You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Study on AAA (authentication, authorization and accounting) platforms and services for scientific data/information resources in Europe

Grant No ???? ()

 

The Consortium composed of the following four partners:

  1. the Trans European Research and Education Networking Association, hereafter called TERENA, the leading partner;
    1. Ligue des Bibliothèques Européennes de Recherche - Association of European Research Libraries, hereafter called LIBER;
    2. Universiteit van Amsterdam hereafter called UvA;
    3. University and National Library of Debrecen hereafter called DEENK

has been awarded by the European Commission the grant to do a study on “AAA (authentication, authorization and accounting) platforms and services for scientific data/information resources”.

 

1      Aim of the Study

Supporting and promoting scientific research and innovation as well as opening up access to scientific information are key priorities for the European Commission and for the Member States.

The rapid development and adoption of Information and Communication Technologies (ICT) have enabled the provisioning of e-Infrastructures, a distributed environment to share resources (hardware, software and content) and access them wherever required for research purposes; this has changed the way researchers work, enabling almost instantaneous collaboration regardless of physical location and has provided access to an enormous amount of scientific information that can be processed on powerful computational platforms.

Research addresses different aspects and as a result the data produced is very heterogeneous, so is the demand to access, store, protect and preserve them. A platform able to handle different levels of access to heterogeneous content is referred to as the Scientific Data e-Infrastructure (SDI).

The goal of the SDI is to ensure access to different types of content and to allow for flexible, reliable, efficient, cross-disciplinary and cross-border access; at the same time it is important to protect data integrity and ownership and ensure data authenticity as well as data confidentiality. It is also important to ensure that data access is available to everybody, in light of open exchange of knowledge that has been and remains one of the main drivers for research.  

The goal above presents at the same time opportunities and challenges, mostly related to data access, data management and governance, data curation and long-term preservation.

The SDI requires sophisticated mechanisms for authentication, authorization and accounting (AAA). Such mechanisms are already deployed in the existing e-Infrastructures, although further evolution is required to satisfy all requirements. Offering the SDI by simply creating a new AAA platform without any assessment of the state-of-the art would not be desirable from a cost perspective or from a usability perspective. Furthermore, the existing infrastructures already offer, to a large extent, the necessary functionality.

The key objective is thus to enable inter-operability among existing e-Infrastructures as much as possible to offer high quality services for researchers, funding agencies and the public at large in a cost effective way.

The study will assess existing AAA-infrastructures; it will identify use-cases for the SDI as well as the ability for the existing AAA-infrastructures to address these use-cases. The study will also examine the gaps in providing the necessary infrastructure to support the use-cases and explore the work that is being done in the existing AAA-infrastructures to address those needs.

2      General Study Organization

The study will be organized in two parts/stages:

 

Part I

The first part of the study will consist of an assessment of the state-of-the art of the current e-Infrastructure (Objective 1) and related access control technologies.

This part will also cover the rationale (mostly in light of the added value for science and society) for building an AAI and will compare scalability, governance (and stakeholders), policies and the widely used technologies; an evaluation of how existing AAI deployed for research and education (in Europe and beyond) could also be used to support other sectors will be provided as well.

During this phase of the study, use-cases will be identified via interviews with different user-groups, such as R&E communities, Information Services providers (data centres, libraries), e-Science users and so on.

The outcome of this part of the study will result in:

(i)            A complete overview of the AAA landscape in Europe (with references to US and/or other regions) and the main current trends;

(ii)           A description of the inter-operability features of the AAA systems surveyed in light of their suitability as elements of integrated infrastructures.

(iii)          An evaluation of the user-friendliness of the considered AAA infrastructures.

This part of the study will also offer inputs to national decision makers to understand why it is important to invest in infrastructure for science.

 

Part II

In the second part of the study existing and emerging infrastructures will be analyzed in relation to use-cases identified in section 1.

