Seamless access management for between organisations

The problem:

In the rapidly evolving landscape of the research sector, where seamless collaboration and secure information exchange is crucial, the challenge of managing access to multiple services has become a bottleneck.  

Research institutions in pursuit of cutting-edge discoveries, are faced with an ever-growing suite of specialised tools and platforms. However, the reliance on traditional authentication methods, often characterised by multiple username-password combinations, not only hampers user experience, it also poses significant security risks, particularly around the confidentiality of sensitive research data. 

As research organisations grapple with the complexity of diverse systems and services, a critical need arises for a transformative solution that can simplify access management while fortifying cyber security protocols. 

What we are considering:

The AAF is working with national research infrastructures to address this problem through the implementation of Collaborative Research Environments (CREs).  

A CRE provides a solution for inter-organisation collaboration, as a way of managing the complex task of authentication and authorisation. By exploring the challenges faced by research infrastructures, we aim to highlight the motivations driving the need for a CRE, the complexities of the pre-existing access management dilemmas, and the solutions that could be implemented. By examining the pain points experienced by users and administrators alike, we seek to address the urgent need for streamlined, unified, and secure authentication and authorisation mechanisms. 

The scope of a CRE also extends beyond the act of authenticating a user. While authentication is a crucial component of a CRE, the overarching goal is to simplify and streamline the user experience across multiple applications or services.  

Additionally, CREs can contribute to improved security by enforcing centralised authentication and authorisation policies, allowing for better control and monitoring of user access. 

Policies

Implementing a CRE requires considering compliance with a range of policies such as authentication, authorisation, membership management, privacy and cyber security policies. The Trust and Identity Framework provides a Policy Toolkit which contains a standard set of policy templates for a wide range of considerations by a CRE. The intended audience of the Policy Toolkit includes service providers, community managers and end users.  

Find out more about the development of the Policy Toolkit fit for Australia’s national research infrastructure.