Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Table of Contents
maxLevel1

Presented to AEGIS

The following frameworks and recommendations have been presented to the community by way of AEGIS for either information or endorsement:

Policy Development Kit

The Policy Development Kit (PDK) provides new or evolving Research Communities  and Infrastructures with the guidance they need to develop a complete policy suite supporting Federated Identity Management. This should be done with input from the wider community, through FIM4R, WISE and relevant bodies. Evolution of the PDK is interactively managed at the Policy Development Kit wiki.

AARC-I044 Implementers Guide to the WISE Baseline Acceptable Use Policy

Applying the Baseline AUP to concrete use cases may appear straightforward, but there are many edge cases and specific circumstances where it is not entirely obvious how to both achieve the aim of user-friendliness as well as be complete and practical. In this write-up, we try to give hints how to use the WISE Baseline AUP in practice in both community-first as well as ‘user-first’ membership management services.

AARC-

...

These guidelines describe the minimum requirements and recommendations for the secure operation of Attribute Authorities and similar services providing statements for the purpose of obtaining access to infrastructure services. Stated compliance with these guidelines may help to establish trust between issuers and Relying Parties.

...

G042 Data Protection Impact Assessment – an initial guide for communities

This report presents the results of the desk study on the evaluation of risks to (personal) data protection as considered in the European General Data Protection Regulation (GDPR), for Infrastructures and their service providers that leverage federated identity management (FIM) to connect research and collaboration users.

AARC-G041 Expression of REFEDS RAF assurance components for identities derived from social media accounts

Infrastructure Proxies may convey assurance information derived from multiple sources, one of which may be ‘social identity’ sources. This guidance explains under which conditions combination of assurance information and augmentation of identity data within the Infrastructure Proxy should result in assertion of the REFEDS Assurance Framework components “unique identifier”, and when it may be appropriate to assert the “identity proofing” component value low.

AARC-G040 Proxy Policy Recommendations: application to the LS AAI

The AARC Pilot covering the Life Sciences AAI Infrastructure Proxy, developed in joint collaboration with EGI, EUDAT and GÉANT, is a multi-staged pilot that will result in a production-equivalent service to be operated for the Life Sciences community by the joint e-Infrastructures. As the pilot enters its second phase, a practical policy related issue is that the LS AAI has to declare R&S and CoCo. In this document, NA3 aims to provide preliminary guidance for the operators of the pilot.

AARC-G021 Exchange of specific assurance information between Infrastructures

Infrastructures and generic e-Infrastructures compose an ‘effective’ assurance profile derived from several sources, yet it is desirable to exchange the resulting assurance assertion obtained between Infrastructures so that it need not be re-computed by a recipient Infrastructure or Infrastructure service provider. This document describes the assurance profiles recommended to be used by the Infrastructure AAI Proxies between infrastructures.

Pending presentation

AARC-G048 Guidelines for Secure Operation of Attribute Authorities and other issuers of access statements

These guidelines describe the minimum requirements and recommendations for the secure operation of Attribute Authorities and similar services providing statements for the purpose of obtaining access to infrastructure services. Stated compliance with these guidelines may help to establish trust between issuers and Relying Parties.