Skip to main content

Towards Federated Service Discovery and Identity Management in Collaborative Data and Compute Cloud Infrastructures

Abstract

This paper compares three multi-national research infrastructures, one that provides data services, one that provides compute services, and one that supports linguistics research. The aim is to jointly provide services to the user communities, and, perhaps eventually, seamlessly interoperate. To this end, we look at and compare how the infrastructures build their service federations (trust, service status, information systems), and how they manage users (identities, authentication, and authorisation).

This is a preview of subscription content, access via your institution.

References

  1. Authentication and authorisation research consortium. https://aarc-project.eu. Accessed: 19 Nov 2016

  2. Alfieri, R., Cecchini, R., Ciaschini, V., dell’Agnello, L., Frohner, Á., Gianoli, A., Lörentey, K., Spataro, F.: Voms, an authorization system for virtual organizations. In: Rivera, F.F., Bubak, M., Gómez-Tato, A., Doallo, R. (eds.) Grid Computing, First European Across Grids Conference, Santiago de Compostela, Spain, February 13–14, 2003, Revised Papers, Lecture Notes in Computer Science, vol. 2970, pp 33–40. Springer, Berlin (2003), https://doi.org/10.1007/978-3-540-24689-3_5

    Chapter  Google Scholar 

  3. Allcock, W., Bresnahan, J., Kettimuthu, R., Link, M., Dumitrescu, C., Raicu, I., Foster, I.: The Globus striped GridFTP framework and server. In: Proceedings of the 2005 ACM/IEEE Conference on Supercomputing, SC ’05. IEEE Computer Society, Washington, DC (2005), https://doi.org/10.1109/SC.2005.72

  4. B2DROP. https://www.eudat.eu/services/b2drop. Accessed: 5 Jan 2017

  5. Bailo, D., Jeffery, K.G., Spinuso, A., Fiameni, G.: Interoperability oriented architecture: the approach of epos for solid earth e-infrastructures. In: 2015 IEEE 11th International Conference on e-Science, pp 529–534 (2015), https://doi.org/10.1109/eScience.2015.22

  6. Barton, T., Basney, J., Groep, D., Harris, N., Johansson, L., Kelsey, D., Koranda, S., Wartel, R., West, A., Short, H.: A security incident response trust framework for federated identity (sirtfi). Recommendation Siftfi-1.0. REFEDS. https://refeds.org/wp-content/uploads/2016/01/Sirtfi-1.0.pdf (2015)

  7. Basney, J., Fleury, T., Gaynor, J.: Cilogon: a federated x.509 certification authority for cyberinfrastructure logon. Concurr. Comput.: Pract. Exp. 26(13), 2225–2239 (2014). https://doi.org/10.1002/cpe.3265. CPE-13-0334.R1

    Article  Google Scholar 

  8. Baur, T., Breu, R., Kálmán, T., Lindinger, T., Milbert, A., Poghosyan, G., Reiser, H., Romberg, M.: An interoperable grid information system for integrated resource monitoring based on virtual organizations. J. Grid Comput. 7(3), 319–333 (2009). https://doi.org/10.1007/s10723-009-9134-3

    Article  Google Scholar 

  9. Grid information system. http://gridinfo.web.cern.ch. Accessed: 5 Sep 2017

  10. Biancini, A., Florio, L., Haase, M., Hardt, M., Jankowski, M., Jensen, J., Kanellopoulos, C., Liampotis, N., Licehammer, S., Memon, S., van Dijk, N., Paetow, S., Prochazka, M., Sallé, M., Solagna, P., Stevanovic, U., Vaghetti, D.: AARC: first draft of the blueprint architecture for authentication and authorisation infrastructures. CoRR arXiv:1611.07832 (2016)

  11. Blumtritt, J., Elbers, W., Goosen, T., Hinrichs, M., Qiu, W., Sall, M., Windhouwer, M.: User delegation in the CLARIN infrastructure. In: Selected Papers from the CLARIN 2014 Conference, October 24–25, 2014, Soesterberg, The Netherlands. Linköping University Electronic Press, Linköping (2015). http://www.ep.liu.se/ecp/article.asp?issue=116&volume=&article=002

  12. Bogena, H.: Tereno: German network of terrestrial environmental observatories. J. Large-Scale Res. Facil. 2, A52 (2016). https://doi.org/10.17815/jlsrf-2-98. http://jlsrf.org/index.php/lsf/article/view/98

    Article  Google Scholar 

  13. Chadwick, D.W., Siu, K., Lee, C., Fouillat, Y., Germonville, D.: Adding federated identity management to openstack. J. Grid Comput. 12(1), 3–27 (2014). https://doi.org/10.1007/s10723-013-9283-2

    Article  Google Scholar 

  14. Christos, K., Nicolas, L., van Dijk N., Peter, S.: Deliverable djra1.1: analysis of user community and service provider requirements. Project Deliverable AARC-DJRA1.1, AARC Project. https://aarc-project.eu/wp-content/uploads/2015/10/AARC-DJRA1.1.pdf (2015)

