FIM4R Position Paper on the Desired Evolution of EOSC Authentication and Authorisation Infrastructures

Authored by: the FIM4R Community The European Open Science Cloud (EOSC) will soon enter the next phase of integration and consolidation with the establishment of a common service portal listing underpinning services that enable distributed resources in the areas of computation, data, open access, and above-the-net collaboration services. The existing e-Infrastructures that are anticipated to be part of the EOSC each provide their own capabilities in terms of trust and identity management, integrity protection and risk management, as well as capabilities to support business continuity and disaster recovery in case of security incidents. There are also specific trust, collaboration management, and security services that are jointly managed by multiple e-Infrastructures for the benefit of (but in many cases not exclusively) the European research and collaboration community as a whole. These include for instance the glue between the EOSC AAI suite of services that each implement the AARC Blueprint Architecture (AARC BPA), i.e. the AAI services such as those from both national and pan-European Infrastructures as well as components such as credential translation bridge services.