As more communities share their science resources through the federation, data of higher value or in need of specific controls (such as biomedical data, but obviously much more), will change the risk assessment that underlies the baseline and differentiated assurance developed in AARC.
The policy harmonisation work package (NA3) seeks input on requirements from communities seeking to implement strong assurance profiles, e.g. "Espresso" or with even higher assurance components, to support their AAI. Please edit this page and provide your input (description and/or links) under "Use Cases" below.
Background
The REFEDS Assurance Framework defines 2 profiles covering identification and subsequent authentication -
- Cappuccino profile for low risk use cases
- Espresso profile for demanding use cases
Further information: Draft Assurance Framework (Presentation / Document )
Use Cases
| Community | ELIXIR AAI |
|---|---|
| Contact | Mikael Linden |
| Description | Some relying services of ELIXIR AAI require MFA when granting access to sensitive data. Principal issues relate to which attribute is associated with the MFA, and what is the resultant reliability, usefulness and cost. A pilot has been run to test a senario with an MFA registration token delivered to the user as an SMS. |
| References | Full discussion of senarios and problems are discussed in this document (google doc) together with the pilot roadmap (google doc). |
| Community | BBMRI |
|---|---|
| Contact | Petr Holub |
| Description | Issues identified with the REFEDS AF are related to
|
| References | See document (Overleaf doc). |
| Community | Community Name |
|---|---|
| Description | ... |
| References | URLs |