On this page we are providing very basic use cases. Perun is highly configurable, so it is not impossible to support special use cases, like:
If you answered yes to any of the question, then Perun can help you. Example of such use case:
Project called ABC which puts together researchers from the all of the World wants to manage access to the dataset of DNA sequences. Project manager asks for creating virtual organization (VO) in Perun. He/she just provide name of the VO and who will be responsible person. Virtual organization is created within a minutes. Responsible person becomes VO manager, who can define what will be on the registration form. Potential users uses registration form to request an access to the VO. VO manager can approve or reject each user's application. When some of users are members of the VO (theirs application was approved), VO manager can organize members into the groups. Now we can setup a resource which represents the service where DNA sequences are stored. VO manager assignes selected groups to the resource which means group members have an access to the resource. Perun will publish a list of allowed users to the service in required format. Finally only allowed users can access service with DNA sequences.
If you want to provide an identity provider for your users, so they can access services within identity federations, you have to setup some identity management system. The identity management system then stores data in the database or in the LDAP, so identity provider can access that data and provide it to the service providers.
If you do not have resources (human or HW) to setup such system, you can use Perun. Simply ask for creation of virtual organization, create registration form, invite users and let them fill the registration form with required information. Perun provides LDAP interface and also build in identity provider. So only negotiation with service providers or identity federation operator is only thing you have to take care of, the rest will do Perun.
If you would like to have and certificate authority (CA), you have to register applicants for the digital certificates and store several required information about them. You can setup virtual organization in Perun, create group of people who will be register authorities (RA) and have right to approve user's application to such virtual organization. These information than can be pushed to the software which signs certificates requests.
Similarly as in first use case, we will setup a VO, then we setup resources for wiki, mailing list, ... Providers of wiki services, mailing list service or machines accessible through SSH will create an entries in Perun and set basic configuration options, such as which wiki will be managed, where the mailing list management software is located, where we want to create user's home directories, ... VO manager can setup other options, like what kind of language will be preferred for the mailing list, which groups will have a right to access which part of the wiki, etc.
If your users have several digital identities (institutional account, Google account, Facebook account, digital certificate, eduroam account, ...) and usually every new service presents new digital identity (login/password), so it is very hard for the user to manage such identities. User can register all his/her main identities in Perun (user registers only the login/DN, NOT the passwords/private keys). Perun than can publish corresponding user's identity to the end services, so the services won't need another new identity from the users.