...
focus on the integration aspects of the blueprint architecture
provide recommendations and guidelines for implementers, service providers and infrastructure operators on implementing scalable and interoperable AAIs across e-infrastructures and scientific communities
work in close collaboration with the policy, pilots, and the training and outreach activities of AARC2
work on the evolution of the blueprint architecture, with a focus on identity provider / service provider (IdP/SP) proxies, scalable authorisation solutions for multi-service provider environments and other solutions for integrating with R&E federations and cross-sector AAIs
Documents
| ID | Title | Summary | Links |
|---|---|---|---|
| AARC-JRA1.4A | Guidelines on expressing group membership and role information | PDF (Open for feedback) | |
| AARC-JRA1.4B | Guidelines on attribute aggregation | PDF (Open for feedback) | |
| AARC-JRA1.4C | Guidelines on token translation services | ||
| AARC-JRA1.4D | Guidelines on credential delegation | ||
AARC-JRA1.4E | Best practices for managing authorisation | ||
| AARC-JRA1.4F | Guidelines on non-browser access | ||
| AARC-JRA1.4G | Guidelines for implementing SAML authentication proxies for social media identity providers | ||
| AARC-JRA1.4H | Account linking and LoA elevation use cases and common practices for international research collaboration | ||
| AARC-JRA1.4I | Best practices and recommendations for attribute translation from federated authentication to X.509 credentials | ||
| AARC2-JRA1.1A | Guidelines for interoperable exchange of user and community information between AAIs | ||
| AARC2-JRA1.1B | Guidelines for the discovery of authoritative attribute providers across different operational domains | ||
| AARC2-JRA1.1C | Guidelines for handling user registration and user consent for releasing attributes across different operational domains | ||
| AARC2-JRA1.1D | Guidelines for federated access to non-web services across different operational domains | ||
| AARC2-JRA1.2A | Guidelines for scalable and consistent authorisation across multi-SP environments | ||
| AARC2-JRA1.2B | Requirements and guidelines for SPs using alternative mechanisms and protocols for federated access | ||
| AARC2-JRA1.2C | Step-up authentication requirements and guidelines for SPs | ||
| AARC2-JRA1.3A | Guidelines for account linking & LoA elevation in cross-sector AAIs | Wiki | |
| AARC2-JRA1.3B | Guidelines for registering OIDC Relying Parties in AAIs for international research collaboration | Wiki | |
| AARC2-JRA1.3C | Guidelines for AAI interoperability with non-R&E Identity Providers in support of international research collaboration | ||
| AARC2-JRA1.3D | Guidelines for AAI interoperability with eIDAS Identity Providers in support of international research collaboration | ||
| AARC2-JRA1.3E | AAI tools & technologies enabling OIDC for international research collaboration | ||
| AARC2-JRA1.4A | Roles, responsibilities and security considerations for VOs | ||
| AARC2-JRA1.4B | Guidelines for combining group membership and role information in multi-AA environments | ||
| AARC2-JRA1.4C | Guidelines for scalable account (de)provisioning of VO members | ||
| AARC2-JRA1.4D | Guidelines for implementing, operating and using VO platforms |
...