A recording of the webinar on AARC extensions to the REFEDS Assurance Framework (RAF) that took place on 27 June is now online. The video, aimed at Authentication and Authorisation Infrastructure (AAI) architects and technical decision makers for research collaborations, can be found on the IAM Online YouTube channel and the slides with notes are available.
Why did AARC extend RAF?
The REFEDS Assurance Framework was explained in a previous AARC webinar. The AARC (Authentication & Authorisation for Research & Collaboration) project developed additional guidance to facilitate the exchange of assurance information across infrastructures (or between SP-IdP-Proxy components of infrastructures).
Supplementary AARC and IGTF assurance profiles targeting the specific research and infrastructures’ needs in terms of risk profiles help out: shared assurance profiles inspired by the Service Provider and infrastructure requirements can be exchanged directly and help evaluate identity assurance information for the attributes and authenticator presented both by the user’s home organisations via the R&E federations and from supplementary sources when enabling federated access to access services.
In this webinar:
In the webinar video, Davide Vaghetti (GARR) and Uros Stevanovic (KIT) explained how AARC developed the extensions and what this means in practice. They showed how different assurance profiles can be evaluated and combined together, and they demonstrated how the assurance evaluation and combination can be implemented in a proxy based infrastructure.
Around 20 people joined the live event.