terena logo
11 May 2010
New TCS portal makes provisioning certificates easier and cheaper
Process for obtaining a TCS Personal Certificate with new TCS portal

Getting a personal certificate has never been easier, thanks to the TERENA Certificate Service (TCS) portal. Launched on 1 May 2010 as a pilot service, the TCS portal is a shared web-based portal that automatically issues two kinds of personal certificates to users after they’ve been authenticated by a participating AAI federation: a TCS Personal Certificate and/or a TCS e-Science Personal Certificate for Grid applications, depending on the user's needs and permissions.

Since the user's identity is delegated to the home institution, the certificates are issued by the portal with minimal delay. For many users, this will reduce the time to obtain a certificate from days or weeks to a mere 5 minutes, thus providing fast access to protected electronic resources.

The new TCS portal can issue 'unlimited' numbers of TCS Personal Certificates recognised by popular applications, and it scales well. From the user's point of view, the portal acts as a service within an AAI federation to get a personal certificate upon successful login.

The TCS portal also solves an annoying problem for the Grid world: the significant hassle in obtaining the required Grid certificate. TCS portal automates this process - it reduces the time needed for a Grid user to get an e-Science personal certificate to 5 minutes.

David Groep from Nikhef, the Dutch National Institute for Sub-atomic Physics, knows this problem all too well. He explains, “Our users [scientists and researchers] travel around and want to do their science, not mess around with certificates and be required to show up in person again and again to get a new certificate. The TCS eScience portal makes getting a certificate really straight-forward for the users.”

The TCS portal has even broader significance to the European research and education community, explains Jean-Paul Le Guigner, Director of CRU, the Universities’ Networking Committee in France. “By facilitating the delivery of certificates, we will enable more researchers to access powerful but sensitive digital resources...which will likely result in an increase in scientists’ contributions to strategic research projects.”

Benefits to NRENs

  • Portal scales in use - one portal installation can service several hundred thousand users.
  • A portal installation can be shared with a number of NRENs - a common portal service offers significant opportunities for cost reduction.
  • TCS e-Science Personal Certificates issued by the portal are accredited by IGTF (International Grid Trust Federation) via EUGridPMA, which means no extra work to ensure users have broad and credible access to Grid resources.

Benefits to university and research center staff

  • One consistent, inexpensive way to provide all staff dealing with human resource information (Managers, Human Resources department, System Administrators....) with the certificates they need to encrypt personal data.
  • Since the portal takes advantage of the institutions' existing electronic federated identity management processes and data, the provision of personal certificates is easy to integrate into existing processes.

Benefits to students, researchers, scientists

  • Speed of access to protected electronic resources reduced from weeks to a few minutes.
  • Ease of use in obtaining a certificate is dramatically simplified to a few clicks. No human intervention necessary.
  • The portal issues certificates that are recognised by the most frequently used applications so no need for separate certificates for different applications.
  • TCS e-Science Personal Certificates are usable in the global eScience Grid environment, allowing access to, for example, EGI or LHC data and computing facilities.

Collaboration bears fruit

The development of the portal is a perfect example of how the whole is greater than the sum of the individual parts. Several European organisations were involved in the development of the pilot, via a project initiated and coordinated by Jan Meijer of UNINETT (Norway) and later supported by Kevin Meynell (TERENA). UNINETT Sigma and Nordic Data Grid Facility (NDGF) funded the development of the software used to build the portal while Milan Sova (CESNET) took the lead in obtaining accreditation of the TCS eScience Personal Certificates by the EUGridPMA. Special thanks to Henrik Austad (UNINETT Sigma) and Thomas Zangerl (NDGF), who developed the portal software.

Teun Nijssen and Thijs Kinkhorst, Tilburg University (Netherlands) operate the portal, subcontracted by SURFnet (Netherlands).

Ten of the sixteen TERENA member organisations currently subscribed to the TCS Personal Certificates service are taking part in the portal project: Funet (Finland), UNINETT (Norway), SUNET (Sweden), CESNET (Czech Republic), SURFnet (Netherlands), Forskningsnettet/UNI•C (Denmark), RENATER (France), GARR (Italy), ACOnet (Austria) and BELNET (Belgium). They are funding the portal and will jointly decide on issues related to the future direction of the service after the project ends in April 2011.

Looking ahead

Now that the portal has been launched, in cooperation with participating NRENs, the focus will be on deploying the TCS Personal Certificates and TCS e-Science Personal Certificates to as many lecturers, students, researchers and staff at as many institutions across Europe. That way, more people can experience the many benefits of the new TCS (e-Science) Personal Certificate portal.

How to join

To take advantage of this new service, please contact the TCS portal project team.