[#XCI-502] Review of AARC's Guidelines for scalable and consistent authorisation across multi-SP environments" (AARC-G027)
Type:
|
Sub-task
|
Priority:
|
Minor
|
Reporter:
|
Jim Basney
|
Assignee:
|
Jim Basney
|
Resolution:
|
Unresolved
|
Votes:
|
0
|
Attachments:
|
AARC-G027 - Guidelines for scalable and consistent authorisation across multi-SP environments.pdf
|
XSEDE Priority: |
-
|
Public activity link: |
https://software.xsede.org/display/xci-502
|
Track status in meeting: |
no
|
The purpose of this document is to guide infrastructures in the efficient implementation of the access restrictions that are required by the individual communities and e-Infrastructures. The guidelines are given within the setting of the AARC BPA. In this scenario, user communities make use of an SP-IdP-Proxy (including Attribute management). The users are given access to resources (end services) via infrastructure SP-IdP-Proxies. The given guidelines address two different topics. One is about providing an interoperable schema to use for expressing authorisation information. This is an extension of the recommendations provided in AARC-G002 - Expressing group membership and role information. The other topic concerns the organisational architecture for conveying authorisation information. Guidelines in this latter area are derived from the more detailed Deliverable DJRA1.2 on authorisation models.
|
There are comments for XCI-502 that can be viewed with XSEDE authentication.