A strengths and weaknesses study (SWOT Analysis) of the existing infrastructure to support the identified use-cases will be carried out (Objective 2).

This part of the study will also describe scenarios that would benefit from an integrated AAA and evaluate options to deliver an integrated and manageable AAA/AAI for SDI (or e-Infrastructure).

The results of the SWOT analysis will also be used to address data protection, access issues, trust issues, and access policies at pan-European level.

 

The outcome of this part of the study will:

(i)    Describe the rationale for the integrated SDI and its added value to access, store and preserve heterogeneous data; 

(ii)   Provide recommendations for adapting the existing, widely used platforms and services to be fully compliant with the requirements posed by the use of data/information resources (papers, catalogues, raw data, images, etc).

(iii)  Provide recommendations on how the European regulations could support such an integrated SDI;

(iv) Provide technical recommendations for developers to favour specific technologies to ensure future inter-operability;

(v)  Address the (organizational, legal and technical) challenges to provide pan-Europe AAA/AAI for SDI/e-Infrastructure.

 

Particular importance will be given to the following objectives and factors:

(i)            consolidation and federation of existing e-Infrastructures to comply with the requirements posed by the use of data and information resources - this will be led by an analysis of use-cases;

(ii)           integration with e-Government AAA initiatives ;

(iii)          ease of access to data and information resources not only for the scientific community but for the wider public as well;

(iv)         the use of e-Infrastructure as a cost-efficient platform for large-scale technological experimentation;

(v)          the role of new technologies and standards under development in relevant bodies such as IETF, OGF, OASIS, ISO/ITU-T, IEEE  and how these can be used to provide the SDI;

(vi)         the role of industry technologies such as those used by social networks (i.e. Facebook), Google and Microsoft in creating e-Infrastructure.

A pan-European trustworthy infrastructure for access to research data will stimulate the exchange of information and will give a boost to students’ and researchers’ mobility. It will support libraries and data centres in their core business: making sure that data can be easily made available not only now but also in the near or far future.

 

Role of libraries in providing access to scientific information and data

Libraries provide free access to large amounts of information resources, but there are also large amounts of copyright material licensed from rights holders; medical research needs to share images or data in a way to preserve privacy; physicists share not only data but also resources (such as machines, storage and so on). In all cases, mechanisms and infrastructures to manage access are needed, for example to avoid misinterpretation or misuse of data, to identify the person requesting access, to identify his/her privileges and to log usage of data, to respect privacy regulations, to deal with ethical issues, to guarantee data quality and integrity etc.

 

3      Timetable, Deliverables, and Meetings

The study will be done in period from January 2012 till August 2012 with the following deliverables and timetable.

D1 - Inception report (February 2011) will elaborate on the methodology that will be used to carry out the study, will provide details on the resources and articulate the objectives.

D2 - Interim study report (April 2012) will cover the intermediate results for the objectives listed above, specifically:

Objective 1: the state-of-the-art survey will be in its final stage and complete.

TERENA and UvA will lead the work to assess the state-of-the art of the existing AAA infrastructures used by the research and education community.

Objective 2: some technical, organisational and legal obstacles will be identified in the analysed AAA Infrastructures and initial proposals will be formulated, specifically on how to overcome the barriers to effectively move towards the provision of common cross-domain and European-wide AAA services suitable for information resources.

The interim report will include initial set of use-cases collected by partners, in particular:

(i)            LIBER and DEENK will collect the requirements from the library, the archive and the humanity communities on data access, data management and governance, data curation and long-term preservation as well as on AAA.

(ii)           TERENA and UvA will collect to requirements from the e-Science and to the networking communities.

The initial requirements for the AAA infrastructure will be derived by the use-cases; the assessed AAA infrastructures will also be evaluated against the collected use-cases. A SWOT analysis of these infrastructures will be provided as part of this report.

D3 - Final study report (June 2012), including an executive summary, covering the final results for the objectives listed above. The final study report will take into account the discussions at the Final workshop (planned for July 2012) and final meeting as well as the use-communities identified and consulted by the consortium. An annex to the final study report will contain the raw data used in producing the study.

