Snctfi
Snctfi is the ‘Scalable Negotiator for a Community Trust Framework in Federated Infrastructures’.
Building on the structures of the Security for Collaboration among Infrastructures (SCI) framework, Snctfi identifies the key verifiable elements of the policy trust framework that underpins the collaboration and infrastructure platforms that communities can use.
By addressing the structure of the security policies that bind services on either side of the ‘proxies’ in the AARC BPA, Scntfi allows trust to flow across these, and a scalable way to negotiate and filter based on such policies. It eases authentication and attribute release by research and education federations as well as service providers (by easier enrolment in federations and because R&E identity providers may be more willing to release attributes if the platform can demonstrate that trust level), but also aids assessment by generic e-infrastructure providers that know the RI proxy meets their trust requirements.
The revised version of Snctfi (version 2) comprises the assessable and verifiable subset of policies and procedures that an AAI platform provider can assert when engaging with both collaboration management as well as with service and infrastructure providers. In this trust framework, and hence in version 2 of the Policy Development Kit, this corresponds to the aspects of collaboration management that can be outsourced:
- Attribute authority operation and the operation of the collaboration management components “AAOPS” (AARC-G071)
- The security operational baseline for the collaboration services offered by the platform (AARC-G084)
- Ability to support notice presentation (AARC-G083)
- Adherence to the REFEDS Data Protection Code of Conduct version 2
The Snctfi subset is readily identifiable in the diagram of the Policy Development Kit version 2.
