AAI

The goal of the project is to develop and validate, within a pilot framework, a unified identification, authorization management, and logging system that enables organizations connected to the national research network—such as higher education institutions, research institutes, and public collections—to securely and flexibly share protected web resources (applications, databases, etc.) with each other and third parties, both domestically and internationally.

The concept, technology, and operational model to be developed must align with similar identification and authorization management (AAI) initiatives in research networks.

The most important requirements for the identification, authorization management, and logging system to be developed are as follows:

• Flexible and easy to use for users: it does not require the installation of unique programs on the client side, and its usage is simple and easy to learn;
• Follows a federated model: unlike centralized systems, it is based on the trust relationships of the institutions utilizing the service, supports the cooperation of heterogeneous systems, while preserving the autonomy of individual institutions;
• Uses open and standardized solutions: it is based on widely adopted technologies and standards in the field of identification and authorization management;
• Complies with the requirements of the Data Protection Act (Atvt.): it takes into account domestic and European regulations on the protection of personal data and implements user data separation through a distributed data-based identification model.