The GN4-2 project developed a solution to offer an IdP as a Service solution for hosted IdPs. This incubator investigates the business case of this solution to investigate how this solution could be made into a sustainable service offering.
When the incubator is finished, a business model for the provisioning of the GEANT IdPaaS platform will be made available, defined in its fundamental parts. The business model will define for the IdPaaS platform the following key points:

1. Added value of the IdPaaS platform with respect to the current provisioninig model for Identity providers in eduGAIN / GEANT community
2. What will be the provided product: Deployment model and service provisioning scenario, after identification of the service target users
3. Key benefits for : a) End Users b) Individual Home Institutions IdP managers c) Federation operators
4. Product Service deployment requirements and service lifecycle management
5. Raugh estimate of the costs to provide the service

In addition to the business model, the Incubator IdPaaS task will work to consolidate the current provided GN4-2 platform, with the aim to:

1. Add a set of minimal required functionality to make the product consistent and attractive for target users, like:
   1. Add to the current "spawn new IdP" functionality also the "IdP management/Configuration updates" functionality.
   2. Make the platform to be an eduGAIN Service Provider accessible via federated credentials.
   3. Add the necessary hooks to onboard Home Organization IdP admins ( without federated credentials available initially).
2. Consolidate the product in terms of robustness, testing, stress testing and scalability.
3. Package the product to ease the deployment.
4. Integrate the platform with the required additional services to support a reasonable and concrete deployment scenario.
5. Document the service for
   1. End Users
   2. Service Providers
   3. Service Maintainers

Also, given the option to adopt a full fledged developed solution made available by the SAMLIDP.IO company, this task will assess the possibility to endorse this platform, further developing it where/if needed, and bless it as the provided solution as an alternative to the GN4-2 Campus IdP platform.

• Develop an initial (crude but working) demo of the service
• Define target audience and collect target audience
• Collect requirements from target audience
• Provide all basic required functionality
• Gather initial feedback from potential users
• Pave the way towards PLM cycles if required
• Contribute to validating associated cost model

GN4-2 Platform (P1):

• Demo of platform created in GN42: https://wiki.geant.org/download/attachments/57639953/CampusIDP%20Platform%20DEMO%20%28FULL%20Short%20Version%29.mp4?version=1&modificationDate=1545034146574&api=v2

Node.js general introduction / tutorials material ( APIs)

• General short intro tutorial on node.js https://codeburst.io/the-only-nodejs-introduction-youll-ever-need-d969a47ef219
• Short intro on node.js https://www.w3schools.com/nodejs/nodejs_intro.asp

Intro video https://www.bing.com/videos/search?q=node.js+introduction&docid=608046180896409050&mid=715B13197C185AD899FE715B13197C185AD899FE&view=detail

SAMLIdP.io Platform (P2):

• http://bit.ly/samlidpio-arch
  
  

Technologies P1 : Ansible, JavaScript, Node.js, React, Python

Technologies P2: Simphony, SimpleSAMLphp

P1 Architecture Overview Document: https://docs.google.com/document/d/1ho3WClfRVJ5sjUDqskmjBDSKpvPPoL6vlUXfcHGXKRA/edit#

P2 Architecture Overview Document: http://bit.ly/samlidpio-arch (including further developments)

New required/desirable features for the Campus IdP platform: https://goo.gl/GH7J2D

The business cases is based on an initial survey for NRENs on (cloud) IdP solutions conducted in GN4-2 (IdP_NREN_Survey.pdf).

• Compliance to the GEANT CoCo GDPR related Entity Category should ensure compliance to EU Regulation on Data Protection ( EU GDPR) for the operators of this product.
• The product by itself should implement commonly agreed technical solutions to ensure security, privacy and data protection.

This activity is successfully finished when:

• Minimal viable product definition for the IdP as a service offering is created
• The MVP has been discussed and validated with the community
• An analysis is made and reported around the business case for delivering a solution for IdP as a Service
• A working prototype is made available for installation by an NREN

The aim of the incubator is to come up with a deploy-able solution for NRENs
The software product(s) may be further developed with a community of NRENs using the product, potentially with support of the GEANT project