Within the framework of the GAIA-X project initiated by Germany and France to create a European data infrastructure, DENIC is actively involved in shaping the requirements and the design of a federated digital identity solution.
On the occasion of the virtual expert forum "GAIA-X: A Franco-German Pitch towards a Federated EuropeanData Infrastructure" on 4 June, 2020, the Ministers of Economic Affairs of Germany, Peter Altmaier, and of France, Bruno Le Maire, presented the results of the technical implementation phase (Workstream 2) of the pan-European data infrastructure project GAIA-X that have been achieved so far, and which are compiled in a series of publications. As a contributor to the so-called "Technical Architecture Paper" and co-author of the "Executive White Paper", DENIC, represented by its Head of Software Engineering Marcos Sanz Grossón, was actively involved in the elaboration of the key technical documents.
Currently, DENIC is sharing its technical expertise in the weekly working meetings of GAIA-X Working Group 1 - "Software & Architecture", Sub-Working Group 1.1 - "Identity and Access Management", where it is actively involved in shaping the requirements and the design of a federated digital identity solution at the European level. At these meetings, DENIC presented ID4me, its domain-based digital identity solution developed together with a consortium of dedicated project partners and which builds upon the open-source federated ID4me standard and OpenID Connect. In a collaborative approach with its GAIA-X working group peers, DENIC is also investigating which further standards exist in this area and might be suitable for the goals pursued within the scope of the European Data Infrastructure. This is the foundation on which the necessary reference architecture and the basic technical functionalities for a trust concept embracing the secure and reliable authentication of providers, nodes, services and consumers/users will be technically defined.
DENIC's participation in the GAIA-X project fits seamlessly into its long-standing commitment to help shape the open, free and secure Internet and at the same time provides the opportunity to position its open and federated electronic authentication procedure ID4me, developed in 2019, with key players. As soon as the development of the GAIA-X infrastructure has reached the necessary technical maturity level, DENIC aims to operate one of its services as a prototype on the cloud platform of one of the participating European providers.
Moreover, DENIC will possibly consider expanding its involvement into the areas of "Service Registration" and "Publication in Catalogue", which are planned in a future expansion stage of GAIA-X. These concepts are to allow GAIA-X accredited providers to register services in a comprehensive, federated GAIA-X catalogue. During the registration process, these services will be allocated a fixed ID number by the system which will be assigned to the provider. Then, the registered service will be published in the federated GAIA-X catalogue, where it will become publicly available via an inherent search algorithm. As the central registry for .de – one of the largest name spaces in the Internet worldwide – DENIC could contribute its knowledge and experience, gathered in more than 20 years of operating its large, highly scalable and available, distributed (DNS) database, in order to address the requirements of GAIA-X by means of the proven Domain Name System (DNS) technology.
During a two-day hackathon that took place in February 2020 at the site of DE-CIX, the world's largest Internet exchange, DENIC's ID4me developer team, together with other representatives of the technical Internet community, had already worked out a first concept for a potential Identity Access Management (IAM) solution for the European cloud network. Like DENIC's federated single-sign-on solution ID4me, this concept was also based on the open-source standards OpenID Connect 1.0 and OAUTH2 and was thus in line with the principles of openness and transparency of GAIA-X, which involve the use of open source products. Thanks to its knowledge about and experience with ID4me, the DENIC team was able to make a decisive contribution to the results of the IAM Group at this stage already. The initiators and participants of the hackathon are now consistently continuing their work in the "Software & Architecture" working group and its sub-working groups, where DENIC continues to play a key role in the context of the development of Identity Access Management.
Within the framework of the GAIA-X project, the foundations for building a networked, open and legally compliant data infrastructure based on European values are developed. Connecting decentralised infrastructure services to turn them into a homogeneous, user-friendly system will bring about a data infrastructure that strengthens the ability to access and share data securely and confidently.
GAIA-X identifies the minimum technical requirements and services that are necessary to operate the federated GAIA-X ecosystem. Meanwhile, more than 300 organisations and representatives from politics, business and science from seven European countries are involved in developing software, standards and an organisational framework for shaping the next-generation data infrastructure for Europe.
Starting from 2021, users of cloud services from areas including ‘Industry 4.0/SME’, ‘Smart Living’, ‘Finance’, ‘Health’, ‘Public Sector’, ‘Mobility’, ‘Agriculture’ and ‘Energy’ are expected to be able to make use of scalable services by GAIA-X-certified data center providers, cloud solutions, high performance computing (HPC) as well as sector-specific cloud and edge systems, via federated services.
In order to meet highest security requirements and ensure privacy protection, the concept of these services will be in line with the principles of Security by Design and Privacy by Design.
The focus of the technical implementation that is currently taking place in Workstream 2 is on the following areas:
- he implementation of a secure federated identity management and the creation of trust mechanisms (security and privacy by design);
- the development of sovereign data services that ensure the identity of source and receiver of data and also protect the access and usage rights to the data;
- the provision of user-friendly access to available providers, nodes and services. The necessary information will be provided through the federated catalogue;
- the integration of existing standards to ensure interoperability and portability across infrastructure, applications and data;
- the establishment of compliance rules along with certification and accreditation services;
- the provision of open source software and standards that support providers in delivering migration to a secure, federated and interoperable infrastructure.
With Germany taking over the EU Council Presidency for the second half of 2020 from 1 July, the progress of the GAIA-X project is to be given even more importance.