The first Authentication and Authorisation for Research and Collaboration (AARC) project concluded on 30 April 2017 after two years, with many useful outputs for e-infrastructures, research infrastructures and libraries. These outputs will continue to be used and developed in the second AARC project, which, from 1 May, will build on these achievements and bring a new focus.

AARC has been creating a common framework for research and collaboration communities, meaning one blueprint architecture, one set of policies, and one collection of training materials that should work for everyone and allow their authentication and authorisation solutions to work together. AARC has also been working with research collaborations to pilot and improve specific technical and policy aspects.

AARC’s approach means that research collaborations can spend less time and less money reinventing the authentication and authorisation wheel, and their researchers can focus on research. Safe and more reliable access for more researchers to more services, data and software, will allow greater cooperation between research collaborations and open up the possibilities for exciting new research.

So what has the AARC project produced?

• The AARC Blueprint Architecture, a set of interoperable building blocks for people designing and implementing access management solutions for international research collaborations
• Policies to complement the technical research plus recommendations and best practices to implement a scalable and cost-effective framework for integrated solutions:
  • Snctfi – identifies operational and policy requirements to help establish trust between an infrastructure and identity providers. For use by personnel responsible for the management, operation and security of an infrastructure and those wishing to assess its trustworthiness.
  • Sirtfi – AARC was the main sponsor for work to create an assurance framework that allows participating organisations to cooperate effectively in the coordination of incident response, in the event of a federated security incident.
• Pilots expanding the coverage of federated access, pilots testing the integration of AARC results

What next?

While the goals and objectives of the second AARC project will largely remain the same, the project will take two main routes:

1. AARC will expand efforts to engage with target communities to disseminate information, ensure messages are clear, deliver training, gain feedback, and implement the AARC framework. The number of partners has increased from 20 to 26, helping to make this approach easier.
2. AARC will shift the technical focus from how to authenticate the identity of users to the question of how to authorise permitted users to access the resources across the boundaries of different infrastructures and research collaborations.

To maximise the uptake of existing materials and any that are developed in the next phase, a fresh impetus will be given to developing and delivering training, and to producing and disseminating information in more easily swallowed chunks such as ‘how to…’ documents, webinars and so on. This will all be supported by a change to the project website so that it becomes a shop window for the outputs of the AARC project.