Consortium members Login
Study on AAA Platforms For Scientific Resources in Europe
In December 2011, a consortium of four partners and a number of external experts was awarded a contract by the European Commission to carry out a study into AAA (authentication, authorisation and accounting) platforms and services for scientific resources. The study, led by TERENA, was concluded in September 2012.
The AAA Study Final Report is now available as pdf.
Aim of the AAA Study
The goal of the study was to evaluate the feasibility of delivering an integrated Authentication and Authorisation (and possibly accounting) Infrastructure (AAI) to help the emergence of a robust platform (Scientific Data Infrastructure(SDI)) for access to and preservation of scientific information.
The targeted actors in the study were the research and education communities, information service providers (data centres, libraries) and e-Infrastructure providers.
The study was organised in two parts (see picture on the righhand side):
- Collection use-cases to derive the AAI requirements;
- Evaluation of existing AAI as well as their gap analisys to identify their strengths and their challenges. The legal aspects of the different AAIs was also assessed.
The output of the study consists of a set of recommendations for the delivery of an integrated AAI to be used for SDI.
The recommendations highlight the following priorities:
- The general assumption confirmed by this study is that an AAI for SDI should be built on standard technologies, using mechanisms to translate between various authentication and authorisation technologies, and that federated access plays an important role;
- To fully benefit from federated access, more funding is needed to improve the reach of national identity federations in research an education;
- Further research is needed to enhance authorisation and accounting mechanisms;
- A common policy and trust framework for identity management is needed, as well as clarity on data protection laws – these should be coordinated at European level;
- Relevant organisations such as eIRG, REFEDS (Research and Education Federations), IGTF, the EC and consortia of libraries and data centres should all work towards these goals.
Results of the Study
The tables below summarises the list of high-priority recommendations as identified by the team.
The recommendations target different stakeholders:
- The EC for the definition of a possible directive;
- Developers to encourage them to use standard technologies to achieve interoperability;
- Member States for creating the conditions for such an infrastructure at a national level;
- Policy makers, particularly those involved in the Data Protection Directive, to create awareness of the impact of legislation on cross-boundary access management.
The involved stakeholders should act timely to address these points.
Milestones and Meetings
The study will be done in the period from January 2012 till August 2012 with the following deliverables and timetable.
|Draft Final Study Report||June 2012|
Draft AAA-Study-Report - To provide the draft final report of the study for comments.
This version of the report was circulated before the final workshop (see below).
Beside the report, the consortium has made available an additional document 'FIM and Law'.
This document covers legal issues in federated access management.
|Final Workshop||July 2012|
To present the preliminary results to the study and receive feedback during the workshop.
|Final Study Report||Sep 2012||To include the feedback received during the final workshop.|
|Technical Report||Aug 2012||To report on the use of resources in the performance of the contract.|