Gast ::
| Hauptseite > Publikationsdatenbank > Federated Access to Collaborative Data and Compute Infrastructures |
| Hauptseite > Publikationsdatenbank > Federated Access to Collaborative Data and Compute Infrastructures |
| Book/Dissertation / PhD Thesis | FZJ-2022-00775 |
2021
ISBN: 978-9935-9514-1-0
Please use a persistent id in citations: http://hdl.handle.net/2128/30358
Abstract: Distributed data and compute infrastructures aim to provide access to their data or compute services across disciplinary and geographical borders to their users for scientific research. The services are highly collaborative in nature yet independent and shared among multiple scientific communities. Information security and service discovery are two essential functions and precursors for enabling such research collaborations. Given the infrastructure’s heterogeneity in data, compute, or other service offerings, the services often require several kinds of authentication protocols. Moreover, the users bring their own organisational identity and relevant attributes to access the infrastructure services. Should the services’ authentication protocol differ from that of the user’s, the user may not be able to access the target service. Therefore credential translation, attribute harmonisation, scalable trust and authorisation policy management need to be incorporated. In addition to that, enabling service discovery in the federated infrastructures is crucial. Proprietary service registration and query interfaces hinder interoperability across infrastructures. Hence, instead of proprietary and centralised registry approaches, a federated and standard-based registry and discovery model is essential for interoperability across the collaborating infrastructures. This thesis is motivated by a case study consisting of three multi-national research infrastructures: compute (EGI), data management (EUDAT), and a community infrastructure supporting linguistic research (CLARIN). The thesis contributes EMIR, the European Middleware Initiative (EMI) Registry, a decentralised service registry that supports both hierarchical and peer-to-peer topologies and enables collaboration in large-scale infrastructures. The thesis also contributes the B2ACCESS service which implements a proxy model with credential translation and scalable trust and authorisation policy management. Finally, the thesis contributes an integrative architecture realised as a unified cross-infrastructure (or inter-federation) service access framework, which bridges EMIR and B2ACCESS to enable service discovery and access in federated environments.
|
The record appears in these collections: |
PDF
Volltext