Presentation is loading. Please wait.

Presentation is loading. Please wait.

Umbrella PaN-data ODI Kickoff meeting, STFC November 3/4, 2011Heinz J Weyer, PSI 1 1 PaN-data ODI WP3 User AAA Service (Umbrella System)

Published byJeffery Armstrong Modified over 8 years ago

Similar presentations

Presentation on theme: "Umbrella PaN-data ODI Kickoff meeting, STFC November 3/4, 2011Heinz J Weyer, PSI 1 1 PaN-data ODI WP3 User AAA Service (Umbrella System)"— Presentation transcript:

1 Umbrella PaN-data ODI Kickoff meeting, STFC November 3/4, 2011Heinz J Weyer, PSI 1 1 PaN-data ODI WP3 User AAA Service (Umbrella System)

2 Umbrella PaN-data ODI Kickoff meeting, STFC November 3/4, 2011Heinz J Weyer, PSI 2 What are the IT requests?  Huge datasets Novel 2D detectors, quantum leap in data quality, but also data volumes multi-image techniques (tomography, lens-less imaging) molecular movies at FELs ‘Petabyte’ ‘normal’ unity; time over for ‘hard-disk in the trouser pocket’  Trans-facility experiments Standardize proposal procedures on EU scale  Remote data access analyze data remotely at facility combine datasets taken at different facilities clouds (commercial, community-based)  Remote experiment access basic: passive online access to measured data advanced: active control  PR Issues Improve corporate identity Improve public lobbying

3 Umbrella PaN-data ODI Kickoff meeting, STFC November 3/4, 2011Heinz J Weyer, PSI 3  Incorporate confidentiality aspects High competition, especially structural biology Time-window structured access to experiments and data  Rely on existing local user office structure Great experience DIY (Do It Yourself) operation  Users: manage their personal entries  User offices: supervising; manage authorizations  Base system on professional authentication standard Shibboleth, federated Single-Sign-On System (SAML), widely used special photon / neutron user federation only one identity provider supervising by local User Offices  Umbrella concept Unique user identification on EU scale Hybrid information storage No cross-facility information exchange Multi-level identification and trust (maximum autonomy to facilities) Required Solution Characteristics

4 Umbrella PaN-data ODI Kickoff meeting, STFC November 3/4, 2011Heinz J Weyer, PSI 4  Description of work: To deploy, operate, and evaluate a system for pan-European user identification across the participating facilities and implement common processes for the joint maintenance of that system. This is a necessary baseline for enabling seamless cross-facility data access and integration by individual users.  Deliverables: (m06) Specification of AAA infrastructure (m12) Pilot deployment of initial AAA service infrastructure (m18) Production deployment of AAA service infrastructure  Final goal: Completion of project delivering integrated services as planned  Tool: Umbrella WP3: User Catalogue and AAA Service

5 Umbrella PaN-data ODI Kickoff meeting, STFC November 3/4, 2011Heinz J Weyer, PSI 5 The Umbrella Concept User UOffice2UOffice1UOffice3 Fig.1

6 Umbrella PaN-data ODI Kickoff meeting, STFC November 3/4, 2011Heinz J Weyer, PSI 6 Local WUOs User database User Interface User portal User Remote access services Common User services User Traditional user office topology Planned Umbrella user office topology Experiment Access Dynamic beamline information Coaching FAQ Support European proposal submission User Interface = 6 Central portal

7 Umbrella PaN-data ODI Kickoff meeting, STFC November 3/4, 2011Heinz J Weyer, PSI 7 User EUU Coaching Ref. Database Prop. Modules Community branded WUO1 Central Part Local Part Shibboleth IdP User db Affiliation db Facility neutral EAA WUO2 WUO3 A A AAA A User A 7

8 Umbrella PaN-data ODI Kickoff meeting, STFC November 3/4, 2011Heinz J Weyer, PSI 8  Authentication (EU-unique (identification)  Proposal handling (thousands of proposals / year)  Coaching (support of novice users)  Prototypes: Umbrella + DUO (PSI):  + SMIS (ESRF):  + CAS (Diamond):  + DOOR (DESY):+  Remote data access (petabytes of data): CRISP  But more than authentication (e.g. data format, catalogues …)  Remote experiment login (young scientists; Fedex-style experiments)  But more than authentication (e.g. fire wall, experiment standardization, component protocols …) EuroFEL (Umbrella Prototype) Next Generation (Umbrella+) User access, IT projects 8

