...
Authentication sources and Collaboration Management should abide by the minimum requirements and recommendations for the secure operation of Attribute Authorities [see AARC-G071 Resources], and similar services providing statements for obtaining access to Infrastructure services.
...
These attributes may be aggregated with identity assertions, such as delivered from a directory or group management system, or with attribute or capability tokens as asserted by an AARC BPA Proxy.
Stated compliance with these the AAOPS guidelines may help to establish trust between the Community and Collaboration and its AA, and Relying Parties. In the interest of scalability, these guidelines are intended to facilitate to facilitate the assessment of AA Operators rather than individual AAs or CommunitiesCollaborations. This document The document does not provide guidance on the management (life cycle, technical implementationtechnical implementation, exchange protocols etc.) of attributes nor the processes by which attributes are attributes are entered into the AA.
The AAOPS documentDo we need more details on the content of G071?
Resources
- AARC-G071 Guidelines for Secure Operation of Attribute Authorities
- AARC-I086 Membership Management Policy Development
- Light-weight Collaboration Management - explainer
- Template Membership Management Policy for Infrastructures and self-structured collaborations
- Template Membership Management Policy for light-weight and hosted collaborations