EOSC AAI final report: principles, architecture and governance models for a global research and education AAI
By: Klaas Wierenga (GÉANT), Christos Kanellopoulos (GÉANT)
The EOSC Architecture Working Group, has released the final report on the EOSC Authentication and Authorization Infrastructure (AAI), produced by the EOSC AAI Task Force (TF). The document is now available on the website of the Publications Office of the European Union.
This release marks the culmination of the work of the task force, established in October 2019 with the objective of defining a common global ecosystem for identity and access control infrastructures for the European Open Science Cloud (EOSC).
The report encompasses the three deliverables previously produced by the Task Force, together with a live document on Best Practises, that will continue to be updated.
In order to outline a globally viable, scalable and secure EOSC AAI, the group defined the following three core principles, on which to base their work:
- User experience is the only touchstone.
- All trust flows from communities.
- There is no centre in a distributed system.
Expanding on these statements, Klaas Wierenga (Chief Information & Technology Officer at GÉANT and co-chair of the EOSC AAI Task Force) commented:
“The human element was the starting point of our exploration. We believe that providing a good user experience and making use of the existing trust relations that users already have within their research communities are the key factors for delivering a successful EOSC AAI.”
The proposed EOSC AAI doesn’t set an entirely new AAI architecture, but instead it builds up on outputs of the AARC and AARC2 projects, and especially on the AARC blueprint architecture (BPA), the reference AAI architecture for the international research and education communities.
The AARC-BPA-2019 specifically, proved to be the best starting point for the EOSC AAI, as it focuses on interoperability aspects and introduces the Community AAI, a new concept streamlining researchers’ access to services, both provided by their own infrastructure and shared with other communities.
As the final output of the EOSC AAI TF, the report will be handed over to the EOSC Association, with recommendations to continue the work in collaboration with the ongoing governance of the AARC Engagement Group for Infrastructures (AEGIS) and the pertinent EOSC Task Forces.