The final report from a European study that could pave the way to distributed and collaborative authentication, authorisation and accounting (AAA) for scientific data was published on 18 December 2012.
The AAA Study was carried out by a consortium composed of LIBER (The Association of European Research Libraries), University of Amsterdam (NL), University Debrecen (HU) and TERENA, which was the lead partner. This was the first time that TERENA and LIBER have worked together on such a project.
Managing the data glut
The rapid development and adoption of Information and Communication Technologies (ICT) has changed the way researchers work, enabling almost instantaneous collaboration regardless of physical location, and has provided access to an enormous amount of scientific information that can be processed on powerful computational platforms. This new way of working generates a huge volume of data, whose exchange and curation pose significant challenges.
In 2010 the High-Level Expert Group on Scientific Data (known as HLEG on Scientific Data) published recommendations that an authentication and authorisation system should be set up by integrating existing AAA infrastructures in order to allow distributed and collaborative AAA for scientific data. To address this recommendation and to facilitate the emergence of a robust platform (Scientific Data Infrastructure (SDI)) for access to and preservation of scientific information, the European Commission funded the AAA Study, which began in December 2011. The study tender was also designed to be one step towards a Europe-wide single sign-on for all digital library and computing services for the research community.
"The improvement of access to and preservation of research publications and data, scientific collaborations and advanced infrastructures (e-infrastructures) are all important priorities for the European Commission," explained Kostas Glinos, Head of e-Infrastructure Unit at DG CONNECT, European Commission. "Authentication and Authorisation Infrastructures (AAIs) play a crucial role in providing a distributed virtual environment where scientific resources can be stored, accessed and shared."
The AAA Study evaluated the feasibility of delivering an integrated Authentication and Authorisation (and possibly accounting) Infrastructure, by collecting use-cases from across different disciplines and evaluating existing infrastructures.
The 60 page report resulting from the study contains a number of recommendations, which target different stakeholders: the European Commission to define a possible directive; Member States to create the conditions for such an infrastructure at national level; policy makers, particularly those involved in the Data Protection Directive, to take into account the impact of legislation on cross-boundary access management; and developers to use standard technologies to achieve interoperability.
The report highlights the following:
- an AAI for SDI should be built on standard technologies, using infrastructures such as eduGAIN, eduroam and EUDAT, and mechanisms to translate between various authentication and authorisation technologies; and that federated access plays an important role;
- to fully benefit from federated access, more funding is needed to improve the reach of national identity federations in research and education;
- further research is needed to enhance authorisation and accounting mechanisms;
- a common policy and trust framework for identity management is needed, as well as clarity on data protection laws – these should be coordinated at European level;
- relevant organisations such as EGI.eu, e-IRG, EUDAT, ESFRI projects, IGTF, REFEDS (Research and Education Federations), the European Commission and consortia of libraries and data centres should all work towards these goals.
Further information about the AAA Study and recommendations is available via the AAA Study web page.