Snctfi - the Scalable Negotiator for a Community Trust Framework in Federated Infrastructures

Building on the structures of the Security for Collaboration among Infrastructures (SCI) framework, the “Security Negotiator for Community Trust Framework in Federated Infrastructures” (Snctfi) proposes a policy framework that allows determination of the 'interoperable trust' of such SP-IdP proxies and the community of services behind the Proxy. For example, an SP-IdP-proxy for EGI – proxying for all its compute and storage services – would be able to express to the R&E federation space that is has an internally-consistent policy set, that it can make collective statements about all its constituent services and resource providers, and that it will abide by best practices in the R&E community, such as adherence to the Data Protection Code of Conduct (DPCoCo), REFEDS Research and Scholarship (R&S) entity category, and Sirtfi – the security incident response trust framework that is in itself a separate development from the SCI structure.

Snctfi and the IGTF


The research leading to these results has received funding from the European Community’s Horizon2020 Programme under Grant Agreement No. 653965 (AARC).

The Snctfi framework identifies operational and policy requirements to help establish trust between an Infrastructure and identity providers either in an R&E Federation or in another Infrastructure, in each case joined via a Service Provider to Identity Provider proxy.
This document is intended for use by the personnel responsible for the management, operation and security of an Infrastructure and those wishing to assess its trustworthiness.

Snctfi is supported via the Authentication and Authorization for Research and Collaboration (AARC) project with contributions from many Research and e-Infrastructures, NRENs, and IGTF members. Read the Snctfi framework, apply it to your infrastucture, and share it with peers and R&E federations to foster global interoperability.