National Research Council – CADC, Victoria, Canada

Miscellaneous Information

Miscellaneous Information

Abstract Reference: 30779
Identifier: O5.4
Presentation: Oral communication
Key Theme: 2 Management of Scientific and Data Analysis Projects 

Extending Support for Large Distributed Projects through Interoperability

Gaudet Séverin, Taffoni Giuliano, Bertocco Sara, Brian Major, Dowler Patrick, Molinaro Marco, Schaude David, Pasian Fabio, 

Many astronomy projects today are executed by distributed science teams with access to different computation and storage resources. As we move into the era of petabyte and exabyte datasets, it is recognized that moving the code to the data becomes necessary as the alternative becomes infeasible. The question becomes how can resource infrastructures support these large projects such that a team has integrated access to the different distributed resources available to project. Examples of resources that could be integrated are files and directories, storage allocations, processing allocations, docker container and virtual machine images, databases and tables, etc. A first step in this direction is the interoperability of authorization services. 


The International Virtual Observatory Alliance (IVOA) has developed many standards to support access and interoperability of infrastructure such as Single-Sign On (SSO), Credential Delegation Protocol (CDP) and VOSpace. Both Canadian Advanced Network for Astronomical Research (CANFAR) and INAF-Osservatorio Astronomico di Trieste (INAF–OAT) use these standards for provision of user storage to support projects. In the VOSpace implementation, users assign read-only and read/write permissions to groups that are defined in their respective home institution Group Management Services. In 2015, the EGI-Engage project in Europe partially funded an exploration of interoperability of authorization services in a joint project between the CANFAR and INAF–OAT. This has also led to the inclusion of this work in the Advanced European Network of E-infrastructures for Astronomy with the SKA (Aeneas) proposal. The joint CANFAR/INAF–OAT project has added support to interoperate their VOSpace services by adding the capability of granting authorization to a access a resource to groups defined in an external Group Management Service and to allow for the dynamic creation of internal user IDs that are associated with an external identify provider. This talk will motivate the problem, describe the solution and lessons learned and discuss the path forward for both the IVOA standards process and for interoperability at the resource provider level.