UPDATE ......From Tuesday 8 April 2025 we have changed the way that Single Sign-on works on this wiki. Please see here for more information:
Update
...
The new PDK also clarifies Snctfi, the transparent way to assert good practice and security for proxies and the services they connect to federated identity.
Trust framework for proxies and Snctfi research services (AARC-I082) described describes the structure of the PDK version 2
- Overview diagram (drawio source)
The PDK version 2 identifies five main target audiences, functionally following the Blueprint Architecture 'BPA 2025' proxy hierarchy and identifying (1) ‘Research governance’ as a foundational area. (2) ‘Users’ are (human) end-users who participate in a collaboration, are identified via (3) ‘authentication sources’ (the identity and identity proxy layer of the BPA) to be granted access by (4) ‘collaboration management’ (the collaboration proxy in the BPA) to (5) ‘services and infrastructures’ (in the BPA the infrastructure proxies, site-local proxies, and services).
...