We’ve funded a range of projects to guide our roadmap for the future

Exploring the governance requirements for enabling UK DRIs to adopt MyAccessID

Aims to develop a Governance Framework for UK deployment of MyAccessID for identity federation.

The first barrier you face when using a new digital research infrastructure, like an AI Supercomputer or Digital Library, is simply being able to log in. You have to create a new account, remember new passwords, and increasingly deploy extra security (e.g. adding more multi-factor authentication codes to phone apps, or do document-based identity verification). As well as being inconvenient, this increases your cybersecurity risk, as the operators of the digital research infrastructure have to store your login details on their servers. Any breach of their servers risks losing your password, which is potentially disastrous if you have re-used this password on multiple sites.

The solution is what is called “federated identity”. This is where the facility you want to use is able to verify your identity using another login you control, e.g. your login for your employer or university. MyAccessID is an international identity federation which provides exactly this service. Using MyAccessID, a digital research infrastructure can askyour university to verify your identity every time you log in.

This project aims to develop a governance framework to support the UK deployment of MyAccessID for identity federation. Through stakeholder engagement and community development, we will identify challenges, best practices and solutions for identity federation and connection to MyAccessID. The project will deliver evidence, reference implementations and training materials to guide future adopters of MyAccessID.