UPDATE ......From Tuesday 8 April 2025 we have changed the way that Single Sign-on works on this wiki. Please see here for more information:
Update
...
| Info | ||
|---|---|---|
| ||
This document is available from the AARC Community web at https://aarc-community.org/guidelines/aarc-i082/ |
| Info | ||
|---|---|---|
| ||
This document also fulfils Deliverable D2.1 of the AARC TREE project |
The Trust framework for distributed proxies follows the hierarchy of the AARC BPA 2025, and defines the structure for the Policy Development Kit (PDK) version 2. However, based on the experience of the first version of the Kit, we need to clearly disambiguate between policies (that are more akin to functional requirements without specifying a particular implementation) and the processes and procedures that implement such policies. The policies in the PDK are those where explicit approval by management (at the appropriate level) is advisable. Policies should therefore be both unambiguous and clear, as well as be temporally stable. The processes and procedures implementing the policies can be more agile, adapting to changing conditions (like new adversaries in threat scenarios).
...
Snctfi will be the set of guidelines that define the trust in the proxy itself, that a proxy operator can control and assert. This means: Sirtfi, Security Operational Baseline, GEANT DPCoCov2, AAOPS, and the Notice Management guidelines. This makes Sntfi into a ‘verifiable’ set that can be ‘checked’ when a (community) looks for a provider of proxy/aai services. Most communities will not be running their own.
- AARC-I082 document (also available with reduced formatting in OfficeXML (docx), Open Document Format (odt), and markdown formats)
- Draft versions of the document (gdoc)
- Document area and images (google drive)
...