180 likes | 261 Views
PaN-data ODI WP3 User AAA Service (Umbrella System). 1. What are the IT requests?. Huge datasets Novel 2D detectors, quantum leap in data quality, but also data volumes multi-image techniques (tomography, lens-less imaging) molecular movies at FELs
E N D
What are the IT requests? • Huge datasets • Novel 2D detectors, quantum leap in data quality, but also data volumes • multi-image techniques (tomography, lens-less imaging) • molecular movies at FELs • ‘Petabyte’ ‘normal’ unity; time over for ‘hard-disk in the trouser pocket’ • Trans-facility experiments • Standardize proposal procedures on EU scale • Remote data access • analyze data remotely at facility • combine datasets taken at different facilities • clouds (commercial, community-based) • Remote experiment access • basic: passive online access to measured data • advanced: active control • PR Issues • Improve corporate identity • Improve public lobbying
Required Solution Characteristics • Incorporate confidentiality aspects • High competition, especially structural biology • Time-window structured access to experiments and data • Rely on existing local user office structure • Great experience • DIY (Do It Yourself) operation • Users: manage their personal entries • User offices: supervising; manage authorizations • Base system on professional authentication standard • Shibboleth, federated Single-Sign-On System (SAML), widely used • special photon / neutron user federation • only one identity provider • supervising by local User Offices • Umbrella concept • Unique user identification on EU scale • Hybrid information storage • No cross-facility information exchange • Multi-level identification and trust (maximum autonomy to facilities)
WP3: User Catalogue and AAA Service • Description of work: • To deploy, operate, and evaluate a system for pan-European user identification across the participating facilities and implement common processes for the joint maintenance of that system. • This is a necessary baseline for enabling seamless cross-facility data access and integration by individual users. • Deliverables: • (m06) Specification of AAA infrastructure • (m12) Pilot deployment of initial AAA service infrastructure • (m18) Production deployment of AAA service infrastructure • Final goal: • Completion of project delivering integrated services as planned • Tool: • Umbrella
The Umbrella Concept User UOffice3 UOffice2 UOffice1 Fig.1
Traditional user office topology Planned Umbrella user office topology Experiment Access User User User portal Common User services Remote access services User Interface Local WUOs User database Central portal European proposal submission User Interface = Coaching FAQ Support Dynamic beamline information 6
A A A A A A A EUU EAA Shibboleth IdP User db Affiliation db Facility neutral Coaching Ref. Database Prop. Modules Community branded User Central Part User WUO2 WUO1 WUO3 Local Part 7
User access, IT projects • Authentication (EU-unique (identification) • Proposal handling (thousands of proposals / year) • Coaching (support of novice users) • Prototypes: Umbrella + DUO (PSI): + SMIS (ESRF): + CAS (Diamond): + DOOR (DESY): + • Remote data access(petabytes of data): CRISP • But more than authentication (e.g. data format, catalogues …) • Remote experiment login(young scientists; Fedex-style experiments) • But more than authentication (e.g. fire wall, experiment standardization, component protocols …) EuroFEL (Umbrella Prototype) Next Generation (Umbrella+) 8
Hybrid concept (central vs. Federated) Answer to conflicting requests: • Efficient technology • Confidentiality • Consequent distinction of authentication and authorisation User info Proposal Modules Affiliation info Central (common)part • Modules with general, scientific info • Identification • Registration for central serv. • Department • Postal address Central phone • Detailed info • Roles at facilities • Proposer info • Roles at facilities • Facility specific city code (e.g. for EU reimbur- sement Localfacilitypart 10
European Proposal Handling (EPH) EPH characteristics • Present situation: • heavy administrative load on users • no synchronization in call for proposals • no EU proposal standard • start always from scratch in spite of iterative character • Umbrella answer: subdivision into different parts • Statistical • Facility • General (science) • Umbrella solution characteristics • Federated proposal storage at facilities • Compatibility with existing proposal handling • Federated hybrid user database • No Cross / trans-facility actions • User: significant reduction of administrative load • Facilities: no change in proposal handling work flow
