65 research outputs found

    Implementers Guide to the WISE Baseline Acceptable Use Policy

    Get PDF
    Applying the Baseline AUP to concrete use cases may appear straightforward, but there are many edge cases and specific circumstances where it is not entirely obvious how to both achieve the aim of user-friendliness as well as be complete and practical. In this write-up, we try to give hints how to use the WISE Baseline AUP in practice in both community-first as well as ‘user-first’ membership management services

    Inferring and constructing origin-affiliation information across infrastructures (AARC G057)

    Get PDF
    Conveying affiliation information from origin providers across infrastructures proxies as defined in G025 is only possible if the origin identity provider releases such information. In case no eduPersonScopedAffiliation is provided, it may be partially reconstructed according to these guidelines. If there is no reliable way to infer origi

    Guidelines for Secure Operation of Attribute Authorities and other issuers of access-granting statements

    Get PDF
    These guidelines describe the minimum requirements and recommendations for the secure operation of Attribute Authorities and similar services providing statements for the purpose of obtaining access to infrastructure services. Stated compliance with these guidelines may help to establish trust between issuers and Relying Parties. This document does not define an accreditation process

    Guidelines for Secure Operation of Attribute Authorities and issuers of statements for entities (G071)

    Get PDF
    These guidelines describe the minimum requirements and recommendations for the secure operation of attribute authorities and similar services that make statements about an entity based on well-defined attributes. Adherence to these guidelines may help to establish trust between communities, operators of attribute authorities and issuers, and Relying Parties, infrastructures, and service providers. This document does not define an accreditation process

    AARC Blueprint Architecture 2019

    Get PDF
    The AARC Blueprint Architecture (BPA) provides a set of building blocks for software architects and technical decision makers who are designing and implementing access management solutions for international research collaborations. This document describes the evolution of the AARC Blueprint Architecture, starting with a summary of the changes since AARC-BPA-2017. The current iteration of the BPA focuses on the interoperability aspects, to address an increasing number of use cases from research communities requiring access to federated resources offered by different research and e-Infrastructures. Hence the introduction of the Community AAI, which streamlines researchers’ access to services. These typically include services offered to members of a specific community, as well as infrastructure services that may be shared with other communities. Users can authenticate to the Community AAI primarily via institutional credentials from national identity federations in eduGAIN, but, if permitted by the community, can also use other Identity Providers

    EOSC Authentication and Authorization Infrastructure (AAI) : Report from the EOSC Executive Board Working Group (WG) Architecture AAI Task Force (TF)

    Get PDF
    The EOSC Architecture Working Group has assigned the AAI Task Force (AAI TF) the task to establish a common global ecosystem for identity and access control infrastructures for the European Open Science Cloud (EOSC). Since the EOSC is part of an international environment of research and education, the principles established by the EOSC AAI subtask must be globally viable. The EOSC AAI TF has produced a set of deliverables: - EOSC AAI First Principles & Requirements - EOSC AAI Baseline Architecture - EOSC AAI Federation participation guidelines (participation policy and technical framework) - EOSC AAI Best Practise

    Scalable Negotiator for a Community Trust Framework in Federated Infrastructures (Snctfi)

    Get PDF
    This paper identifies operational and policy requirements to help establish trust between an Infrastructure and identity providers either in an R&E Federation or in another Infrastructure, in each case joined via a Service Provider to Identity Provider proxy

    Federated Identity Management for Research Collaborations

    Get PDF
    This white-paper expresses common requirements of Research Communities seeking to leverage Identity Federation for Authentication and Authorisation. Recommendations are made to Stakeholders to guide the future evolution of Federated Identity Management in a direction that better satisfies research use cases. The authors represent research communities, Research Services, Infrastructures, Identity Federations and Interfederations, with a joint motivation to ease collaboration for distributed researchers. The content has been edited collaboratively by the Federated Identity Management for Research (FIM4R) Community, with input sought at conferences and meetings in Europe, Asia and North America
    corecore