D4  - Technical report (July 2012) which will describe the use of resources in the performance of the contract including e.g. time-sheets on man/days consumption, travel details, use of consumables, etc.

Final workshop will be organised in July 2012 to discuss results if the study and findings to be presented in the Final study report. During this meeting a draft of the final study report will be presented. The workshop will be organised at the Commission’s premises in Brussels.

 

4      Consortium

TERENA (http://www.terena.org) has extensive and consolidated experience in leading pan-European initiatives and large-scale studies. TERENA operates under a model in which experts with the appropriate competence and experience from the national academic networks and the research community collaborate in the well-established initiatives operating under the TERENA’s umbrella, such as the Research and Education FEDerationS (REFEDS) initiative, the task-force on European Middleware Coordination and Collaboration (TF-EMC2) and the task-force on Mobility and Network Middleware (TF-MNM). Through the leadership of these groups (who have committed to participating in this study) and through TERENA’s participation in the GÉANT project, TERENA can provide extraordinary resources and knowledge for the task at hand: assessing the AAA-infrastructures operated by (and for) the European R&E community, define the requirements of this community for the next decade and propose recommendations to build the Scientific Data infrastructure (SDI).

LIBER  (http://www.libereurope.eu) offers a network of 425 institutions (major research libraries in Europe) in more than 40 countries, which will prove very useful for consultation, dissemination and awareness raising; LIBER is also well positioned to offer a more political level consultation and outreach via the League of European Research Universities (LERU) and other major research institutes. Large scale survey experience is another main asset that LIBER will bring to the Consortium.

UvA (http://www.science.uva.nl/research/sne/) will contribute to the project study with expert knowledge in the area of Authentication and Authorisation Infrastructure (AAI) and emerging security models for Cloud and on-demand infrastructure services provisioning to achieve federated Authentication, Authorisation and Attributes management in heterogeneous distributed e-Science applications. Existing expertise will be effectively used for proposing a common integrated and/or federated AAA infrastructure for all components and layers of the Scientific Data infrastructure (SDI). UvA has developed generic authentication, authorisation and accounting (AAA) architecture and AAA Authorisation frameworks (described in RFC2903-2906) and provided practical implementation with the open source GAAA (Generic AAA) Toolkit Library used in a number of EU funded projects like GEYSERS (Generalised Architecture for Dynamic Infrastructure Services), Phosphorus (Lamba User Controlled Infrastructure for European Research), EGEE (Enabling Grid from E-sciencE) and others. UvA is active in many standardisation bodies including OGF (http://www.ogf.org), IETF (http://www.ietf.org) and NIST (http://www.nist.gov).

DEENK (http://www.lib.unideb.hu) is one of the leading university libraries with important national tasks in Hungary. DEENK operates the infrastructure of the National Document Supply System including the electronic document service. It provides technical support for the Hungarian Open Repository Network (HUNOR) and brings to the consortium a key role in open access initiatives both on national and international levels as well as the experience gained in developing an electronic archive to store scholarly outputs as one of the first universities in Hungary. It hosts the Open Access National website containing up-to-date information about open access events and projects.

External experts

A number of external experts have already been engaged in the preparation of this offer, namely:

Diego Lopez (Telefonica I+D), former (till October 2011) chair of the TERENA task-force on European Middleware Coordination and Collaboration and also member of the High Level Expert Group on Scientific Data e-Infrastructures;

Nicole Harris (JISC Advance) and co-coordinator for REFEDS;

Klaas Wierenga (Cisco Systems) and chair of the TERENA task-force on Mobility and Network Middleware as well as chair of the European Committee for Academic Middleware (ECAM), and

Torbjörn Wiberg (Umeå University) responsible for the Swedish Alliance of Middleware Infrastructure; they have committed to participate in the study as well.

 

  • No labels