Page History

A. Generic

1. Which Research Infrastructure (RI) are you representing?
2. Which field of science are you serving ? (Frascati manual of Fields of Research and Development (FORD)) (can we compile a list!?)
3. Please provide description about the research infrastructure (e.g. which kind of instrastructure and related services are delivered and by whoom, is there a formalised collaboration etc.)
4. Please provide description of the user audience -  type of users (research, citizen scientists, industry users), number of users, distribution over the globe and organisations
5. Is the RI member of European Open Science Cloud (EOSC)?
6. Is the RI participating in Citizen Science Programmes or other initiatives or programmes?

B. AAI solution

(probaly 2 sets of question based on the BPA knowledge level - BPA begineer/rookie vs BPA savvy/advanced user)

...

• YES / NO - Guidelines for expressing community user identifiers (AARC-G026)
• YES / NO - Guidelines on expressing group membership and role information (AARC-G002) (superseded by AARC-G069)
• YES / NO - Guidelines on expressing group membership and role information (AARC-G069)
• YES / NO - Specification for expressing resource capabilities (AARC-G027)
• YES / NO - Guidelines for expressing affiliation information (AARC-G025)
• YES / NO - Inferring and constructing voPersonExternalAffiliation (AARC-G057)
• YES / NO - Exchange of specific assurance information between Infrastructure (AARC-G021)
• YES / NO - Guidelines for evaluating the combined assurance of linked identities (AARC-G031)
• YES / NO - A specification for IdP hinting (AARC-G049) (superseded by AARC-G061)
• YES / NO - A specification for IdP hinting (AARC-G061)
• YES / NO - Specification for hinting an IdP which discovery service to use (AARC-G062)
• YES / NO - A specification for providing information about an end service (AARC-G063)
• YES / NO - Guidelines for Secure Operation of Attribute Authorities (AARC-G071)

C. Policy for access management

1. Does the Research Infrastructures have an access policy? (the access policy governs who can access the infrastructure, under what conditions)
2. Is there a formalised procedure to manage access rights to services (e.g. cooperation agreement, call for application and evaluation,  ad-hoc individual order/access, member of an organisation, etc.)?
3. How do you implement the policy for access management (e.g. how is the individual who can access the research research data/measurement data/your research instrument identified and authorised)? 
   • Please select any of the following options that apply (try first without asking the list)
     • (a) Based on the user's membership in group(s). If YES, do these groups need to be managed within your RI or within external RIs? 
     • (b) Based on user attributes required to access specific resources a user is allowed to access or perform certain actions. If YES, do these capabilities need to be managed within your RI or within external RIs? - ask Nicolas for the example ? e.g ESI?
       
     • (c) Based on affiliation of the user with their home institute
     • (d) Based on identity assurance (e.g. level of identity proofing, freshness of affiliation information),
     • (e) Based on the authentication method (e.g. Multi-Factor Authentication - MFA),
     • (f) Other?
4. What are the requirements for identification of the users (e.g. required information, LoA, authentication method)? 

   • Please select any of the following options that apply:

     • a) Globally unique persistent identifier,

     • (b) Name (First / Last name),

     • (c) Email,

     • (d) Affiliation with the home institute,

     • (e) Identity assurance (e.g. level of identity proofing, freshness of affiliation information),

     • (f) Authentication method (e.g. Multi-Factor Authentication - MFA),

     • (g) Other

D. Workflow

1. Can you describe the research workflows? 

...

• Are the research data and databases of the Research Infrastructure accessible
  • yes, they are continuously accessible both inside and outside the institution
  • yes, they are continuously accessible from within the institution
  • Accessible to others on a case-by-case basis
  • Not accessible to others
• During the access of the Research Infrastructure which method is used (more than one option can be marked):
  • Providing measurement/database access based on research collaboration
  • Provision of measurement/database access for based on a contract
  • Measurements/database access with customer/requester access
  • Taking measurements/database access by providing online/remote access
  • Measurements/database access with data processing and evaluation
  • Other: (describe)
• We could consider the following questions to understand if their AAI acts as a Community AAI, Infrastructure Proxy or both (alternatively these questions could be moved to Section B - AAI solution):
  • Do users of your Research Infrastructure access services provided by other Infrastructures using your AAI? If yes, can you describe? (Please also mention your future plans in this area)

  • Do users of other infrastructures access services provided by your Research Infrastructure using your AAI? If yes, can you describe? (Please also mention your future plans in this area.)

E. Requirements

(collect generic answers  via E.1 question, then discuss in details with E.2 questions ad quideline)

...