  15. CLARIN. https://www.clarin.eu. Accessed: 13 July 2017

  16. CLARIN services. https://www.clarin.eu/content/services. Accessed: 5 Sep 2017

  17. Conway, M., Moore, R., Rajasekar, A., Nief, J.Y.: Demonstration of policy-guided data preservation using iRODS. In: 2011 IEEE International Symposium on Policies for Distributed Systems and Networks (POLICY), pp 173–174 (2011), https://doi.org/10.1109/POLICY.2011.17

  18. Cornwall, L.A., Jensen, J., Kelsey, D.P., Frohner, Á., Kouřil, D., Bonnassieux, F., Nicoud, S., Lőrentey, K., Hahkala, J., Silander, M., Cecchini, R., Ciaschini, V., dell’Agnello, L., Spataro, F., O’Callaghan, D., Mulmo, O., Volpato, G.L., Groep, D., Steenbakkers, M., McNab, A.: Authentication and authorization mechanisms for multi-domain grid environments. J. Grid Comput. 2(4), 301–311 (2004). https://doi.org/10.1007/s10723-004-8182-y

    Article  MATH  Google Scholar 

  19. Drollette, D.: Standards are the glue 2.0. iSGTW (ScienceNode). https://sciencenode.org/feature/isgtw-feature-standards-are-glue-20.php (2009)

  20. eduGAIN. http://www.edugain.org. Accessed: 10 Aug 2017

  21. EGI. http://www.egi.eu. Accessed: 5 Sep 2017

  22. Federated cloud information discovery. https://wiki.egi.eu/wiki/Federated_Cloud_Information_Discovery. Accessed: 5 Sep 2017

  23. ELIXIR. https://www.elixir-europe.org. Accessed: 15 Sept 2017

  24. ELIXIR AAI documentation. https://www.elixir-europe.org/services/compute/aai. Accessed: 13 Sep 2017

  25. European Middleware Initiative (EMI). http://www.eu-emi.eu. Accessed: 10 June 2016

  26. EUDAT collaborative data infrastructure. http://www.eudat.eu. Accessed: 2 Sep 2016

  27. Field, L., Memon, A.S., Márton, I., Szigeti, G.: The EMI registry: discovering services in a federated world. J. Grid Comput. 12(1), 29–40 (2014). https://doi.org/10.1007/s10723-013-9284-1

    Article  Google Scholar 

  28. Forestiero, A., Mastroianni, C., Spezzano, G.: Building a peer-to-peer information system in grids via self-organizing agents. J. Grid Comput. 6(2), 125–140 (2008). https://doi.org/10.1007/s10723-007-9062-z

    Article  Google Scholar 

  29. Foster, I.: Globus toolkit version 4: software for service-oriented systems. In: Proceedings of the 2005 IFIP International Conference on Network and Parallel Computing, NPC’05, pp 2–13. Springer, Berlin (2005). https://doi.org/10.1007/11577188_2

    Google Scholar 

  30. Foster, I.: Globus online: accelerating and democratizing science through cloud-based services. IEEE Internet Comput. 15(3), 70–73 (2011). https://doi.org/10.1109/MIC.2011.64

    Article  Google Scholar 

  31. Foster, I., Kesselman, C., Tuecke, S.: The anatomy of the grid: enabling scalable virtual organizations. Int. J. High Perform. Comput. Appl. 15(3), 200–222 (2001)

    Article  Google Scholar 

  32. Hardt, M. (ed.) C.K.: Blueprint architecture. Project deliverable, AARC Project. https://aarc-project.eu/wp-content/uploads/2017/04/AARCBPA-2017.pdf (2017)

  33. Jensen, J.: Federated identity management challenges. In: 2012 Seventh International Conference on Availability, Reliability and Security, pp 230–235 (2012), https://doi.org/10.1109/ARES.2012.68

  34. Jensen, J., Stevanovic, U., Kakavas, I., Liampotis, N., Haase, M., Gietz, P., Jankowski, M., Reale, M., Mantovani, M.L., Florio, L.: Design for deploying solutions for “guest identities”. Project milestone, AARC Project. https://aarc-project.eu/wp-content/uploads/2016/06/MJRA1.2-Design-for-Deploying-Solutions-for-Guest-Identities.pdf (2016)

  35. Joussaume, S., Budich, R.: The Infrastructure Project of the European Network for Earth System Modelling: IS-ENES, pp 5–9. Springer, Berlin (2013). https://doi.org/10.1007/978-3-642-36597-3_2

    Google Scholar 

  36. Katz, D.S., Callaghan, S., Harkness, R., Pamidighantam, S., Pierce, M., Plale, B., Song, C., Towns, J.: Science on the teragrid. Special Issue 2010 81–97 (2010)

