            class="badge badge-pill badge-info"
            data-toggle="tooltip"
            data-placement="top"
            title="05 Mar 2019 - 12 Nov 2019"
            >Cycle 1</span
          >
        </div>
        <h2 class="card-title">Shibboleth OIDC Extension</h2>
        <p class="card-text">
          Up to now, R&E federations are predominantly relying on the SAML2 protocol. With upcoming
          needs from industry and commercial service providers the OpenID Connect (OIDC) protocol is
          increasingly moving into focus. This activitiy supported the development of an Shibboleth
          OIDC Extension to the Shibboleth IdP and was paving the way to make the extension a fully
          sustained product.
        </p>
        <button
          class="btn btn-info d-print-none"
          type="button"
          data-toggle="collapse"
          data-target="#details-10"
        >
          Show Details
        </button>
        <a
          href="https://wiki.geant.org/x/WLAuBw"
          class="btn btn-outline-primary float-right"
          target="_blank"
          >Activity page</a
        >
      </div>
      <ul class="list-group list-group-flush collapse" id="details-10">
        <li class="list-group-item">
          <h5>Results & Deliverables</h5>
          <p>The following results were created and delivered:</p>
          <ul>
            <li>
              <a href="https://github.com/CSCfi/shibboleth-idp-oidc-extension"
                >Shibboleth IdP OIDC Extension</a
              >
            </li>
          </ul>
        </li>
        <li class="list-group-item">
          <h5>Ownership & Utilisation</h5>
          <p>
            The work has been concluded and the results were handed over to the Shibboleth
            consortium. The Extension is certified by the OIDC Foundation.
          </p>
        </li>
      </ul>
    </div>
    <!-- Automated notification of issues and overall status for federations en entities -->
    <div class="card" id="status-reporting">
      <img
        src="https://wiki.geant.org/download/attachments/148090083/status-report.jpg"
        class="card-img-top"
        alt="photo"
      />
      <div class="card-body">
        <div class="tags">
          <span class="badge badge-pill badge-primary">Security</span>
          <span class="badge badge-pill badge-warning">Ongoing</span>
          <span
            class="badge badge-pill badge-info"
            data-toggle="tooltip"
            data-placement="top"
            title="15 Nov 2019 - 30 Jun 2020"
            >Cycle 2</span
          >
          <span
            class="badge badge-pill badge-info"
            data-toggle="tooltip"
            data-placement="top"
            title="03 Jul 2020 - 09 Feb 2021"
            >Cycle 3</span
          >
        </div>
        <h2 class="card-title">Status Reporting & Notification</h2>
        <p class="card-text">
          To make the global eduGAIN interfederation scalable and interoperable, it is paramount
          participants share information of their technical setup through their metadata, and adhere
          to agreed upon standards and community best practices. There are currently already several
          eduGAIN checking tools that examine the quality of an eduGAIN federation’s metadata, the
          connection status of their IdPs or the attribute release status of their IdPs. The results
          of these checks are public but only few federation operators seem to regularly consult the
          results. The eduGAIN Support team plays a pivotal role in trying to make federation
          operators and sometimes also entities aware of some of these issues, but as this is done
          manually and it is tedious work, they typically only act in case of complaints. To improve
          upon this situation, it is envisioned a tool is created which woudl allow all federation
          operators to receive a periodic aggragated information on the state of their federation
          and its entities, e.g. in the form of a comprehensive infographic. This could should also
          show how well the entity is doing in relation to its peers. At the same time it should
          provide pointers to documentation on how to actually improve.
          <br /><br />This activity is about creating such a tool by aggragating information from
          various sources and preseting this in an attractive, easy to understand way to put this
          information readily into the hands of the federation operators. This should allow them to
          easily pass it on towards the entities in their federation to help them understand and
          improve issues.
        </p>
        <button
          class="btn btn-info d-print-none"
          type="button"
          data-toggle="collapse"
          data-target="#details-14"
        >
          Show Details
        </button>
        <a
          href="https://wiki.geant.org/x/_gH5Bw"
          class="btn btn-outline-primary float-right"
          target="_blank"
          >Activity page</a
        >
      </div>
      <ul class="list-group list-group-flush collapse" id="details-14">
        <li class="list-group-item">
          <h5>Results & Deliverables</h5>
          <p>This activity is work in progress at the time of writing.</p>
        </li>
        <li class="list-group-item">
          <h5>Ownership & Utilisation</h5>
          <p>This activity is work in progress at the time of writing.</p>
        </li>
      </ul>
    </div>
    <!-- WebauthN -->
    <div class="card" id="webauthn">
      <img
        src="https://wiki.geant.org/download/attachments/148090083/webauthn.jpg"
        class="card-img-top"
        alt="photo"
      />
      <div class="card-body">
        <div class="tags">
          <span class="badge badge-pill badge-primary">Security</span>
          <span class="badge badge-pill badge-success">Completed</span>
          <span
            class="badge badge-pill badge-info"
            data-toggle="tooltip"
            data-placement="top"
            title="15 Nov 2019 - 30 Jun 2020"
            >Cycle 2</span
          >
          <span class="badge badge-pill badge-secondary"> TIM </span>
        </div>
        <h2 class="card-title">WebauthN</h2>
        <p class="card-text">
          WebAuthn (Web Authentication), part of the FIDO2 Project, is a web standard published by
          the W3C that enables strong authentication with public-key cryptography, passwordless
          authentication, and secure two-factor authentication. The standard defines a JavaScript
          API which allows token registration and subsequent authentication. This activity
          implemented this API for the open source software SimpleSAMLphp and SATOSA, which enables
          them to provide 2FA function to the benefit of the R&E community.
