Speaker
Description
The Authentication and Authorisation for Research and Collaboration (AARC) community, funded by the AAR-TREE project is releasing the AARC Compendium, a comprehensive introductory guide to implementing federated identity management for research infrastructures and their communities. Building on the AARC Blueprint Architecture (AARC BPA), the Compendium bridges the gap between technology, policy, and community needs.
The Compendium provides practical guidance across the full lifecycle of Authentication and Authorisation Infrastructure (AAI) implementation. A glossary of key terms and extensive FAQ section help demystify technical concepts and address common challenges. The guide covers implementation scenarios—from hosted AAI platforms to self-hosted proxy architectures—and presents an overview of the landscape of existing AAI solutions, including commonly used software, services, and complete hosted solutions already deployed across research infrastructures.
Key sections address technical requirements such as harmonised identity representation, authorisation and access control, and interoperability architecture. The Compendium also tackles critical policy aspects, including security, data protection, and practical use of the AARC Policy Development Kit. Importantly, it demonstrates how to bridge legal, policy, and technology considerations.
The final version includes real-world use cases from research communities, infrastructures, and service providers offering concrete implementation examples and proven patterns that can be adapted to different contexts, helping to inspire and guide adoption across the research ecosystem.
Target Audience:
This presentation is directed at research communities and infrastructure providers offering services in federated environments
Aims of the presentation:
- Raise awareness of the AARC Compendium and its practical value
- Demonstrate how the guide addresses real-world implementation challenges through use cases
- Encourage engagement with the AARC community and promote uptake of federated identity management practices
