1 / 16

Overview

Umbrella Project. Overview. Pan-EU Authentication Proposal handling (prototype) Coaching Remote experiment access Remote data access Publications Indico (Integrated Digital Conference) …. The Umbrella Concept. User. UOffice3. UOffice2. UOffice1. Fig.1. EUU. EAA. Coaching

teal
Télécharger la présentation

Overview

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Umbrella Project Overview • Pan-EU Authentication • Proposal handling (prototype) • Coaching • Remote experiment access • Remote data access • Publications • Indico (Integrated Digital Conference) • …

  2. The Umbrella Concept User UOffice3 UOffice2 UOffice1 Fig.1

  3. EUU EAA Coaching Proposals More… Shibboleth IdP User db Affiliation db Central Part User WUO2 WUO3 WUO1 Local Part

  4. Umbrella Project IT Projects • Authentication (EU-unique (identification) • Proposal handling (thousands of proposals / year) • Coaching (support of novice users) • Remote experiment login (young scientists; Fedex-style experiments) • But more than authentication (e.g. fire wall, experiment standardization, component protocols …) • Remote data access (terabytes of data) • But more than authentication (e.g. data format, catalogues …) EuroFEL Umbrella prototype Next generation

  5. Umbrella Project Required Solution Characteristics • Confidentiality • High competition, especially structural biology • Time-window structured access to experiments and data • User friendliness • Part-time users, small teams, no guru • Flexible, diverse solutions • Responding to diverse requests • Facility friendliness • Limited resources • Prevent any ‘bypass’ solutions • Keep local as much as possible • Distributed actions • Users: manage their personal entries • Facilities: manage their authorizations

  6. Umbrella Project The Umbrella components, EAA Authentication, Requirements AAA ≡ Authentication+Authorization+Accounting EAA ≡ European AAA WUO ≡ Web-based User Office (local) • User friendliness • Single sign on • Unique user identification on EU scale • Full autonomy for WUO’s • Dual EAA and WUO operation • No cross-facility information exchange • Users controls his/her personal info • Facilities control full info and authorization • No specific local software • Prevent ‘special’ databases

  7. Umbrella Project Uname Passw Email Birthday Local Central Phone Smail … Registrations Facility Roles … Facility A B C The Umbrella components, EAA Authentication, Realization AAA ≡ Authentication +Authorization +Accounting EAA ≡ European AAA WUO ≡ Web-based User Office (local) • Handshake: Shibboleth, SAML • Hybrid DB, federated + central • Split of user info into central and local • Central= minimum for ID • Local= full + authorization • 2-level authentication: • soft: newsletter, proposal • hard: facility access • Curation • User: registration, mutation • WUO: role assignment

  8. Umbrella Project EAA and WUO’s • WUO to EAA • No automatic migration • User see’s the EAA option on his local WUO and registers once on EAA • May need to get a new Pan-EU user name (prevent multiple user names, nightmare for users!) • But user can stay on WUO • EAA to WUO • User decides where to go • Login to new WUO: can pull his personal info stored at another WUO and push it to the new.

  9. Umbrella Project Proposer info Time request … Beamline Sample General Local Goal Method Results Prev. Work … The Umbrella components, EUU Proposal handling UUU ≡ Unified User Umbrella EUU ≡ EuroFEL UUU (prototype) WUO ≡ Web-based User Office (local) • EUU: export, modify, and submit • Local (facility-specific) and general (scientific) part • Flexibility and confidentiality • Export-type mechanism: up-to-date format • Work on formal agreement • Local WUOs stay fully autonomous • No specific local software

  10. Umbrella Project User Coordinator FAQ db Coach 1 … Coach n The Umbrella components EUU Coaching • Support of novice users • FAQ (static) • Coaching (dynamic) • Structured tool • Advice only • Responsibility always with user • Category tree • Experienced coaches needed • Protected against excessive load • But free to identify themselves • Limited number of iterations • Coaches honored on peer basis • Interesting questions to FAQ db • Support of beamline managers

  11. EuroFEL Authentication WUO ≡ Web-Based User Office ( local) EAA ≡ EuroFEL Authentication Interface to WUO DB Interface to Affiliation DB Interface to Central DB EuroFEL Authentication and Authorization (EAA) Central EAA Tool Basic Communication Protocol User Update service Parallel WUO And EAA Operation Local WUO Update service Adaption of WUO part

  12. Unified User Umbrella and Coaching WUO ≡ Web-Based User Office, existing local user office DUO ≡ WUO as developed at PSI SMIS ≡ WUO as developed at ESRF EAA ≡ EuroFEL Authentication Interface to Affiliation DB Interface to EAA Interface to Affiliation DB Communication protocol EuroFEL Coaching Interface to DUO WUO‘s EuroFEL Unified User Umbrella (EUU) Dialog With user Transfer Proposal to WUO Interface to SMIS WUO‘s Interface to Affiliation DB Interface to Affiliation DB Export proposal From WUO

  13. EAA (European Authentication and Authorization) Implementation Prototype ready EUU (European User Umbrella) Planning / Design EuroFEL / WP2 Proposed EUU/EAA Roadmap 0.5 FTE 0.1 FTE 0.5 FTE 1.06.10 1.10.10 1.01.11 1.10.10 1.04.11 1.04.12 1.04.13

  14. Umbrella Project Status and Outlook (September 2010) • Architecture document + road map for prototype ready • Start development of 1st- generation Umbrella prototype • Shibboleth • deadline March 31, 2011 • Discussion 2nd-generation Umbrella (remote functionalities) • ‘Actors’: • PaN-Data • EuroFEL • ESFRI-Cluster • HDRI Helmholtz • Tools: • GRID? • Specific development? • Type: • Facility-friendly + user-friendly • Two-level? • Slim, simple • Strong, full-beauty IT

  15. Umbrella Project Science-political issues Facilities • Limited manpower • (Ideally) no additional load • No central octopus • Open-heart operation • WUO and EAA parallel operation • no dependence on new system, in principle could go back • Cooperation and competition • No central storage of proposals • Minimum central storage of user info (only for unique ID) • No X-facility exchange of authorization info • No X-facility access to personal user info • Distributed responsibility? • Event logging and confidentiality • To GRID or not to GRID • how much to modify? • support from GRID community? • must it be GRID? Or other system, e.g. Cloud? • Umbrella for GRID ad Cloud?

  16. Umbrella Project Science-political issues Users • Be friendly to IT-skilled users • Cope with occasional, few-times-per-year users • Cope with multi-facility users • No central octopus • Allow multi-level authentication (soft, hard) • No need for special software at user site • Few-month stands • Allow flexible definition of research teams, responsibility delegated to spokespersons • Time-windowed access to experiment data • PhD-Students and Postdocs • Quick registration of users • Foresee remote experiment access • Greenhorns • Coaching

More Related