Authentication & Authorization
Manage your users‘ digital identities and control access to your services with our ecosystem Perun.
Identity and Access Management System
As for access control, our ecosystem gives you the ability to define authorization rules, manage authorization data, and control access to your resources via user categorization and a data provisioning mechanism.
Perun is being developed as a joint effort of Perun Team and the CESNET association.
Flexibility of Use
We implement our tools as business area agnostic. Any organization, project, or even person who requires performing operations in the area of Identity Management and/or Access Control is a potential customer.
Perun is being developed in an academic environment, but this does not pose any limit to using it in the commercial sphere. The whole ecosystem is provided as an Open-Source solution, meaning anybody can review the code base, contribute to it, and use the implementation freely.
Do you have many systems playing different roles in your ecosystem? Are they hard to integrate with each other? If you find a subset of your use cases in the lists below, Perun might be the right tool to use.
- Making use of existing user digital identities (university accounts, social network accounts, local accounts)
- Managing access and authorization in a central place
- Defining and managing user digital identity lifecycle
- Identity proofing, utilization of frameworks focusing on identity assurance
- Performing authorization on a local and distributed level
- Relying on standardized solutions, especially Authentication and Authorization protocols like SAML, OpenID Connect, OAuth2
- Provisioning authorization data to downstream Relying Services or other components of your infrastructure
Examples of Collaborations
We have helped many important organizations reach their plan for managing user access to their resources. Now more than 400 smaller or bigger organizations use our system. All organizations can operate the system without the necessity of further intervention. Moreover, we help these organizations by providing them with technical support, consultations, or development support.
e-INFRA CZ is a unique research and development e-infrastructure in the Czech Republic. Perun and the tools built around it play a key role in managing user identities, categorization, authorization in a central place, as well as acting as a joint point to integrate Identity providers and services while providing a unified access experience.
The European Open Science Cloud (EOSC) is a European initiative aimed at developing an infrastructure supporting open science practices in research data management. Perun plays a critical role in the area of managing access and user identity management. It creates a single place where all participating RI user bases are managed, enabling them to create a unified experience in accessing the services.
EGI.eu is a federation of computing and storage resource providers united in the mission of delivering advanced computing and data analytics services for research and innovation. Perun is built on top of the concept of Virtual Organizations. This mechanism is heavily utilized by EGI.eu, making Perun an ideal choice. In a regular workflow, a "space" space is provided for each (virtual) organization, which is exclusive for its usage.
BBMRI-ERIC is a European research infrastructure for biobanking. It brings together all the main players from the biobanking field – researchers, biobankers, industry, and patients – to boost biomedical research. Our involvement entails building a complex AAI solution to make the life of service developers and operators easier by removing the burden of implementing authentication and authorization on their side in favour of utilizing standardized protocols in leveraging such activities on another component (the AAI).
Géant is the collaboration of European National Research and Education Networks (NRENs). Together we deliver an information ecosystem of infrastructure and services to advance research, education, and innovation on a global scale. This collaboration is one of our biggest successes. We are cooperating in several projects where GEANT delivers the complete infrastructure of Identity and Access management, while Perun is used as one of the components in this solution.
Have you decided to use our tools, or are you just interested in how we do things? Want to discuss a specific problem with us? Feel free to contact us.
Regarding documentation, we've got you covered. Our documentation provides both user and technical information to assist you in your work with Perun.
Source code of Perun is available for your viewing pleasure on GitHub. Take a look and see for yourself the behind-the-scenes work that goes into making Perun a top-notch tool.