9 Umbrella PaN-data ODI Kickoff meeting, STFC November 3/4, 2011Heinz J Weyer, PSI 9 9 Umbrella architecture

10 Umbrella PaN-data ODI Kickoff meeting, STFC November 3/4, 2011Heinz J Weyer, PSI 10 Hybrid concept (central vs. Federated) Answer to conflicting requests:  Efficient technology  Confidentiality  Consequent distinction of authentication and authorisation User infoProposal Modules Central (common) part Local facility part o Modules with general, scientific info o Detailed info o Roles at facilities o Identification o Registration for central serv. Affiliation info o Department o Postal address Central phone o Proposer info o Roles at facilities o Facility specific city code (e.g. for EU reimbur- sement 10

11 Umbrella PaN-data ODI Kickoff meeting, STFC November 3/4, 2011Heinz J Weyer, PSI 11 EPH characteristics  Present situation: heavy administrative load on users no synchronization in call for proposals no EU proposal standard start always from scratch in spite of iterative character  Umbrella answer: subdivision into different parts Statistical Facility General (science)  Umbrella solution characteristics Federated proposal storage at facilities Compatibility with existing proposal handling Federated hybrid user database No Cross / trans-facility actions User: significant reduction of administrative load Facilities: no change in proposal handling work flow European Proposal Handling (EPH)

12 Umbrella PaN-data ODI Kickoff meeting, STFC November 3/4, 2011Heinz J Weyer, PSI 12 Statistics Prop. info Facility Safety info Shifts Beaml. data Referee info Ranking Sample info … General Motivation Curr. status Results exp. Technique References … Local facility WUO database General Motivation Curr. status Results exp. Technique References … PC Copy Get local copy Submission portal Search / locate Alerts Info service Submission … Edit moduleLocate proposal General Motivation Curr. status Results exp. Technique References … PC Copy Curr. Status Lorem ipsum lorem ipsum General Motivation Curr. status Results exp. Technique References … PC Copy Statistics Prop. info Facility Safety info Shifts Beaml. data Referee info Ranking Sample info … General Motivation Curr. status Results exp. Technique References … Local facility WUO database Update general part Merge & Submit EPH work flow European Proposal Handling (EPH)

13 Umbrella PaN-data ODI Kickoff meeting, STFC November 3/4, 2011Heinz J Weyer, PSI 13  Embargo vs. post-embargo period Embargo (first 3y): confidentiality, access to own team only Post-embargo: free access, possibly via registration  Standardized / automatized access rights manual central authorization impossible 1‘000s of experiments, 10‘000s of users  Identity by Umbrella Unique, EU-wide user authentication  Keep Role of proposal as organizing element Users convene for a short time slot for performing an experiment Principal investigator / main proposer Who participates in experiment, has access right to data Proposal officially accepted by facility, PI is official contact PI defines experiment participants (practically existing WUO tool) Remote data access, concept proposed 13

14 Umbrella PaN-data ODI Kickoff meeting, STFC November 3/4, 2011Heinz J Weyer, PSI 14 Pjxx User3 User4 User1 User2 User5 PpA1 Data1 PpA1 User1 User3 User5 PpB1 User1 User3 User5 PpB2 User1 User2 PpC1 User3 User4 User5 Pjyy User2 Pjzz User4 User5 PpA1 DataN …. PpB1 Data1 PpB1 DataN …. PpB2 Data1 PpB2 DataN …. PpC1 Data1 PpC1 DataN …. Facility A Facility B Facility C Users User Level Projects Project Level ProposalsExperiments / Data Facility Level User3 User1 User3 User5

