Skip to main page content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Access keys NCBI Homepage MyNCBI Homepage Main Content Main Navigation
. 2018 Aug 6:7:ELIXIR-1199.
doi: 10.12688/f1000research.15161.1. eCollection 2018.

Common ELIXIR Service for Researcher Authentication and Authorisation

Mikael Linden  1 Michal Prochazka  2 Ilkka Lappalainen  1 Dominik Bucik  2 Pavel Vyskocil  2 Martin Kuba  2 Sami Silén  1 Peter Belmann  3 Alexander Sczyrba  3 Steven Newhouse  4 Ludek Matyska  2 Tommi Nyrönen  1
Affiliations

Common ELIXIR Service for Researcher Authentication and Authorisation

Mikael Linden et al. F1000Res. .

Abstract

A common Authentication and Authorisation Infrastructure (AAI) that would allow single sign-on to services has been identified as a key enabler for European bioinformatics. ELIXIR AAI is an ELIXIR service portfolio for authenticating researchers to ELIXIR services and assisting these services on user privileges during research usage. It relieves the scientific service providers from managing the user identities and authorisation themselves, enables the researcher to have a single set of credentials to all ELIXIR services and supports meeting the requirements imposed by the data protection laws. ELIXIR AAI was launched in late 2016 and is part of the ELIXIR Compute platform portfolio. By the end of 2017 the number of users reached 1000, while the number of relying scientific services was 36. This paper presents the requirements and design of the ELIXIR AAI and the policies related to its use, and how it can be used for serving some example services, such as document management, social media, data discovery, human data access, cloud compute and training services.

Keywords: GA4GH; GDPR; IAM; authentication; authorisation; data access.

PubMed Disclaimer

Conflict of interest statement

No competing interests were disclosed.

Figures

Figure 1.
Figure 1.. ELIXIR authentication and authorisation infrastructure (AAI) design overview.
See this image and copyright information in PMC

References

    1. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). Reference Source
    1. University of Helsinki.Finngen project.
    1. AARC project: Recommandations on minimal assurance level relevant for low-risk research use cases.2015. Reference Source
    1. Droz S, Graf C, Hassenstein G, et al. : Concept for an Electronic Academic Community in Switzerland and the creation of a Common Authentication and Authorization Infrastructure (AAI) for the Swiss Higher Education System.2001. Reference Source
    1. REFEDS - The Voice of Research and Education Identity Federations. Reference Source

Publication types

LinkOut - more resources