A pathfinder project for a National AAAI
Lead Research Organisation:
University College London
Department Name: Physics and Astronomy
Abstract
The RCUK National e-Infrastructure projects wish to propose to undertake pilots to demonstrate the proposed access and resource management infrastructure works in several common research settings, especially in areas where data must be securely accessed, stored and transported.
The pilots will integrate 2 key existing Authentication, Authorisation and Accounting Infrastructure (AAAI) technologies, Assent and SAFE. The Authentication Service Assent is already in service at a number of institutions and Safe Share will be deployed, subject to successful pilots, at eMedLab (Crick/UCL), Farr Institute (London, HeRC, Wales and Scotland) and the Administrative Data Research Network. The Authorisation and Accounting service SAFE is currently used by Archer, DiRAC and the Hartree Centre.
The proposed pathfinder initiative will pilot the integration of these capabilities as a significant step towards implementing a coherent National Authentication, Authorisation and Accounting Infrastructure that serves the needs of UK and international research collaborations.
To deliver our vision of opening up access to the National E-Infrastructure we need to take these individual pieces and integrate them into a UK-wide service, which will also be compatible with EU and international projects' access and resource management services. This will allow us to then roll out a robust user management system across the National E-Infrastructure for both academic and industrial partners. The development of a final national solution is complex and by its nature cannot be quick. It must fit with European and global advances and requires international trust agreements. In order to move towards this, we propose this pathfinder project, which will utilise existing developments and provide a first working service on the National E-Infrastructure.
The pilots will integrate 2 key existing Authentication, Authorisation and Accounting Infrastructure (AAAI) technologies, Assent and SAFE. The Authentication Service Assent is already in service at a number of institutions and Safe Share will be deployed, subject to successful pilots, at eMedLab (Crick/UCL), Farr Institute (London, HeRC, Wales and Scotland) and the Administrative Data Research Network. The Authorisation and Accounting service SAFE is currently used by Archer, DiRAC and the Hartree Centre.
The proposed pathfinder initiative will pilot the integration of these capabilities as a significant step towards implementing a coherent National Authentication, Authorisation and Accounting Infrastructure that serves the needs of UK and international research collaborations.
To deliver our vision of opening up access to the National E-Infrastructure we need to take these individual pieces and integrate them into a UK-wide service, which will also be compatible with EU and international projects' access and resource management services. This will allow us to then roll out a robust user management system across the National E-Infrastructure for both academic and industrial partners. The development of a final national solution is complex and by its nature cannot be quick. It must fit with European and global advances and requires international trust agreements. In order to move towards this, we propose this pathfinder project, which will utilise existing developments and provide a first working service on the National E-Infrastructure.
Planned Impact
This pathfinder will build on and integrate the following existing capabilities:
Jisc's Assent service, to provide users with a common, single sign on mechanism that integrates with institutional identity management systems to confirm a researcher's identity; and its peer systems overseas.
Existing virtual organisation (VO) systems, such as the EPPC's SAFE management infrastructure.
A High Assurance Network and two-factor authentication, where appropriate, for secure data access and transport e.g. JISC's SafeShare service.
Four work packages are proposed to undertake this integration work and pilot the services in the field at sites across the RCUK domain.
The cost to RCUK will be £173932 over 10 months.
The outputs will be secure and very secure versions of a common AAAI application which integrates Assent and SAFE. This will also be able to federate with SAML and X.509 identity management systems which is a requirement for international collaborations.
A technical design and business case for a proposed National AAAI service will be produced.
Jisc's Assent service, to provide users with a common, single sign on mechanism that integrates with institutional identity management systems to confirm a researcher's identity; and its peer systems overseas.
Existing virtual organisation (VO) systems, such as the EPPC's SAFE management infrastructure.
A High Assurance Network and two-factor authentication, where appropriate, for secure data access and transport e.g. JISC's SafeShare service.
Four work packages are proposed to undertake this integration work and pilot the services in the field at sites across the RCUK domain.
The cost to RCUK will be £173932 over 10 months.
The outputs will be secure and very secure versions of a common AAAI application which integrates Assent and SAFE. This will also be able to federate with SAML and X.509 identity management systems which is a requirement for international collaborations.
A technical design and business case for a proposed National AAAI service will be produced.
