Deliverables

Deliverable NameWP / OwnerIn a nutshell
DNA1.1 Annual ReportNA1 / GÉANT Overview of the achievements during the first year .
A document to report on the progresses of AARC, KPIs and resources consumed during Y1.
DNA1.2 Annual ReportNA1 / GÉANT Overview of the achievements during the first year .
A document to report on the achievements of AARC during Y2. The detailes exploitations and dissemination report, with the related KPIs is part of DNA1.3.
DNA1.3 Summary of main dissemination activities, main achievements of AARC for and Exploitation ReportNA1 / GÉANT Summary of AARC dissemination, outreach and exploitation work.
A document to report on the results of AARC communication, dissemination and exploitation activities, their impact and how they mapped the AARC strategy.
DNA2.1 Report on the identified target groups for training and their requirementsNA2 / GÉANT
DNA2.2 Training material on main technical and policy concepts of federated access
NA2 / GÉANT
DNA2.3 Training material targeted to Resource and Service Providers

NA2 / CSC
DNA2.4 Training material targeted at identity providersNA2 / GARRShort Description of Training for IdP
content of this training module is intended for organisations that run Identity Providers Idps

AARC organised a training to promote attribute releade among IdP. The traning targeted federation operators to promote the adoption of tools to automate the attribute release process (and support REFEDS entity categories) as well as IdP operators. See also the training pages.
DNA3.1 Differentiated LoA recommendations for policy and practices of identity and attribute providers

N3 / CSCLevel of Assurance (LoA) recommendations and framework
LoA expresses confidence in the binding between a user and the identity information connected to it and is usually done by the identity provider. The actual implementation of this process is rather difficult, however (e.g. there needs to be a balance between the requirements of services and the technical feasibility and effort necessary for the identity provider). This document identifies these requirements and focuses on the REFEDS Assurance Framework to express the LoA information. The framework also includes a baseline assurance profile.
DNA3.2 Generic security incident response procedure for federations

NA3 / CERNFramework for a coordinated response to security incidents
Different research services are connected through federations where a single compromised account poses a risk to all services. Currently there is no standardized process to handle such incidents. This document provides an analysis of this problem and gives recommendations on how to build a framework to handle such incidents. These recommendations are based on the Security Incident Response Trust Framework for Federated Identity (Sirtfi).
DNA3.3 Recommendation for service operational models for enabling cross-domain sustainable services
NA3 / DAASI Recommendations to build sustainable services
Often software and services are created and operated in the context of project funding. When these projects end, it becomes difficult to ensure support to run services. This deliverable provides a template to assess the sustainability of services and gives recommendations to service providers and federations operators to standardize policies.
DNA3.4 Recommendations on the grouping of entities and their deployment mechanisms in scalable policy negotiation

NA3 / STFCRecommendations to implement a scalable and cost-effective policy framework
Creating the common federation ‘ecosystem’ for research collaboration requires that everyone is effectively connected to it, including not only those organisations whose primary purpose is collaborative research, but also institutions (both identity providers and those providing services). This document starts with a study of entity categories and the status of take-up by the eduGAIN. The document presents “Snctfi”, the new policy and trust framework that has been developed for applying policies and best practices to an e-Infrastructure or research Infrastructure using IdPs in the R&E federations via an SP-IdP proxy.
DNA3.5 Recommendations and template policies for the processing of personal data by participants in the pan-European AAI NA3 / KIT Policies for personal data
Research- and e-infrastructures involve different organisations and are often transnational in character. When sharing personal data, different national and EU regulations might apply. This documents gives recommendations and provides template policies for sharing and processing personal data within infrastructures. The recommendations focus on two frameworks: standard data protection clauses (model contracts) and binding corporate rules.



DJRA1.1 Analysis of user- community requirements

JRA1 / EGI Analysis of user-community requirements
To improve the AAI landscape it is important to understand the requirements of user communities and service providers. This document provides an analysis of these requirements in three steps. First, the requirements gathered in previous activities are used to formulate an initial set. During the second step, the list is improved with the results of a survey. The third step then produces a final set of requirements and structures them in form of a table.
DJRA1.2 Blueprint architectures

JRA1 / KITAARC Blueprint Architectures
This document provides a set of building blocks for software architects and technical decision makers, who are designing and implementing access management solutions for international research collaborations.
DSA1.1 Pilots to support guest users solutionsSA1 / GARRAARC Pilots
Pilots in this task deal with enabling guest users to access federated services, especially within the library community. This mainly applies to so called walk-in users, that do not have a federated identity and should still be able to use services offered by a library. This deliverable gives an overview on three pilots in this area.
DSA1.2 First report on the Pilots deployed by SA1SA1 / SURFnetAARC Pilots
This deliverable provides an overview of all pilots, that AARC worked on during the first year of the project. These pilots can be divided into three tasks: guest users, attribute management and access to resources. For all three tasks this document explains the approach taken and summarises the status of the pilots after the first year. While this deliverable is meant to give a status-update on the work of all pilots, there are separate deliverables for each task (DSA1.1, DSA1.3 and DSA1.4 respectively) that explain the pilots in more detail.
DSA1.3 Final pilot on attribute provider framework

See also the leaflet.
SA1 / EGI
DSA1.4 Pilot to improve access to R&E relevant resources

SA1 / PSNCAARC Pilots
Pilots in this task deal with solutions for attribute management and attribute aggregation. One of the goals is to demonstrate how to group attributes from multiple sources (potentially including social identities) and use them to regulate access to services in a federated environment. This deliverable gives an overview on three pilots executed in this area.