Speaker
Slavek Licehammer
(CESNET)
Description
Most of the current AAI infrastructures are aligned with AARC Blueprint Architecture model, where the most distinct component is the authentication proxy. Even though the proxy solves most of the issues for registering services and enabling users to access them, there is still a significant group of services with additional requirements on access control.
Using the proxy, services obtain informations about a user only when the user is signing in. That is not sufficient for services which need to know their users upfront or for the services which need to know when a user is no longer authorised to use the service, so the service might de-provision that user and properly follow GDPR requirements
In this presentation, we will present possible solutions for provisioning and de-provisioning identity information which are aligned with AARC Blueprint Architecture and show how to use them to enhance capabilities provided by the proxy. In addition to that, we will explain which of these models might be used in EGI AAI with EGI Check-in service.
| Type of abstract | Presentation |
|---|---|
| References | AARC Blueprint Architecture - https://aarc-project.eu/architecture/ |
Primary authors
Michal Prochazka
(CESNET)
Slavek Licehammer
(CESNET)
