At times, the AARC policy and best practice team is asked to provide specific recommendations, e.g. in the context of an SA1 Pilot. On this page, we develop such recommendations, but what you see here are drafts. Unless indicated otherwise, these recommendations have no formal status just yet. Once finalised, they will be published as either an AARC Guidelines document or through community publishing channels.
Presented to AEGIS
The following frameworks and recommendations have been presented to the community by way of AEGIS for either information or endorsement:
Policy Development Kit
The Policy Development Kit (PDK) provides new or evolving Research Communities and Infrastructures with the guidance they need to develop a complete policy suite supporting Federated Identity Management. This should be done with input from the wider community, through FIM4R, WISE and relevant bodies. Evolution of the PDK is interactively managed at the Policy Development Kit wiki.
AARC-I044 Implementers Guide to the WISE Baseline Acceptable Use Policy
Applying the Baseline AUP to concrete use cases may appear straightforward, but there are many edge cases and specific circumstances where it is not entirely obvious how to both achieve the aim of user-friendliness as well as be complete and practical. In this write-up, we try to give hints how to use the WISE Baseline AUP in practice in both community-first as well as ‘user-first’ membership management services.
AARC-G042 Data Protection Impact Assessment – an initial guide for communities
This report presents the results of the desk study on the evaluation of risks to (personal) data protection as considered in the European General Data Protection Regulation (GDPR), for Infrastructures and their service providers that leverage federated identity management (FIM) to connect research and collaboration users.
AARC-G041 Expression of REFEDS RAF assurance components for identities derived from social media accounts
Infrastructure Proxies may convey assurance information derived from multiple sources, one of which may be ‘social identity’ sources. This guidance explains under which conditions combination of assurance information and augmentation of identity data within the Infrastructure Proxy should result in assertion of the REFEDS Assurance Framework components “unique identifier”, and when it may be appropriate to assert the “identity proofing” component value low.
AARC-G040 Proxy Policy Recommendations: application to the LS AAI
The AARC Pilot covering the Life Sciences AAI Infrastructure Proxy, developed in joint collaboration with EGI, EUDAT and GÉANT, is a multi-staged pilot that will result in a production-equivalent service to be operated for the Life Sciences community by the joint e-Infrastructures. As the pilot enters its second phase, a practical policy related issue is that the LS AAI has to declare R&S and CoCo. In this document, NA3 aims to provide preliminary guidance for the operators of the pilot.
AARC-G021 Exchange of specific assurance information between Infrastructures
Infrastructures and generic e-Infrastructures compose an ‘effective’ assurance profile derived from several sources, yet it is desirable to exchange the resulting assurance assertion obtained between Infrastructures so that it need not be re-computed by a recipient Infrastructure or Infrastructure service provider. This document describes the assurance profiles recommended to be used by the Infrastructure AAI Proxies between infrastructures.
Pending presentation
AARC-G048 Guidelines for Secure Operation of Attribute Authorities and other issuers of access statements
These guidelines describe the minimum requirements and recommendations for the secure operation of Attribute Authorities and similar services providing statements for the purpose of obtaining access to infrastructure services. Stated compliance with these guidelines may help to establish trust between issuers and Relying Parties.