In order for researchers to access the digital services of various research infrastructures, their identity and relationship with the research organisation must be verified. “Traditionally, identity proofing is considered reliable if a person has to visit a registration point in person, with trained personnel checking his or her passport or other identification document issued by an authority,” says Senior Application Specialist Mikael Linden of CSC.
Together with the, the ELIXIR Finnish centre, CSC, has long been developing authentication services for infrastructure. ELIXIR’s AAI service (Authentication and Authorisation Infrastructure) enables electronic user authentication and the authorisation. Access to gene data, for example, is always decided by the data owner, but the AAI will make access to data quicker.
The AAI service is effective but requires that the researcher is reliably authenticated. In general, the solution is a federated identity management, which is simple and easy to manage. A single log in and your home organisation’s user ID also provide researchers with access not only to services outside their organisation, but also to closely protected data collections. What if your home organisation cannot provide sufficiently reliable authentication?
CSC has been working together with the Sandbox of Trust project, which also involves the cybersecurity services company Nixu. The project has developed the SisuID authentication solution, the purpose of which is to create a more user-friendly alternative to passwords and strong two-factor authentication. A user uses a smartphone application to enrol their unique identity. A combination of these also enables the secure transfer of personal data between services, based on the person’s own approval.