Versions Compared

Old Version 7

changes.mady.by.user Marcus Hardt

Saved on

compared with

New Version 8

changes.mady.by.user Christos Kanellopoulos (grnet)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

2.1 (From: DJRA1.1 Section  5.1) Architectural and Technical Requirements:

IDRequirementDescriptionTypeSource
R1

User and Service Provider friendliness  

The Federated AAI framework should provide simple and intuitive tools that are able  to address the needs of users with different levels of ICT literacy and enable more  Service Providers (commercial and non-­commercial) to connect.

...

Usability

...

FIM4R, EGI, AARC Survey, GN4 Cloud

...

Activity
R2

...

Homeless users

...

The Federated AAI framework should support users without a federated institutional  IdP, such as citizen scientists and researchers without formal association to research  laboratories or universities

...

...

Functional

...

...

FIM4R, TERENAa AAA, GN4-­1 SA5 VOPaaS

...

R3

...

Different

...

levels of

...

assuranceDescription Credentials issued under different policies and procedures should include the  provenance of the level under which they were issued  

...

Functional

...

...

FIM4R, ELIXIR, EUDAT, EGI, AARC Survey, GN4-­1 SA5 VOPaaS, GN3plus and  GN4-­1 SA5 Enabling

...

Users 
R4

...

Community-

...

based authorisation

...

The Federated AAI framework should enable communities to manage the assignment

...

 of attributes to their members for authorisation purposes  

...

Functional

...

...

FIM4R, EUDAT, GN4-­1 SA5 VOPaaS

...

R5

...

Flexible and scalable attribute release policies  

Flexible negotiation mechanisms are required to govern the release of identity  attributes  

...

Functional

...

...

FIM4R, EGI, AARC Survey

...

R6

...

Attribute aggregation / Account linking

...

The Federated AAI framework should support the aggregation of identity attributes  originating from different sources of authority, including federated IdPs and  community-­based attribute authorities  

...

Functional

...

...

FIM4R, TERENA AAA, EUDAT, EGI, GN4-­1 SA5 VOPaaS

...

R7

...

Federation solutions based on open and standards-­based technologies

...

Open and standards-­based AAI technologies should be used by the different  communities to allow for interoperability by means of suitable translation services  

...

Implementation

...

...

FIM4R, TERENA AAA, EGI

...

R8

...

Persistent user identifiers

...

The Federated AAI framework should reference the digital identities of users through  long-­lasting identifiers  

...

Design

...

...

TERENA AAA, AARC survey, EGI, ELIXIR, GN4-­1 SA5 VOPaaS

...

R9

...

Unique user

...

identities 

Each user should have a single digital identity to allow SPs to uniquely identify their users  

...

Design

...

...

AARC survey, EGI, ELIXIR, GN4-­1 Cloud

...

Activity 
R10

...

User-­managed identity information Source

...

A user should be able to self-­manage some of their attributes, e.g., through a web-­ based UI. Depending on the attribute type, update restrictions should be imposed.  

...

Usability

...

...

ELIXIR

...

R11

...

Up-­to-­date identity information

...

The up-­to-­dateness of identity attributes should be guaranteed  through an on-­demand and/or recurring verification process

...

...

Reliability

...

...

ELIXIR

...

R12User groups and roles

...

The Federated AAI framework should support the assignment of groups to users, as  well as the assignment of roles to users within their groups  

...

Functional

...

...

ELIXIR, GN4-­1 SA5 VOPaaS

...

R13

...

Step-

...

up authentication

...

The Federated AAI framework should provide an additional factor or procedure that  validates a user’s identity for high-­risk transactions or according to policy rules

...

...

Functional

...

...

ELIXIR

...

R14

...

Browser & non-­browser based federated access

...

The Federated AAI framework should provide federated access to both web-­based  and non-­web-­based services/applications

...

...

Functional

...

...

FIM4R, TERENA AAA, EGI, ELIXIR, GN3plus and GN4-­1 SA5 Enabling Users

...

R15

...

Delegation

...

sourceThe Federated AAI framework should provide the capability for the users to delegate  third parties, mostly computational tasks or services, to act on their behalf. This allows  users to run thousands of actions in parallel without the need for interactive access,  for example to save output data

...

...

Functional

...

...

FIM4R, ELIXIR, EGI, AARC Survey

...

R16

...

Social media identities

...

The Federated AAI framework should support common social media providers, such  as Google and LinkedIn, but also the researcher ID providers, such as ORCID, to act  as authentication providers and/or attribute authorities

...

...

Interface

...

...

TERENA AAA, AARC survey, ELIXIR

...

R17

...

 Integration with e-­Government infrastructures

...

The Federated AAI framework should support broader cross-­domain collaboration  including e-­Government infrastructures

...

...

Interface

...

...

AARC survey, ELIXIR

...

R18

...

Effective accounting

...

The Federated AAI framework should support effective accounting across distributed,  heterogeneous data infrastructures

...

...

Functional

...

...

TERENA AAA, ELIXIR

...

2.2. (From: DJRA1.1 Section 5.2) Policies and Best Practises  

R_P_1  Policy harmonisation  

...