Versions Compared

Old Version 111

changes.mady.by.user David Groep

Saved on

compared with

New Version 112

changes.mady.by.user David Groep

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The Policy Development Kit (PDK) version 2 identifies five main target audiences, functionally following the AARC BPA 2025 hierarchy and identifying (1) ‘Research

  1. 'Research governance’ as a foundational area.

...

  2. ‘Users’ are (human) end-users who participate in a collaboration, are identified via

...

  2. ‘identity’, i.e. external identity providers and the identity layer of the BPA, to be granted access by

...

  2. ‘collaboration management’, to

...

  2. ‘infrastructure integration and service providers’; in the BPA the infrastructure integration components, site-local integration components, and the actual service providers.

Policies in PDK version 2 are standards to which adherence can be asserted and that can be assessed and validated – for example as trust marks – and that are endorsed by AEGIS and considered ‘standards track’. Policies also are endorsed by the organisation at the appropriate level of management, and express a commitment of adherence by the organisation’s management. These are indicated in a roman font in the graphic below.

...

The processes and procedures, being templates, are reference implementations where we assume these to be specialised for specific deployments. In the diagram these are indicated in italics.

...

The semi-opaque elements are relevant, but fall outside of the scope of the PDK, which targets the authentication and authorisation infrastructure. But even if, for example. identifying the 'why and what' of your research collaboration (your 'primary assets') may not be AAI per-se (and hence greyed-out), it is very useful to know that before embarking on your AAI journey!


Scroll ImageMap
viewSize800.0
makeResponsivetrue
imgWidth1410.0
imgFilenameP3DK-arrowed-authNSources.drawio.png
areasData{"areas":[{"shapeType":"rect","coords":"713,198,130,60","title":"WISE Baseline AUP guidance","pageRefIndex":0,"linkTarget":"_blank"},{"shapeType":"rect","coords":"1075,200,132,62","title":"WISE Baseline AUP guidance","pageRefIndex":0,"linkTarget":"_blank"},{"shapeType":"rect","coords":"711,285,133,66","title":"Attribute authorities and membership services guidance","pageRefIndex":1,"linkTarget":"_blank"},{"shapeType":"rect","coords":"711,119,130,66","title":"Manage your community members","pageRefIndex":2,"linkTarget":"_blank"},{"shapeType":"rect","coords":"711,370,135,66","title":"Operational Security for your services","pageRefIndex":3,"linkTarget":"_blank"},{"shapeType":"rect","coords":"1072,368,130,71","title":"Security for your services","pageRefIndex":3,"linkTarget":"_blank"},{"shapeType":"rect","coords":"1253,370,130,60","title":"Incident Response collaboration","pageRefIndex":4,"linkTarget":"_blank"},{"shapeType":"rect","coords":"1226,113,164,75","title":"Service Levels and data classification","pageRefIndex":5,"linkTarget":"_blank"},{"shapeType":"rect","coords":"874,287,132,60","title":"Incident response procedure","pageRefIndex":6,"linkTarget":"_blank"},{"shapeType":"rect","coords":"872,375,137,62","title":"Sirtfi trust framework","pageRefIndex":4,"linkTarget":"_blank"},{"shapeType":"rect","coords":"711,451,132,66","title":"Privacy (for collaborations)","pageRefIndex":7,"linkTarget":"_blank"},{"shapeType":"rect","coords":"870,447,135,71","title":"Notice Management presentation (for collaborations)","pageRefIndex":8,"linkTarget":"_blank"},{"shapeType":"rect","coords":"874,532,128,54","title":"Privacy notice templates","linkTarget":"_blank","externalLink":"/spaces/AARC/pages/1214906505/The+REFEDS+Data+Protection+Code+of+Conduct#TheREFEDSDataProtectionCodeofConduct-Templatesofprivacynotices"},{"shapeType":"rect","coords":"283,198,124,60","title":"WISE AUP Purpose of Collaboration","pageRefIndex":0,"linkTarget":"_blank"},{"shapeType":"rect","coords":"1245,532,133,58","title":"Privacy notice templates","linkTarget":"_blank","externalLink":"/spaces/AARC/pages/1214906505/The+REFEDS+Data+Protection+Code+of+Conduct#TheREFEDSDataProtectionCodeofConduct-Templatesofprivacynotices"},{"shapeType":"rect","coords":"1064,453,139,60","title":"Data Protection code of conduct","pageRefIndex":7,"linkTarget":"_blank"},{"shapeType":"rect","coords":"716.64,611.89,135.85,64.15","title":"Requirements on Acceptable Assurance","pageRefIndex":9,"linkTarget":"_blank"},{"shapeType":"rect","coords":"1080.79,610,135.85,67.92","title":"Assurance requirements and risk appetite","pageRefIndex":9,"linkTarget":"_blank"}]},{"shapeType":"rect","coords":"59.34,111.42,128.3,60.38","title":"Rules of Participation","pageRefIndex":10,"linkTarget":"_blank"},{"shapeType":"rect","coords":"57.45,203.87,130.19,52.83","title":"Identification of primary assets","pageRefIndex":11,"linkTarget":"_blank"},{"shapeType":"rect","coords":"61.23,286.89,128.3,64.15","title":"Research Risk Assessment","pageRefIndex":12,"linkTarget":"_blank"},{"shapeType":"rect","coords":"55.57,368.02,137.74,64.15","title":"Escalation procedure","pageRefIndex":13,"linkTarget":"_blank"},{"shapeType":"rect","coords":"59.34,451.04,135.85,58.49","title":"Legal and Regulatory Compliance","pageRefIndex":14,"linkTarget":"_blank"}]}
pageReferencesWISE AUP-!!!!!-pageReferencesWISE AUP-!!!!!-Attribute Authority Operational Security-!!!!!-Membership Management-!!!!!-Security Operational Baseline-!!!!!-SIRTFI-!!!!!-Service Levels and Data Classification (the "IAC" or "CIA" triad)-!!!!!-Incident Response Procedure-!!!!!-The REFEDS Data Protection Code of Conduct-!!!!!-Notice Management (presentation)-!!!!!-Assurance Requirements-!!!!!-Rules of Participation-!!!!!-Identification of Primary Assets-!!!!!-Research Risk Assessment-!!!!!-Escalation Procedure-!!!!!-Legal and Regulatory Compliance
imgHeight750.0
imgContainerPagePolicy Development Kit version 2
alwaysHighlightfalse
dataModelVersion3

...