Project of the Week - AARC

Cyberwatching.eu Project of the Week: AARC - Authentication and Authorisation for Research and Collaboration

A Shared Framework for Identity Management

AARC is a two-year project funded under the European Union’s Horizon 2020 research and innovation programme, standing for “Authentication and Authorisation for Research and Collaboration”. Its main aim is to provide a shared framework for identity management and access for researchers and research infrastructures.

This project is in its second phase following the first AARC, a successful initiative that ran from 2015 to 2017. The second AARC was funded right after its predecessor and was launched in 2017.

GÉANT, the pan-European data networking organisation for the research and education community coordinates the project along with the expertise of other 24 partners.

Now in its second year of activity, the second AARC is coming to an end and will close in april 2019, leaving a lasting legacy that will influence research communities in the coming years. The project produced essential tools, policies, framework and 7 different pilots, while starting to align AAI platforms across research and e-infrastructures.

Thanks to their success, Cyberwatching.eu is promoting AARC as project of the week from 11th to 17th of February.

 

Contribution to the Cyberwatching.eu community

A flexible and scalable solution for access management for research

Too often researchers and research institutions have to come up with their in-house solutions for cybersecurity and identity protection. To address their needs, AARC developed a powerful tool called the AARC Blueprint Architecture (BPA) that allows software architects and technical decision makers to develop customized solutions together. Instead of providing a single software, AARC addressed the root of the problem and came up with a set of software building blocks that can be used to adapt research authentication and authorization software for any need.

AARC’s mission is to support research communities of all scientific disciplines with best practices and expertise on Authorization and Authentication Infrastructures. There are two interesting case studies that you could read as reference on how AARC share their project result.

1. Cherenkov Telescope Array - How CTA is deploying elements of the AARC Blueprint Architecture to build an AAI for thousands of astronomers.

    The CTA team set up a pilot to improve their service using elements of AARC’s Blueprint Architecture.

    The pilot is expanding the AAI capabilities to secure the CTA resources and digital assets through role-based authorisation, allowing federated authentication based on the centralised SAML service and on eduGAIN. The first release was planned for summer 2018. (Read more details @ https://aarc-project.eu/aarc-in-action/cta/)

 2.  CORBEL - How a consortium of e-infrastructures is using the AARC Blueprint Architecture to respond to the AAI requirements of biomedical Research Infrastructures

     The main focus of CORBEL is science, not building Authentication and Authorization Infrastrucure (AAI) solutions, so the project opened a call for an AAI architecture that would answer their requirements.

     The EGI FederationEUDAT and GÉANT joined forces to propose an AAI solution based on the AARC Blueprint Architecture and on AARC’s Guidelines and Policies. This AAI solution is now being   piloted in the context of the AARC project. (Read more detail @ https://aarc-project.eu/aarc-in-action/corbel/)

 

Policy and training

Furthermore AARC is an authority in policy-making, suggesting recommendations and best practices and even providing a Policy Development Kit, provided with templates, guidelines, videos and a glossary. Two other policy tools, called Sirtfi and Snctfi are used respectively to mark trusted partners within the eduGAIN platform and to compare, rate and verify the quality of the SP-IdP proxy.

A fundamental aspect of AARC 2 is the focus on training, which is provided for Service Providers, specific communities and for a broader audience regarding digital identity protection in research environments. Webinars and videos on GÉANT’s YouTube channel cover a wide range of subjects and are directed to broad audiences, service providers and to some specific communities like EPOS and the Life Sciences community.

Read more about project AARC, their tools and training materials on their website @https://aarc-project.eu/.

 

Read more about Cyberwatchingeu Project of the Week for 11-15 February 2019 on our featured:

 

See more updates on our social media channels.

Twittter: http://@cyberwatchingeu

LinkedIn: https://www.linkedin.com/in/cyber-watching/

News

SMESEC project Open Call for SMEs and SME associations
SMESEC has released an open call for SMEs and SME associations in order to validate SMESEC framework and at the same time improve their systems’ security.
 
SMESEC is inviting SMEs to participate in the validation of the SMESEC framework. By participating you not only have influence on the evaluation of the SMESEC framework, but also improve your own company security and get up to €20.000 of funds!

Future Events

Conference on Autonomous Security Systems
02/05/2019 to 03/05/2019
Image:

Ethical and Legal Aspects of Autonomous Security Systems

An international conference to be held at the University of Zurich in Switzerland on May 2nd-3rd, 2019, aims to explore the ethical and legal aspects of autonomous systems in the security sector. Among others, autonomous systems in cybersecurity are discussed in the conference, that is co-supported by CANVAS.

Keynote speakers

Philip G. Alston, New York University and UN Special Rapporteur
Extreme Poverty and Human Rights: Artificial Intelligence as a Threat to Human Rights?

Hermeneut project at Cybertech Tel Aviv 2019
02/05/2019
Image:

Cybertech is the cyber industry’s foremost B2B networking platform conducting industry-related events all around the globe, the go-to place to learn all about the latest technological innovations, threats, and solutions to combating threats within the global cyber arena.