This deliverable, part of ENVRI-Hub NEXT Work Package 11 (WP11), focuses on defining recommendations pertaining to a legal framework for cross-domain Authentication and Authorisation Infrastructure (AAI) systems, ensuring secure and seamless access to data and services across Research Infrastructures (RIs). Based on landscape analyses of current data and metadata licensing practices, as well as AAI implementations, it provides recommendations to standardize policies while addressing legal and technical boundary conditions. Findings highlight diverse licensing practices, with Creative Commons Attribution 4.0 (CC-BY-4.0) and Creative Commons Zero 1.0 (CC0-1.0) being predominant. The analysis also underscores the importance of aligning metadata practices with FAIR principles and European standards. Nine RIs have implemented AAI systems using federated identity protocols, emphasizing role-based access control and interoperability with platforms like the European Open Science Cloud (EOSC). The deliverable recommends harmonizing data and metadata policies, adopting federated AAI standards, and ensuring GDPR compliance. This framework adopts open science, interoperability, and secure cross-domain collaboration, supporting ENVRI-Hub NEXT's goal of enabling interdisciplinary, science-based services.
Jawak et al. (Mon,) studied this question.