terena logo
27 April 2011
New TCS Portal Service: a scalable, centralised solution for personal certificates
Workflow of the new TCS Portal Service

The new TERENA Certificate Service (TCS) Portal Service provides national research and education networking organisations (NRENs) a simple, inexpensive, scalable solution for issuing regular TCS personal certificates and TCS e-science personal certificates for Grid users in their communities. Launched on 1 May 2011 as a production service, the TCS Portal Service is being offered for a fixed fee to any NREN subscribed to the TCS personal certificate service with access to an identity federation.

The TCS Portal Service uses a shared portal to automatically issue TCS personal certificates and TCS e-science personal certificates for Grid users after authentication has been undertaken by an identity provider (usually part of an identity federation). This method of identity validation scales well to large volumes of users since the verification of users' identities is delegated to their home institutions and only needs to be undertaken once. By sharing a centralised, web-based portal, participating NRENs will take advantage of economies of scale in portal hosting and operational costs - the need and the associated cost for an individual NREN to host and maintain their own portal is eliminated.

Participating NRENs currently subscribed to the TCS Portal Service include ACOnet (Austria), Belnet (Belgium), CSC/Funet (Finland), RENATER (France), GARR (Italy), SURFnet (Netherlands), UNINETT (Norway) and SUNET (Sweden). The new service will run initially until 1 July 2012, which is when the TCS contract with Comodo, the current provider of certificates, expires.

Background

TERENA has subcontracted Tilburg University (the Netherlands) to host and operate the portal and Austad IT (Norway) to maintain the Confusa software run by the portal. Tilburg University will provide two portals, one for the issuance of TCS e-science personal certificates and one for the issuance of TCS personal certificates, each running on two virtual machines.

The service was developed in a project coordinated by Jan Meijer of UNINETT (Norway), supported by Kevin Meynell (TERENA Secretariat) and funded by a number of NRENs, during which the feasibility of the portal concept was tested and proven, including a year-long pilot phase.

Further information

TCS personal portal

TCS e-science portal

TCS website