    Article  Google Scholar 

  37. Mathieu, G., Richards, D.A., Gordon, D.J., Novales, C.D.C., Colclough, P., Viljoen, M.: Gocdb, a topology repository for a worldwide grid infrastructure. J. Phys. Conf. Ser. 219(6), 062021 (2010). http://stacks.iop.org/1742-6596/219/i=6/a=062021

    Article  Google Scholar 

  38. Memon, A.S., Riedel, M., Field, L., Szigeti, G., Marton, I.: EMIR: an EMI Service Registry for Federated Grid Infrastructures. In: EGI Community Forum 2012/EMI Second Technical Conference, Munich (Germany), 26 Mar 2012–30 Mar, 2012. Proceedings of Science, Sissa. http://pos.sissa.it/archive/conferences/162/073/EGICF12-EMITC2_073.pdf (2012)

  39. MongoDB for GIANT Ideas. https://www.mongodb.com. Accessed: 5 Sep 2017

  40. NorduGrid: ARC peer-to-peer information system. Documentation and developer’s guide NORDUGRID-TECH-21. NorduGrid. http://www.nordugrid.org/documents/infosys_technical.pdf (2013)

  41. Novotny, J., Tuecke, S., Welch, V.: An online credential repository for the grid: Myproxy. In: Proceedings 10th IEEE International Symposium on High Performance Distributed Computing, pp 104–111 (2001), https://doi.org/10.1109/HPDC.2001.945181

  42. Parducci, B., Lockhart, H., Rissanen, E.: Extensible access control markup language (XACML) version 3.0. OASIS Standard xacml-3.0-core-spec-en. OASIS. http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-en.pdf (2013)

  43. Research and Collaboration Authentication Certification Authority Service. https://www.rcauth.eu. Accessed: 16 Sep 2017

  44. van Rijn, A., Vandenbroucke, R.: Guide to e-infrastructure requirements for european research infrastructures. ISBN 978-90-823661-5-0, E-IRG. http://e-irg.eu/catalogue/eirg-1004 (2017)

  45. Robertson, L.: Computing Services for LHC: from Clusters to Grids, pp 69–89. Springer, Berlin (2012)

    Google Scholar 

  46. Rowstron, A.I.T., Druschel, P.: Pastry: scalable, decentralized object location, and routing for large-scale peer-to-peer systems. In: Proceedings of the IFIP/ACM International Conference on Distributed Systems Platforms, Middleware ’01, pp 329–350. Springer, London (2001). http://dl.acm.org/citation.cfm?id=646591.697650

    Chapter  Google Scholar 

  47. Sergio, A., Burke, S., Ehm, F., Field, L., Galang, G., Konya, B., Litmaath, M., Millar, P., Navarro, J.P.: GLUE specification v. 2.0. Recommendation GFD-R-P.147, Open Grid Forum. https://www.ogf.org/documents/GFD.147.pdf (2009)

  48. Sergio, A., Burke, S., Field, L., Konya, B., Memon, A.S., Meredith, D., Navarro, J.P., Paganelli, F., Smith, W.: GLUE v, 2.0—reference realisation to XML schema. Recommendation GFD.209, Open Grid Forum. https://www.ogf.org/documents/GFD.209.pdf (2013)

  49. Smith, W., Meredith, D., Memon, A.S., Navarro, J.P.: GLUE v, 2.0—reference realisation to JSON schema. Recommendation GFD-RP.219, Open Grid Forum. https://www.ogf.org/documents/GFD.219.pdf (2015)

  50. Tuecke, S., Ananthakrishnan, R., Chard, K., Lidman, M., McCollam, B., Rosen, S., Foster, I.: Globus auth: a research identity and access management platform. In: 2016 IEEE 12th International Conference on e-Science (e-Science), pp 203–212 (2016). https://doi.org/10.1109/eScience.2016.7870901

  51. Vogels, W.: Eventually consistent. Commun. ACM 52(1), 40–44 (2009). https://doi.org/10.1145/1435417.1435432. http://doi.acm.org/10.1145/1435417.1435432

    Article  Google Scholar 

  52. XSEDE. https://www.xsede.org. Accessed: 13 Sep 2017

  53. Zinn, C., Hinrichs, M., Dima, E., van Uytvanck, D.: CLARIN switchboard specification. CE-2015-0684, CLARIN. https://office.clarin.eu/v/CE-2015-0684-LR_switchboard_spec.pdf (2015)

Download references

Acknowledgements

EUDAT2020 is funded by the EU Framework H2020—DG CONNECT e-Infrastructures, contract no. 654065—(Part of) the work reported here was made possible by using the CLARIN infrastructure.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Shiraz Memon.

Rights and permissions

Reprints and Permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Memon, S., Jens, J., Willem, E. et al. Towards Federated Service Discovery and Identity Management in Collaborative Data and Compute Cloud Infrastructures. J Grid Computing 16, 663–681 (2018). https://doi.org/10.1007/s10723-018-9445-3

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10723-018-9445-3

Keywords