Authorisation and Authentication Infrastructure (AAI)

Enables secure data sharing by communicating the permissions needed to conduct research

Secure data access across many different countries and institutions is critical to accelerating research. Developed by the GA4GH Data Security Work Stream in collaboration with the Data Use & Researcher Identities (DURI) Work Stream, the Authorisation and Authentication Infrastructure (AAI) specification can help automate the data access process by providing a mechanism to confirm a researcher’s digital identity and check their data access permissions.

Jump to...

Benefits

  • Provides a secure method to authenticate a researcher’s identity and authorise their permissions for data access
  • Allows centralisation of authentication and authorisation
  • Enables federated analysis

Target users

Developers, and security officers

Image summary: AAI builds a secure infrastructure for granting researchers access to datasets.

Community resources

Dive deeper into this product! AAI leverages the OpenID Connect (OIDC) industry standard to authenticate researchers’ identities and authorise their access to clinical and genomic resources. The specification employs access tokens to obtain “Passports” containing Visa tokens with specific permissions. These Passport and Visa tokens can be securely passed to other compatible data storage or analysis platforms and presented for subsequent data access requests. The AAI specification ultimately aims to develop an approach where data holders and data owners can recognise and accept identities across multiple systems, enabling researchers to get authorised access to more datasets and employ approaches such as federated analysis.


Date

Version

28 Oct 2019

Title

Related Driver Projects and Organisations

European Genome-phenome Archive (EGA)
ELIXIR Beacon
ELIXIR Cloud and AAI
NIH Cloud Platform Interoperability (NCPI) effort
Autism Sharing Initiative

Don't see your name? Get in touch:

  • Dixie Baker
    Martin, Blanck and Associates
  • Max Barkley
    DNAstack
  • Michael Baudis
    University of Zurich
  • David Bernick
    Broad Institute of MIT and Harvard
  • Steven Brenner
    University of California, Berkeley
  • Salvador Capella-Gutierrez
    Barcelona Supercomputing Center
  • Knox Carey
    Intertrust Technologies Corporation
  • Thomas Conner
    Broad Institute of MIT and Harvard
  • Jaime Delgado
    Universitat Politecnica de Catalunya (UPC)
  • Marc Fiume
    DNAstack
  • Dean Hartley
    Autism Speaks
  • Allison Heath
    Children's Hospital of Philadelphia
  • Melissa Konopko
    ELIXIR
  • Martin Kuba
    Masaryk University, ELIXIR Cloud and AAI
  • Fabio Liberante
    Wellcome Sanger Institute (WSI)
  • Alice Mann
    Wellcome Sanger Institute (WSI)
  • Tommi Nyrönen
    CSC – IT CENTER FOR SCIENCE
  • Jimmy Payyappilly
    EMBL's European Bioinformatics Institute (EBI)
  • Kurt Rodarmer
    Independent Contributor
  • Christopher Siwy
    NIH Office of Data Science Strategy (ODSS)
  • Heidi Sofia
    NIH National Human Genome Research Institute (NHGRI)
  • Dylan Spalding
    CSC – IT CENTER FOR SCIENCE
  • Jonathan Tedds
    ELIXIR
  • Douglas Voet
    Broad Institute of MIT and Harvard
  • Craig Voisin
    Google LLC

News, events, and more

Catch up with all news and articles associated with Authorisation and Authentication Infrastructure (AAI).

Headshots of GA4GH Data Security Work Steam Co-Leads, Jaime Delgado and Andrew Russette
24 May 2024
GA4GH Data Security Work Stream welcomes new Co-Leads Jaime Delgado and Andrew Russette
See more
8 Jul 2021
GA4GH standards in a global learning health system
See more
25 Jun 2020
Webinar recap: implementing GA4GH Passports and AAI — a technical deep dive (part 2)
See more