        </p>
        <button
          class="btn btn-info d-print-none"
          type="button"
          data-toggle="collapse"
          data-target="#details-5"
        >
          Show Details
        </button>
        <a
          href="https://wiki.geant.org/x/YQ75Bw"
          class="btn btn-outline-primary float-right"
          target="_blank"
          >Activity page</a
        >
      </div>
      <ul class="list-group list-group-flush collapse" id="details-5">
        <li class="list-group-item">
          <h5>Results & Deliverables</h5>
          <p>The following results were created and delivered:</p>
          <ul>
            <li>
              <a href="https://github.com/CESNET/satosa-module-webauthn"
                >Publicly available source code</a
              >
            </li>
          </ul>
        </li>
        <li class="list-group-item">
          <h5>Ownership & Utilisation</h5>
          <p>
            The developed modules were submitted to the upstream repositories to be officially
            maintained by the <strong>simplesamlphp groups</strong> and <strong>CESNET</strong>. The
            software was provided to the <strong>eduTEAMS service task</strong> to include it into
            the GÉANT service.
          </p>
        </li>
      </ul>
    </div>
    <!-- (De)provisioning connector for Windows -->
    <div class="card" id="win-connector">
      <img
        src="https://wiki.geant.org/download/attachments/148090083/win-connector.jpg"
        class="card-img-top"
        alt="photo"
      />
      <div class="card-body">
        <div class="tags">
          <span class="badge badge-pill badge-primary">Identity</span>
          <span class="badge badge-pill badge-success">Completed</span>
          <span
            class="badge badge-pill badge-info"
            data-toggle="tooltip"
            data-placement="top"
            title="15 Nov 2019 - 30 Jun 2020"
            >Cycle 2</span
          >
          <span class="badge badge-pill badge-secondary"> TIM </span>
        </div>
        <h2 class="card-title">(De)provisioning connector for Windows</h2>
        <p class="card-text">
          Identity provisioning and deprovisioning are a necessity for building modern
          authentication and authorization infrastructures. They are straightforward yet technically
          complicated part of identity and access management. The basic idea is to deliver identity
          and authorization information to the managed services, which is complicated by a lack of
          applicable standards in this area. Therefore, most of the Identity and access management
          solutions rely on a custom solution for provisioning. To overcome this obstacle, this
          project extends existing IAM capabilities by implementing a connector to easily provision
          data to services hosted on Windows OS based on SSH.
        </p>
        <button
          class="btn btn-info d-print-none"
          type="button"
          data-toggle="collapse"
          data-target="#details-4"
        >
          Show Details
        </button>
        <a
          href="https://wiki.geant.org/x/bA75Bw"
          class="btn btn-outline-primary float-right"
          target="_blank"
          >Activity page</a
        >
      </div>
      <ul class="list-group list-group-flush collapse" id="details-4">
        <li class="list-group-item">
          <h5>Results & Deliverables</h5>
          <p>The following results were created and delivered:</p>
          <ul>
            <li>
              <a href="https://wiki.geant.org/display/gn43wp5/Installation"
                >Windows Connector Installation Guide</a
              >
            </li>
            <li>
              <a href="https://github.com/CESNET/perun-services-windows"
                >Publicly available source code
                <small>including test automation and a windows installation package</small></a
              >
            </li>
            <li>
              <a href="https://wiki.geant.org/display/gn43wp5/Test+Environment"
                >eduTEAMS integrated test environment</a
              >
            </li>
            <li>
              <a
                href="https://wiki.geant.org/display/gn43wp5/Provisioning+of+AD+for+the+lab+on+the+university"
                >Windows Connecter Case Study</a
              >
            </li>
          </ul>
        </li>
        <li class="list-group-item">
          <h5>Ownership & Utilisation</h5>
          <p>
            The aim of this project was to create an easy to use, adoptable software solution to
            provision server users and provide this tool to the <strong>community</strong> As part
            of a case study the solution was implemented for a
            <strong>Czech University (Faculty of informatics MU)</strong> which will continue to use
            the solution afterwards. <strong>CESNET</strong> will continue to use and maintain the
            software for the foreseeable future. Besides this, the solution shall be adjusted to the
            needs of eduTEAMS. The solution will be provided to the
            <strong>eduTEAMS service task</strong> to be integrated into the GÉANT service.
          </p>
        </li>
      </ul>
    </div>
  </div>
</div>
<!-- Footer -->
<hr />
<div class="row">
  <div class="col-12">
    <small class="font-italic font-weight-light">
      Attribution: Images available at
      <a href="https://pixabay.com/">pixabay</a> and <a href="https://unsplash.com/">Unsplash</a>,
      Icons made by <a href="https://www.flaticon.com/authors/freepik" title="Freepik">Freepik</a>,
      <a href="https://www.flaticon.com/authors/good-ware" title="Good Ware">Good Ware</a>,
      <a href="https://www.flaticon.com/authors/freepik" title="Freepik">Freepik</a>,
      <a href="https://www.flaticon.com/authors/freepik" title="Freepik">Freepik</a> and
      <a href="https://www.flaticon.com/authors/becris" title="Becris">Becris</a>
      from
      <a href="https://www.flaticon.com/" title="Flaticon">www.flaticon.com</a>
    </small>
  </div>
</div>
 |