In November 2014 SWITCH has carried out a Request for Information (RFI) to gain a market overview of IAM frameworks that match the requirements of the Swiss edu-ID project. A total of 11 companies have handed in one or two solution proposals. Five companies were invited in Dec '14 to personally present their proposal.
The principal findings of the RFI are:
- The building blocks access management (AM) and identity management (IdM) have to be evaluated seperately. It is advisable for the Swiss edu-ID project to first select the appropriate AM framework.
- For the AM framework the two most promising alternatives are
- Build the Swiss edu-ID on the current (SWITCHaai) Shibboleth infrastructure, and extend Shibboleth to support new AM-protocols. On this natural evolution path, it is easier to provide compatibility with SWITCHaai.
- Build the Swiss edu-ID on the commercial open-source product ForgeRock. This ia a disruptive approach with would allow to take advantage from a bunch of new funcionalities of a new product.
The details of the RFI results are documented in the following reports, which can also be found in the documents section:
- RFI procedure and results: of the Swiss edu-ID project team. This is the public version without details about the participating vendors and their products. A confidential full version is available for SWITCH community members on request.
- Swiss edu-ID with Shibboleth: a comparison of Prof. Gerhard Hassenstein of Sibboleth and commercial AM solutions
The next steps are to pilot the two alternative AM approaches (Shibboleth vs. ForgeRock) and choose one of them until summer this year. Once the AM platform has been chosen, SWITCH plans to conduct a RFP for a complete IAM solution that includes the AM and IdM building blocks.