Statistics • Prop. info Facility • Safety info • Shifts • Beaml. data • Referee info • Ranking • Sample info • … General • Motivation • Curr. status • Results exp. • Technique • References • … Statistics • Prop. info Facility • Safety info • Shifts • Beaml. data • Referee info • Ranking • Sample info • … General • Motivation • Curr. status • Results exp. • Technique • References • … Local facility WUO database Local facility WUO database General • Motivation • Curr. status • Results exp. • Technique • References • … General • Motivation • Curr. status • Results exp. • Technique • References • … General • Motivation • Curr. status • Results exp. • Technique • References • … PC Copy PC Copy PC Copy European Proposal Handling (EPH) EPH work flow Curr. Status Lorem ipsum lorem ipsum Lorem ipsum lorem ipsum Lorem ipsum lorem ipsum Lorem ipsum lorem ipsum Lorem ipsum lorem ipsum Submission portal • Search / locate • Alerts • Info service • Submission • … Locate proposal Get local copy Edit module Update general part Merge & Submit
Remote data access, concept proposed • Embargo vs. post-embargo period • Embargo (first 3y): confidentiality, access to own team only • Post-embargo: free access, possibly via registration • Standardized / automatized access rights • manual central authorization impossible • 1‘000s of experiments, 10‘000s of users • Identity by Umbrella • Unique, EU-wide user authentication • Keep Role of proposal as organizing element • Users convene for a short time slot for performing an experiment • Principal investigator / main proposer • Who participates in experiment, has access right to data • Proposal officially accepted by facility, PI is official contact • PI defines experiment participants (practically existing WUO tool) 13
PpA1 Pjxx PpB1 Pjyy PpB2 Pjzz PpC1 User Level Project Level Facility Level Users Projects Proposals Experiments / Data Facility A PpA1Data1 User1 …. User1 User1 User3 PpA1DataN User3 User5 User5 User2 Facility B PpB1Data1 …. User1 PpB1DataN User3 User3 User1 User5 User2 PpB2Data1 User4 …. User1 PpB2DataN User2 User3 User5 Facility C User4 PpC1Data1 User3 User5 …. User4 PpC1DataN User5
Friendly user phase • Applications to test • EAA: registration, mutation • European Proposal Handling (EPH) • Remote Data Access (iCat as possibility) • Remote Experiment Access (Moonshot as possibility) • Standard Affiliation Database? • Environment offered • Prototype of central web site • Umbrella + WUO test versions (DESY, PSI, ESRF, ??) • System users • External expert users (ESUO, ETH, BioStruct, ??) • Local facility experts (DESY) • Roadmap • Start February 1, 2012 • Duration about 1/4y • Concluding workshop • Concluding document 15
FP7 Programs, Job Sharing • EuroFEL WP2 • Prototype developments for FEL facilities (March 2011) • Authentication: unique user ID • Umbrella proposal system • CRISP WP16 • PSI + ESRF, ESS, GSI, ILL, EU-XFEL • Authentication for management of local and remote access to facilities, experiments, data, and IT resources • Prototype development • CRISP WP17 • ILL + ESRF, CERN, DESY + • Metadata management and mining service; data continuum • Dual local / Umbrella operation possible • CRISP WP18 • EU-XFEL + DESY, ESRF, ILL + • High-speed Recording of Data • PaN-Data • PSI + almost all European Photon / Neutron facilities • Authentication implementation for Photon / Neutron facilities 16
Umbrella collaborators • DESY • Frank Schluenzen, Rolf Treusch, Jan-Peter Kurz, Ulrike Lindemann • Diamond • Bill Pulford • ESRF • Rudolf Dimper, Dominique Porte, Stefan Schulze • European XFEL • Krzysztof Wrona • Fermi/Elettra • Ornela Degiacomo, Giorgio Paolucci • HZB • Thomas Gutberlet, Dietmar Herrendoerfer, Olaf Schwarzkopf • IPJ (Poland) • Robert Nietubic • MaxLAB • Ulf Johansson • PSI • Bjoern Abt, Stephan Egli, Stefan Janssen, Markus Knecht, Mirjam van Daalen, Heinz J Weyer • Soleil • Frederique Fraissard • STFC • Anthony Gleeson 17
Conclusion • React to increased access to facilities by non-classic users • User friendliness • Coaching • Facility friendliness • Huge data rates for acquisition, transfer, storage • Central federated identification • Remote data and experiment access tools • Umbrella: Tools independent from local tools • Increased need for common science-political visibility (funds) • Lobbying, Corporate identity • Common web-portal • User management • Common solutions: no special solutions, advantage for all • Central vs. local: keep local where possible, central as umbrella • Umbrella • >>> It’s time to open the Umbrella 18