Beacon v2.0, the key GA4GH standard for data discovery, defines three data access policies — “anonymous”, “registered”, and “controlled” — without being concrete on any specific mechanism to provide secure data access. The Beacon v2.0 Reference Implementation supports OpenID Connect as an authentication protocol to provide a “registered” access policy allowing only registered users access to sensitive data. This may be enough for a singular Beacon instance installation, but insufficient in federated Beacon Networks where users must be restricted to concrete beacons or even entries. This session will explore how to secure Beacon Networks with Passports and trust federation.