Main Image
Volume 293 - International Symposium on Grids and Clouds (ISGC) 2017 (ISGC2017) - Networking, security, infrastructure & operations
Can R&E federations trust Research Infrastructures? - The “Snctfi” Trust Framework
D. Kelsey,* D. Groep, L. Florio, C. Kanellopoulos, M. Linden, I. Neilson, S. Paetow, W. Pempe, V. Ribaillier, M. Sallé, H. Short, U. Stevanovic, G. Venekamp
*corresponding author
Full text: pdf
Published on: 2017 December 06
Abstract
Research Infrastructures increasingly use national and global “Research and Education” (R&E) authentication federations to provide access to their services. Studies in the AARC project have shown that research communities connect to the R&E federation using an ‘SP-IdP proxy’. The use of a proxy in itself poses policy challenges. As seen by the R&E federations, the SP-IdP proxy hides all of the research services. Home organisations and R&E federations see just a single service provider, even if the services behind it are provided in hundreds of different administrative domains. Building on the Security for Collaboration among Infrastructures (SCI) framework, the “Security Networked-Community Trust-framework for Federated Identity” (Snctfi) proposes a policy framework that allows determination of the ‘quality’ of such SP-IdP proxies and the research services behind them. “Snctfi” allows comparison between proxies, and it allows a scalable way to negotiate and filter based on such policies. We present here version 1 of the “Snctfi” trust framework.
DOI: https://doi.org/10.22323/1.293.0024
Open Access
Creative Commons LicenseCopyright owned by the author(s) under the term of the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.