15 Umbrella PaN-data ODI Kickoff meeting, STFC November 3/4, 2011Heinz J Weyer, PSI 15  Applications to test  EAA: registration, mutation  European Proposal Handling (EPH)  Remote Data Access (iCat as possibility)  Remote Experiment Access (Moonshot as possibility)  Standard Affiliation Database?  Environment offered  Prototype of central web site  Umbrella + WUO test versions (DESY, PSI, ESRF, ??)  System users  External expert users (ESUO, ETH, BioStruct, ??)  Local facility experts (DESY)  Roadmap  Start February 1, 2012  Duration about 1/4y  Concluding workshop  Concluding document Friendly user phase 15

16 Umbrella PaN-data ODI Kickoff meeting, STFC November 3/4, 2011Heinz J Weyer, PSI 16  EuroFEL WP2  Prototype developments for FEL facilities (March 2011)  Authentication: unique user ID  Umbrella proposal system  CRISP WP16  PSI + ESRF, ESS, GSI, ILL, EU-XFEL  Authentication for management of local and remote access to facilities, experiments, data, and IT resources  Prototype development  CRISP WP17  ILL + ESRF, CERN, DESY +  Metadata management and mining service; data continuum  Dual local / Umbrella operation possible  CRISP WP18  EU-XFEL + DESY, ESRF, ILL +  High-speed Recording of Data  PaN-Data  PSI + almost all European Photon / Neutron facilities  Authentication implementation for Photon / Neutron facilities FP7 Programs, Job Sharing 16

17 Umbrella PaN-data ODI Kickoff meeting, STFC November 3/4, 2011Heinz J Weyer, PSI 17  DESY  Frank Schluenzen, Rolf Treusch, Jan-Peter Kurz, Ulrike Lindemann  Diamond  Bill Pulford  ESRF  Rudolf Dimper, Dominique Porte, Stefan Schulze  European XFEL  Krzysztof Wrona  Fermi/Elettra  Ornela Degiacomo, Giorgio Paolucci  HZB  Thomas Gutberlet, Dietmar Herrendoerfer, Olaf Schwarzkopf  IPJ (Poland)  Robert Nietubic  MaxLAB  Ulf Johansson  PSI  Bjoern Abt, Stephan Egli, Stefan Janssen, Markus Knecht, Mirjam van Daalen, Heinz J Weyer  Soleil  Frederique Fraissard  STFC  Anthony Gleeson Umbrella collaborators 17

18 Umbrella PaN-data ODI Kickoff meeting, STFC November 3/4, 2011Heinz J Weyer, PSI 18  React to increased access to facilities by non-classic users  User friendliness  Coaching  Facility friendliness  Huge data rates for acquisition, transfer, storage  Central federated identification  Remote data and experiment access tools  Umbrella: Tools independent from local tools  Increased need for common science-political visibility (funds)  Lobbying, Corporate identity  Common web-portal  User management  Common solutions: no special solutions, advantage for all  Central vs. local: keep local where possible, central as umbrella  Umbrella  >>> It’s time to open the Umbrella Conclusion 18

Download ppt "Umbrella PaN-data ODI Kickoff meeting, STFC November 3/4, 2011Heinz J Weyer, PSI 1 1 PaN-data ODI WP3 User AAA Service (Umbrella System)"

Similar presentations

4th workshop, federated identity systems, Nymegen June 21/22, 2012Heinz J Weyer, PSI 1 1 Federated Identity and the Photon / Neutron Community.

4th workshop, federated identity systems, Nymegen June 21/22, 2012Heinz J Weyer, PSI 1 1 Federated Identity and the Photon / Neutron Community.
Duke Enterprise CMS CGS Meeting 5/7/2004 Cheryl Crupi Senior Manager, Duke OIT Office of Web Services.

Duke Enterprise CMS CGS Meeting 5/7/2004 Cheryl Crupi Senior Manager, Duke OIT Office of Web Services.
V-GISC Presentation – ET_WISC – Geneva - February 3 2010 v-GISC key functionalities ET_WISC meeting 2-5 February 2010 Jean-Pierre Aubagnac, Jacques Roumilhac.

V-GISC Presentation – ET_WISC – Geneva - February v-GISC key functionalities ET_WISC meeting 2-5 February 2010 Jean-Pierre Aubagnac, Jacques Roumilhac.
Federated Identity Management for Researchers – A quick overview from GÉANT BoF TNC 2014 20 May 2014 Dublin.

