Pilot Description
The LIGO Scientific Collaboration (LSC) is a group of scientists focused on the direct detection of gravitational waves, using them to explore the fundamental physics of gravity, and developing the emerging field of gravitational wave science as a tool of astronomical discovery. The LSC works toward this goal through research on, and development of techniques for, gravitational wave detection; and the development, commissioning and exploitation of gravitational wave detectors. The LSC carries out the science of the LIGO Observatories, located in Hanford, Washington and Livingston, Louisiana as well as that of the GEO600 detector in Hannover, Germany. Our collaboration is organised around three general areas of research: analysis of LIGO and GEO data searching for gravitational waves from astrophysical sources, detector operations and characterisation, and development of future large scale gravitational wave detectors. Founded in 1997, the LSC is currently made up of more than 1200 scientists from over 108 institutions and 18 countries worldwide.
Each member of the LSC is assigned an albert.einstein identity and they manage this account and their credentials via the my.ligo.org application. This pilot aims to investigate the infrastructure and organisational changes required to support the increased use of federated institutional entities alongside existing internal credentials. In particular it will identify technological components and deploy a pilot service to be used for evaluation. It will also work to understand the current limitations of federated identities as applied to the LSC, and recommend alternative approaches.
SAML proxies are increasingly being used to easily connect all of a collaboration's resources into the eduGAIN network and this would demonstrate it's success for a large, established collaboration.
Pilot goals
The goal of this AARC project is design and deploy a pilot SAML proxy instance so that LSC users can make better use of Institutional Identities in a federated manner. SAML proxies are increasingly being used to easily connect all of a collaboration's resources into the eduGAIN network and this would demonstrate it's success for a large, established collaboration. It will also investigate the limitations of a SAML proxy and recommend alternatives to these issues.
Description
Following discussions within the LSC it was decided that the pilot will deploy SATOSA and pyFF to create a SAML proxy between the eduGAIN institutional identity providers and the LSC's service providers. This would allow LSC and Virgo members to use their institutional credentials to access LSC resources directly. Institutional identies would be mapped to a user's albert.einstein identity via an internal account linking, and LIGO specific information; in particular group and identity information would be used to annotate the account. SATOSA will act as the central SAML Proxy of the project, while pyFF will be used to aggregate SAML metadata from Edugain and the LSC, and also provide the discovery service interface.
Components
- SAML Proxy: SATOSA
- Metadata Aggregator: PyFF
- Discovery Service: PyFF
- Account Linking: COManage
- Component A - Service provider
- Component B - Bring order to chaos
- Component C - Hide my precious treasure
Architecture
SATOSA
PyFF Discovery Service
Use Cases
This section should explain how this pilot works through use cases (at least 2).
- The title is the use case
- Each line is a step
- 2 columns available, first with text and description, second with a screenshot
(Here's a valid example LINK)
Results
A Pilot instance has been deployed and has been registered in the eduGAIN metadata and is undergoing testing.
Further information
Provide some description related to BPA. Was BPA useful to achieve this results? how?
About sustainability:
- will this pilot survive after AARC?
- If yes, how?
- if no, why?
Last part contain a list of information, link or anything related to the pilot that was not mentioned in ahead seciton.
Last part contain a list of information, link or anything related to the pilot that was not mentioned in ahead seciton.