C5.125 Concept to provide EDIT Service Providers with suitable Shibboleth policy mapping tools

The general objective of the activity covers the design of a security infrastructure and the introduction of a secure Single Sign-On service (SSO) for the platform. The task to be achieved within the forth JPA concerns the integration of EDIT service providers within the Community Single Sign-On (CSSO) security infrastructure. CSSO enables the various EDIT service providers to protect their services and resources defining individual access control policies, while users can access different services using only one identity. The security infrastructure bases on the SAML v2 protocol family and provides a federation concept to realise the community aspect. This component provides a concept enabling EDIT Service Providers (SPs) to map their individual access control policies with the attributes delivered by the EDIT federation's Identity Provider (IdP) after successful user authentication.