Organisations
- University College London (Lead Research Organisation)
- Medical Research Council (Co-funder)
- Jisc (Co-funder, Collaboration)
- Economic and Social Research Council (Co-funder)
- Engineering and Physical Sciences Research Council (Co-funder)
- Arts and Humanities Research Council (Co-funder)
- Biotechnology and Biological Sciences Research Council (Co-funder)
- Natural Environment Research Council (Co-funder)
Publications
Attanasio F
(2020)
Complex Langevin simulations and the QCD phase diagram: recent developments
in The European Physical Journal A
Aumann T
(2021)
Quenching of single-particle strength from direct reactions with stable and rare-isotope beams
in Progress in Particle and Nuclear Physics
Aurrekoetxea J
(2020)
Coherent gravitational waveforms and memory from cosmic string loops
in Classical and Quantum Gravity
Aurrekoetxea J
(2020)
The effects of potential shape on inhomogeneous inflation
in Journal of Cosmology and Astroparticle Physics
Baek G
(2020)
Radiative Transfer Modeling of EC 53: An Episodically Accreting Class I Young Stellar Object
in The Astrophysical Journal
Barausse E
(2020)
Prospects for fundamental physics with LISA
in General Relativity and Gravitation
Barrera-Hinojosa C
(2020)
GRAMSES: a new route to general relativistic N -body simulations in cosmology. Part II. Initial conditions
in Journal of Cosmology and Astroparticle Physics
Barrera-Hinojosa C
(2020)
GRAMSES: a new route to general relativistic N -body simulations in cosmology. Part I. Methodology and code description
in Journal of Cosmology and Astroparticle Physics
Bastian N
(2020)
The globular cluster system mass-halo mass relation in the E-MOSAICS simulations
in Monthly Notices of the Royal Astronomical Society
Bate M
(2020)
Photoionizing feedback in spiral arm molecular clouds
in Monthly Notices of the Royal Astronomical Society
Description | We demonstrated the practicality of having a central Authentication and Authorisation Service and linking it to a well used Accounting Service. This was tested in 3 common settings. We were able to demonstrate the successful use of a central Identity Provider for non academic users of academic eninfra structure |
Exploitation Route | This has been used to form the basis of the Proposed UKRI AAAI Framework |
Sectors | Aerospace Defence and Marine Agriculture Food and Drink Chemicals Communities and Social Services/Policy Construction Creative Economy Digital/Communication/Information Technologies (including Software) Education Electronics Energy Environment Financial Services and Management Consultancy Healthcare Government Democracy and Justice Culture Heritage Museums and Collections Pharmaceuticals and Medical Biotechnology Retail Security and Diplomacy Transport |
Description | Used as the Basis for a UKRI White Paper on AAAI Approach will be used to open up the UKRI Einf to Public Sector, Industry and Commerce |
First Year Of Impact | 2018 |
Sector | Digital/Communication/Information Technologies (including Software),Healthcare |
Impact Types | Policy & public services |
Description | Fed into UKRI eInfrastructure policy |
Geographic Reach | Europe |
Policy Influence Type | Participation in a guidance/advisory committee |
Title | IMproved usability of JISC Assent Authentication Service and creation of Credential Conversion Service at RAL |
Description | The Assent Authentication Service was shown to work with an Authorisation and Accounting Service (SAFE). An API will be published. A credential conversion service was bulit at RAL to allow UK researchers to use home credentials to access international research projects |
Type Of Material | Improvements to research infrastructure |
Year Produced | 2018 |
Provided To Others? | Yes |
Impact | The construction of a plan to create a service to allow UK researchers single sign on to UK and World EInfrastrcutures |
Description | AAAI for the UK NeI |
Organisation | Jisc |
Country | United Kingdom |
Sector | Public |
PI Contribution | PI of RCUK pilot project for AAAI |
Collaborator Contribution | Software development and testing at 8 UK HEIs and ROs |
Impact | SAFE+ASSET AAAI service This project enabled the creation of an AAI activity in the UK that is now bearing fruit |
Start Year | 2016 |
Title | Collaboration with Atempo |
Description | Tape to Tape data transfter between DiRAC sites. |
Type Of Technology | Software |
Year Produced | 2019 |
Open Source License? | Yes |
Impact | Proof of COncept that data could be read from Tape stores remotely via a remote file system |
Title | Fast Network Links for Durham and Cambridge Univeristies |
Description | The Universeities and Cambridge are now linked by a highly performant Network |
Type Of Technology | Physical Model/Kit |
Year Produced | 2019 |
Impact | Both HEIs are able to ingest data at a faster rate |
Title | Improved usability of JISC Assent Authentication Service and creation of Credential Conversion Service at RAL |
Description | The Assent Authentication Service was shown to work with an Authorisation and Accounting Service (SAFE). An API will be published. A credential conversion service was bulit at RAL to allow UK researchers to use home credentials to access international research projects |
Type Of Technology | Software |
Year Produced | 2018 |
Open Source License? | Yes |
Impact | The construction of a plan to create a service to allow UK researchers single sign on to UK and World EInfrastrcutures |
Description | Member of UKRI E-Infrastructure Expert Panel 2017-2019 |
Form Of Engagement Activity | A formal working group, expert panel or dialogue |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Policymakers/politicians |
Results and Impact | Created 7 white papers for UKRI which detailed a Roadmap for future e-Infrastructure funding in the UK |
Year(s) Of Engagement Activity | 2017,2018,2019 |
Description | NeI Project Directors Group |
Form Of Engagement Activity | A formal working group, expert panel or dialogue |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Policymakers/politicians |
Results and Impact | Reports on AAAI, Data E-Infrastructure, Using Cloud for Research The National NeI Survey 2014, 2015, 2016 Report on Gender in HPC BEIS e-Infrastructure Business Case Integration activities of the NeI |
Year(s) Of Engagement Activity | 2014,2015,2016,2017 |
URL | https://neipdg.ac.uk/ |