First Draft for the Overall NFDI AAI Architecture

The workgroup Identity and Access Management (IAM) of the NFDI section Common Infrastructures started with the goal of proposing an authentication and authorization infrastructure (AAI) reference architecture for an overarching NFDI AAI. The working group spans multiple NFDI consortia. As part of their mission NFDI4Ing contributes to this within the task area Base Services measure Overall NFDI Software Architecture – Data Security and Sovereignty (S-5).

After the assessment of needs, requirements, and expectations towards the AAI, the workgroup has now proposed an AAI architecture based on the AARC Blueprint Architecture, making the NFDI approach compatible with the EOSC AAI approach. In terms of the AAI, NFDI Consortia are regarded as a “Community AAI” service at which they can organize themselves (i.e. they manage their Virtual Organisation Membership and the subgroups in them). Therefore, four software products, which were readily used by different consortia, are suggested for the implementation of the NFDI AAI: AcademicID, DIDMOS, RegAPP, and Unity. A detailed documentation of the results is available on the continuously updated documentation website.