Federated Identity Management for Researchers – A quick overview from GÉANT BoF TNC May 2014 Dublin.
Slide: 1 Welcome to the workshop ESRFUP-WP7 User Single Entry Point.

Slide: 1 Welcome to the workshop ESRFUP-WP7 User Single Entry Point.
Introduction on WP7/WP9 Dominique PORTE 29/05/2008 Menu What is WP7? What is WP9? Goal of the brainstorming Introduction on WP7/WP9.

Introduction on WP7/WP9 Dominique PORTE 29/05/2008 Menu What is WP7? What is WP9? Goal of the brainstorming Introduction on WP7/WP9.
Enabling Access to Sound Archives through Integration, Enrichment and Retrieval WP1. Project Management.

Enabling Access to Sound Archives through Integration, Enrichment and Retrieval WP1. Project Management.
ECM27, Bergen DDD Workshop August 6, 2012Heinz J Weyer, PSI 1 1 ECM27 Workshop on Data Diffraction Deposition.

ECM27, Bergen DDD Workshop August 6, 2012Heinz J Weyer, PSI 1 1 ECM27 Workshop on Data Diffraction Deposition.
Data Catalogue Service Work Package 4. Main Objective: Deployment, Operation and Evaluation of a cataloguing service for scientific data. Why: Potential.

Data Catalogue Service Work Package 4. Main Objective: Deployment, Operation and Evaluation of a cataloguing service for scientific data. Why: Potential.
Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI TF, AAI workshop 19 Sep 2012.

Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI TF, AAI workshop 19 Sep 2012.
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
LHC Experiment Dashboard Main areas covered by the Experiment Dashboard: Data processing monitoring (job monitoring) Data transfer monitoring Site/service.

LHC Experiment Dashboard Main areas covered by the Experiment Dashboard: Data processing monitoring (job monitoring) Data transfer monitoring Site/service.
FIM-ig Federated Identity Management Interest Group.

FIM-ig Federated Identity Management Interest Group.
● Problem statement ● Proposed solution ● Proposed product ● Product Features ● Web Service ● Delegation ● Revocation ● Report Generation ● XACML 3.0.

● Problem statement ● Proposed solution ● Proposed product ● Product Features ● Web Service ● Delegation ● Revocation ● Report Generation ● XACML 3.0.
PaN-data WP4 - Users Gordon Brown STFC-e-Science Alun Ashton DLS Bill Pulford DLS.

PaN-data WP4 - Users Gordon Brown STFC-e-Science Alun Ashton DLS Bill Pulford DLS.
Umbrella Federated Identity Management Workshop, Taipei, February 27, 2012Heinz J Weyer, PSI 1 1 Umbrella for Photon / Neutron Community.

Umbrella Federated Identity Management Workshop, Taipei, February 27, 2012Heinz J Weyer, PSI 1 1 Umbrella for Photon / Neutron Community.
ESUO Meeting 4.-5.10.2012 ALBA Umbrella AAI for Photon / Neutron Community M van Daalen 1 Mirjam van Daalen, Heinz Weyer, Björn Abt.

ESUO Meeting ALBA Umbrella AAI for Photon / Neutron Community M van Daalen 1 Mirjam van Daalen, Heinz Weyer, Björn Abt.
ADC Meeting 2007-09-12 ICEO Standards Working Group Steven F. Browdy, Co-Chair ADC Workshop Washington, D.C. September, 2007.

ADC Meeting ICEO Standards Working Group Steven F. Browdy, Co-Chair ADC Workshop Washington, D.C. September, 2007.
NMI3 Meeting 4.12.2012 Umbrella AAI for Photon / Neutron Community M van Daalen 1 Mirjam van Daalen, Heinz Weyer, Björn Abt.

NMI3 Meeting Umbrella AAI for Photon / Neutron Community M van Daalen 1 Mirjam van Daalen, Heinz Weyer, Björn Abt.
Developments concerning the Community Plant Variety Office of the European Union (CPVO) online application system Meeting on the development of a prototype.

Developments concerning the Community Plant Variety Office of the European Union (CPVO) online application system Meeting on the development of a prototype.

Similar presentations

Ads by Google