Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

e-Researcher-Centric Policies - develop the policy framework for communities, providing recommendations for baseline “policy profiles” for users, communities and identity providers, and, through such harmonisation, will reduce the “policy silos” that hinder interoperation. The policy profiles will be defined in close interaction with European and global stakeholders, specifically the e-infrastructures and research infrastructures, so that in the AAI ecosystem every participant is able to rely on well-defined predictable behaviour by the other participants in the infrastructure.

Table of Contents

An overview of the work on researcher-centric policies is now available in the project deliverable "Recommendations for e-Researcher-Centric Policies and Assurance" (DNA3.4).

...

Acceptable Use Policy Development

AUP Alignment Study

Security for Collaborating Infrastructures Trust Framework says: "Each infrastructure has the following: ... An Acceptable Use Policy (AUP) addressing at least the following areas: defined acceptable and non-acceptable use, user registration, protection and use of authentication and authorisation credentials, data protection and privacy, disclaimers, liability and sanctions" (SCI Version 2 section 6). The AARC2 AUP alignment study aims to draft a common minimum, or 'baseline', AUP text to satisfy these requirements thereby facilitating rapid community infrastructure ‘bootstrap’, easing the trust of users across an infrastructure and providing a consistent and more understandable enrolment for users as users move between communities and project. More information can be found at the links below.

Baseline AUP

...

and the implementers guide

The current draft of the WISE Baseline AUP is available as a Google document here - WISE Baseline AUP template v1.3. WISE Information Security for E-infrastructures (WISE) community SCI working group has hosted the work on the baseline AUP, with the intent of this baseline becoming a globally accepted set of points that facilitate the research workflows.

A draft of the implementors guide for the AUP (AARC-I044, to which comments are welcome) is available at https://docs.google.com/document/d/1tGghpHCKTu8sTO1wNrJBXXfD0N1XDAmFTn9b8t6wzPE.
For immediate use by the infrastructures, you can find a (preliminary) formatted document here.was developed to accompany the document. It elucidates the applicaiton model of the AUP to community-first (like the Life Sciences AAI or WLCG) and user-first (such as CheckIn and eduTEAMS) membership management services.

AARC2 NA3 team working text, including active comments and version history, is stored here. (Please see the stored Version History for the recent evolution of this text.)

Baseline AUP study input

...

View file
nameAARC2 AUP study - AUP grid.pdf
height150

Baseline AUP presentations and other materials

...

Inventory of high-assurance identity requirements from the AARC2 use cases

This document and the associated Wiki page provide an inventory of currently identified use-cases where there is a requirement that the identity of a user accessing data or using a system or an instrument is assured with higher confidence than provided by an identification consistent with the REFEDS Assurance Framework “Cappuccino” assurance profile.

...

Milestone Document AARC2-MNA3.5 (submitted Jan 2018) referencing wiki page with requirements identified from use-cases. Futher requirments may be added if identified during the project.

...

Assurance Frameworks

The e-Researcher task also contributes to the Assurance Framework activities in REFEDS (the REFEDS Assurance Framework RAF), the RAF Piloting activities, and the inter-infrastructure exchange of assurance profiles

...

Other NA3.3 work items and documents