Documents archive 2015-2017

This page lists all the deliverables and milestones prepared during the first AARC project, which ran from 2015-2017 and was funded by the European Union’s Horizon 2020 research and innovation programme under Grant Agreement 653965.

Deliverable NameWP / OwnerIn a nutshell
DNA1.1 Annual ReportNA1 / GÉANT Summary of AARC achievements after Y1.
A document to report on AARC results after the first year.
DNA1.2 Annual ReportNA1 / GÉANT Summary of AARC achievements.
A document to report on AARC results after two year project.
DNA1.3 Summary of main dissemination activities, main achievements of AARC for and Exploitation ReportNA1 / GÉANT Summary of AARC dissemination, outreach and exploitation work.
A document to report on the results of AARC communication, dissemination and exploitation activities, their impact and how they mapped the AARC strategy.
DNA2.1 Report on the identified target groups for training and their requirementsNA2 / GÉANT
DNA2.2 Training material on main technical and policy concepts of federated access
DNA2.3 Training material targeted to Resource and Service Providers

DNA2.4 Training material targeted at identity providersNA2 / GARR
DNA3.1 Differentiated LoA recommendations for policy and practices of identity and attribute providers

N3 / CSCLevel of Assurance (LoA) recommendations and framework
LoA expresses confidence in the binding between a user and the identity information connected to it and is usually done by the identity provider. The actual implementation of this process is rather difficult, however (e.g. there needs to be a balance between the requirements of services and the technical feasibility and effort necessary for the identity provider). This document identifies these requirements and focuses on the REFEDS Assurance Framework to express the LoA information. The framework also includes a baseline assurance profile.
DNA3.2 Generic security incident response procedure for federations

NA3 / CERNFramework for a coordinated response to security incidents
Different research services are connected through federations where a single compromised account poses a risk to all services. Currently there is no standardized process to handle such incidents. This document provides an analysis of this problem and gives recommendations on how to build a framework to handle such incidents. These recommendations are based on the Security Incident Response Trust Framework for Federated Identity (Sirtfi).
DNA3.3 Recommendation for service operational models for enabling cross-domain sustainable services
NA3 / DAASI Recommendations to build sustainable services
Often software and services are created and operated in the context of project funding. When these projects end, it becomes difficult to ensure support to run services. This deliverable provides a template to assess the sustainability of services and gives recommendations to service providers and federations operators to standardize policies.
DNA3.4 Recommendations on the grouping of entities and their deployment mechanisms in scalable policy negotiation

NA3 / STFCRecommendations to implement a scalable and cost-effective policy framework
Creating the common federation ‘ecosystem’ for research collaboration requires that everyone is effectively connected to it, including not only those organisations whose primary purpose is collaborative research, but also institutions (both identity providers and those providing services). This document starts with a study of entity categories and the status of take-up by the eduGAIN. The document presents “Snctfi”, the new policy and trust framework that has been developed for applying policies and best practices to an e-Infrastructure or research Infrastructure using IdPs in the R&E federations via an SP-IdP proxy.
DNA3.5 Recommendations and template policies for the processing of personal data by participants in the pan-European AAI NA3 / KIT Policies for personal data
Research- and e-infrastructures involve different organisations and are often transnational in character. When sharing personal data, different national and EU regulations might apply. This documents gives recommendations and provides template policies for sharing and processing personal data within infrastructures. The recommendations focus on two frameworks: standard data protection clauses (model contracts) and binding corporate rules.
DJRA1.1 Analysis of user- community requirements

JRA1 / EGI Analysis of user-community requirements
To improve the AAI landscape it is important to understand the requirements of user communities and service providers. This document provides an analysis of these requirements in three steps. First, the requirements gathered in previous activities are used to formulate an initial set. During the second step, the list is improved with the results of a survey. The third step then produces a final set of requirements and structures them in form of a table.
DJRA1.2 Blueprint architectures

JRA1 / KITAARC Blueprint Architectures
This document provides a set of building blocks for software architects and technical decision makers, who are designing and implementing access management solutions for international research collaborations.
DSA1.1 Pilots to support guest users solutionsSA1 / GARRAARC Pilots
Pilots in this task deal with enabling guest users to access federated services, especially within the library community. This mainly applies to so called walk-in users, that do not have a federated identity and should still be able to use services offered by a library. This deliverable gives an overview on three pilots in this area.
DSA1.2 First report on the Pilots deployed by SA1SA1 / SURFnetAARC Pilots
This deliverable provides an overview of all pilots, that AARC worked on during the first year of the project. These pilots can be divided into three tasks: guest users, attribute management and access to resources. For all three tasks this document explains the approach taken and summarises the status of the pilots after the first year. While this deliverable is meant to give a status-update on the work of all pilots, there are separate deliverables for each task (DSA1.1, DSA1.3 and DSA1.4 respectively) that explain the pilots in more detail.
DSA1.3 Final pilot on attribute provider framework

See also the leaflet.
SA1 / EGIAARC Pilots
This document contains relevant information about two demonstrators implemented in the AARC project to pilot attribute aggregation and attribute management solutions.
The goal of the demonstrators is to show with a practical implementation howgroup membership attributes or other attributes from multiple sources can be used in a federated environment to regulate access to services.
DSA1.3 Pilot to improve access to R&E relevant resources

This document provides an overview of the pilots realised within the Pilots service activity in particular concerning ways to improve access to
R&E relevant resources and (commercial) service. A total of fourteen proof of concepts were carried out to test AAI mechanisms to access non-web resources, bridging e-infrastructures and access to (commercial) cloud services.