A pathfinder project for a National AAAI

Lead Research Organisation: University College London
Department Name: Physics and Astronomy

Abstract

The RCUK National e-Infrastructure projects wish to propose to undertake pilots to demonstrate the proposed access and resource management infrastructure works in several common research settings, especially in areas where data must be securely accessed, stored and transported.

The pilots will integrate 2 key existing Authentication, Authorisation and Accounting Infrastructure (AAAI) technologies, Assent and SAFE. The Authentication Service Assent is already in service at a number of institutions and Safe Share will be deployed, subject to successful pilots, at eMedLab (Crick/UCL), Farr Institute (London, HeRC, Wales and Scotland) and the Administrative Data Research Network. The Authorisation and Accounting service SAFE is currently used by Archer, DiRAC and the Hartree Centre.
The proposed pathfinder initiative will pilot the integration of these capabilities as a significant step towards implementing a coherent National Authentication, Authorisation and Accounting Infrastructure that serves the needs of UK and international research collaborations.
To deliver our vision of opening up access to the National E-Infrastructure we need to take these individual pieces and integrate them into a UK-wide service, which will also be compatible with EU and international projects' access and resource management services. This will allow us to then roll out a robust user management system across the National E-Infrastructure for both academic and industrial partners. The development of a final national solution is complex and by its nature cannot be quick. It must fit with European and global advances and requires international trust agreements. In order to move towards this, we propose this pathfinder project, which will utilise existing developments and provide a first working service on the National E-Infrastructure.

Planned Impact

This pathfinder will build on and integrate the following existing capabilities:
Jisc's Assent service, to provide users with a common, single sign on mechanism that integrates with institutional identity management systems to confirm a researcher's identity; and its peer systems overseas.
Existing virtual organisation (VO) systems, such as the EPPC's SAFE management infrastructure.
A High Assurance Network and two-factor authentication, where appropriate, for secure data access and transport e.g. JISC's SafeShare service.
Four work packages are proposed to undertake this integration work and pilot the services in the field at sites across the RCUK domain.
The cost to RCUK will be £173932 over 10 months.
The outputs will be secure and very secure versions of a common AAAI application which integrates Assent and SAFE. This will also be able to federate with SAML and X.509 identity management systems which is a requirement for international collaborations.
A technical design and business case for a proposed National AAAI service will be produced.

Publications

10 25 50

publication icon
Agertz O (2020) EDGE: the mass-metallicity relation as a critical test of galaxy formation physics in Monthly Notices of the Royal Astronomical Society

publication icon
Almaraz E (2020) Nonlinear structure formation in Bound Dark Energy in Journal of Cosmology and Astroparticle Physics

publication icon
Amarante J (2020) The Splash without a Merger in The Astrophysical Journal

publication icon
Antolin P (2020) Reconnection nanojets in the solar corona in Nature Astronomy

publication icon
Arthuis P (2020) Ab Initio Computation of Charge Densities for Sn and Xe Isotopes. in Physical review letters

 
Description We demonstrated the practicality of having a central Authentication and Authorisation Service and linking it to a well used Accounting Service.

This was tested in 3 common settings.

We were able to demonstrate the successful use of a central Identity Provider for non academic users of academic eninfra structure
Exploitation Route This has been used to form the basis of the Proposed UKRI AAAI Framework
Sectors Aerospace, Defence and Marine,Agriculture, Food and Drink,Chemicals,Communities and Social Services/Policy,Construction,Creative Economy,Digital/Communication/Information Technologies (including Software),Education,Electronics,Energy,Environment,Financial Services, and Management Consultancy,Healthcare,Government, Democracy and Justice,Culture, Heritage, Museums and Collections,Pharmaceuticals and Medical Biotechnology,Retail,Security and Diplomacy,Transport

 
Description Used as the Basis for a UKRI White Paper on AAAI Approach will be used to open up the UKRI Einf to Public Sector, Industry and Commerce
First Year Of Impact 2018
Sector Digital/Communication/Information Technologies (including Software),Healthcare
Impact Types Policy & public services

 
Description Fed into UKRI eInfrastructure policy
Geographic Reach Europe 
Policy Influence Type Participation in a advisory committee
 
Title IMproved usability of JISC Assent Authentication Service and creation of Credential Conversion Service at RAL 
Description The Assent Authentication Service was shown to work with an Authorisation and Accounting Service (SAFE). An API will be published. A credential conversion service was bulit at RAL to allow UK researchers to use home credentials to access international research projects 
Type Of Material Improvements to research infrastructure 
Year Produced 2018 
Provided To Others? Yes  
Impact The construction of a plan to create a service to allow UK researchers single sign on to UK and World EInfrastrcutures 
 
Description AAAI for the UK NeI 
Organisation Jisc
Country United Kingdom 
Sector Public 
PI Contribution PI of RCUK pilot project for AAAI
Collaborator Contribution Software development and testing at 8 UK HEIs and ROs
Impact SAFE+ASSET AAAI service
Start Year 2016
 
Title Collaboration with Atempo 
Description Tape to Tape data transfter between DiRAC sites. 
Type Of Technology Software 
Year Produced 2019 
Open Source License? Yes  
Impact Proof of COncept that data could be read from Tape stores remotely via a remote file system 
 
Title Fast Network Links for Durham and Cambridge Univeristies 
Description The Universeities and Cambridge are now linked by a highly performant Network 
Type Of Technology Physical Model/Kit 
Year Produced 2019 
Impact Both HEIs are able to ingest data at a faster rate 
 
Title Improved usability of JISC Assent Authentication Service and creation of Credential Conversion Service at RAL 
Description The Assent Authentication Service was shown to work with an Authorisation and Accounting Service (SAFE). An API will be published. A credential conversion service was bulit at RAL to allow UK researchers to use home credentials to access international research projects 
Type Of Technology Software 
Year Produced 2018 
Open Source License? Yes  
Impact The construction of a plan to create a service to allow UK researchers single sign on to UK and World EInfrastrcutures 
 
Description Member of UKRI E-Infrastructure Expert Panel 2017-2019 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Policymakers/politicians
Results and Impact Created 7 white papers for UKRI which detailed a Roadmap for future e-Infrastructure funding in the UK
Year(s) Of Engagement Activity 2017,2018,2019
 
Description NeI Project Directors Group 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Policymakers/politicians
Results and Impact Reports on AAAI, Data E-Infrastructure, Using Cloud for Research
The National NeI Survey 2014, 2015, 2016
Report on Gender in HPC
BEIS e-Infrastructure Business Case
Integration activities of the NeI
Year(s) Of Engagement Activity 2014,2015,2016,2017
URL https://neipdg.ac.uk/