To enable federated access to shared resources of research communities and to enable the integrated use e-infrastructure services, the pilots activity in AARC will run a large number of pilots as a step-up to concrete AAI services. The requirements of research communities and e-infrastructures will drive the design of either missing AAI components or new services. To put this into action the AARC pilots activity consists of 4 tasks:
- Task1: Pilots with research communities based on use cases provided
- Task2: Support and pilots for e-infrastructures interoperability and integration
- Task3: Piloting advanced use cases, new solutions and approaches based on the outcomes of JRA1 and NA3
- Task4: Creation of showcases, deployment scenarios and documentation based on successful pilots in AARC2
Below you find a more detailed description of the activities to be performed within for each task
Task1: Pilots with research communities based on use cases provided (lead by GARR and GRNET)
...
| Community | Topics/Focus | Lead (joint effort by GARR and GRNET) |
HelixNebula | Connecting services & Brokering Leverage the work done by AARC on policies and architectural blueprints Implementing Sirtfi Using eduGAIN | GARR|
|---|---|---|---|---|---|
EISCAT_3D | Cross infrause case integration with EGI/EUDAT/PRACE Controlled, granular access to resources. Need for a good LoA scheme for AuthZ | GARR | |||
EPOS | Cross infra use case integration with EGI/EUDAT/PRACE Delegated federated access (non-interactive) Workflows | GRNET | |||
CTA | Initial implementation of Community IdP/SP proxy, Group/Role based access to resources, SIRTFI and CoCo/GDPR compliance | GARR | |||
LifeWatch | Integration,access for citizen scientist | GRNET | |||
CORBEL | Inter compatibility, share a common AAI shaping according to the ideas in Elixir. Also focus on sustainability and operational aspects
| GRNET | |||
WLCG | Non webstuff (SAML-X509) Implementation of Sirtfi stuff Solution for a persistent unique ID (ORCID?) | GARR | |||
LIGO | Non web scenarios + enrolment workflows | GRNET (SURFnet ad interim) | |||
| Connecting services & Brokering Leverage the work done by AARC on policies and architectural blueprints Implementing Sirtfi Using eduGAIN | GARR |
Task2: Support and pilots for e-infrastructures interoperability and integrationintegration (lead by EGI)
This task will focus on piloting AAI components and frameworks to enable transparent interoperability between infrastructures in terms of authentication and authorisation and will build on the state of the art of the AAI services provided by the infrastructures.
This task’s work will be driven by the requirements and use cases of both e-infrastructures and research infrastructures and the results of the JRA1 activity.
...
| e- | InfrastructuresInfrastructure | Topics/Focus |
|---|---|---|
EGI and EUDAT | The technical integration of the EGI and EUDAT AAIs has started but we recognize that additional effort is needed to harmonise attributes and Level of Assurance (LoA) definitions. The team therefore continues to work on an earlier started joint proposal by AARC, EGI and EUDAT to harmonise the LoA of their identities for consumption by their internal services. See also: EUDAT-EGI pilot for cross-infrastructure access to resources | |
| The high-level goal of this pilot is to achieve AAI interoperability between EUDAT and PRACE and to examine how Unity technology may be used to accomplish this task. The solution consists of two components. The first one is the automatic provisioning of accounts for selected PRACE users who authenticate with x.509 certificates. EUDAT accepts these certificates and PRACE users become registered users in the EUDAT authentication and authorisation service. This gives PRACE users access to non-x.509-based EUDAT services. The second component needs to synchronise these accounts with EUDAT data services using certificate credentials. See also: EUDAT-PRACE pilot for cross-infrastructure access to resources | |
| Implementing a Proxy-Element according to the AARC BPA in the DARIAH AAI and enabling integration with EGI There are two consecutive and related pilots:
| |
eduTEAMS and EUDAT and EGI | Two pilots:
|
Task3: Piloting advanced use cases, new solutions and approaches based on the outcomes of JRA1 and NA3 (Lead by GRNET)
This task will pilot solutions that complement the eight AAI use cases provided by the selected research communities (piloted within Task 1) and the cross e-infrastructure integration issues addressed by Task 2. As such, the task will investigate advanced AAI scenarios by taking into consideration the results of AARC1 and by building a feedback loop with JRA1 and NA3.
These advanced scenarios include scalable and highly available authorisation schemes in multi-SP environments. In addition, emerging and new technologies (e.g. OpenID Connect for establishing federations, beyond password solutions, integration approaches for multi-protocol cross-sector identity federations) will be assessed and piloted in this task to confirm their feasibility in real-life scenarios.
Task4: Creation of showcases, deployment scenarios and documentation based on successful pilots in AARC2 (Lead by RETI)
The pilots in AARC and AARC2 will produce a lot of experience, documentation and interesting showcases. In collaboration with the NA2 activity, these results will be combined with technical training material and offered as one package to the community.
This material in combination with the relevant sustainability plans, will be fed to the Competence Centre to ensure that a home for the results is found. The results for this SA will be rooted via the for federating communities forum. AARC2 showcases will be used to demonstrate how the proposed AARC blueprint architecture will help simplify the daily work for researchers collaborating in several different communities and using different infrastructures.
Previous results of the pilot activity in the first edition of the AARC project (first edition of AARC 2015-2017) which ended in May 2017, are available here.