The initial goal is the provision of pan-European Web Single Sign-On (SSO) to both GÉANT services and to those developed by other communities represented by, or associated with GÉANT Partners. This means that users will only have a single login to remember. This single login grants access to services offered by any participating federation.
Web SSO is a common application of federated identity management, and can provide the following benefits:
- It enables an authorised end-user to access a protected resource operated by a service provider, using credentials provided by his Institution, without disclosing the user’s credentials to the service provider. This improves both the security and the end-user experience by reducing the number of credentials that must be managed, and removes the requirement for the service provider to manage the end-user’s identity and credentials.
- It is only necessary for the end-user to submit these credentials once to enable access to all service providers associated with the federation (subject to authorisation). This improves the end-user's experience by providing a “single sign-on” experience.
- Federated identity provides mechanisms that facilitate the controlled release and secure transport of personally identifiable information. This reduces the burden associated with complying with data protection legislation.