Diapositiva 1

1
Virtual OrganisationsBuilding a support
infraestructure
2
Virtual OrganisationsWhy a support infrastructure

• Users own and require resources
• Shared
• Collective

A infrastructure to support this activities
3
Virtual Organisations

• A set of users
• Working in a certain common area
• Sharing similar needs
• Data processing
• Access to data sources
• Interaction among them
• Pursuing similar goals
• A set of resources
• Computational
• Storage
• Data sources
• Remote device operation
• Knowledge bases
• . . .

4
The goals

• Provide users with simple, ubiquitous and
  integrated access to all kind of resources
• What resources are we talking about
• Network access
• Computational resources
• Distributed computations, supercomputers,
  specific libraries,...
• Storage resources
• Temporary/permanent, centralised/distributed,...
• Information resources
• E-libraries, searchers and metasearchers, subject
  gateways,...
• Interactive resources
• Video- and multi-conference, virtual desktops,...

5
A support infraestructureThe IRISGrid case

• pkIRISGrid
• Distributed RAs per organisation/VO
• Based on the IRISGrid directory
• The IRISGrid AAI
• Grid portal toolkits
• Collaborative tools
• From mailing lists to real-time systems
• Resource location
• Based on a federated approach
• The IRISGrid Directory
• VO management Users, centres, resources,
  research areas
• Web interfaces wherever possible
• As integrated as we can

6
Collaborative toolsThe good old mailing lists

• Essential for basic interactions
• General coordination lists
• Participants, support staff, middleware staff,...
• General areas HEP, biotech, astro-sciences,...
• Owned by the IRISGrid admins
• A specific list per VO
• Connected to the general areas the VO is
  classified in
• Owned by the VO managers
• Based on listserv
• The current mailing list software at RedIRIS
• Plans to migrate to Sympa
• Better integration with the supporting
  infrastructure

7
Collaborative toolsPresence and instant messaging

• Informal and direct interaction
• Both P2P and collective
• Automatic roster initialisation
• People in the VO(s) a user is included
• Loose control
• Direct management of contacts
• Free creation and management of chat rooms
• Based on Jabber
• Hosted at the RedIRIS server
• Experiments with a server mesh
• Experimenting with the integration of real-time
• Wiki in the queue

8
Collaborative toolsReal-time interactions

• Few Access Grid rooms
• ROI perception by institutional responsibles
• Well-established network of H.323 conference
  rooms
• Public directory available for users
• GDS in operation and expanding
• Specific RedIRIS community in VRVS
• Four reflectors in Spain (2 at the RedIRIS
  premises)
• 1500 registered users, 800 reserved hours per
  month
• Training activities
• Good contact with the VRVS developers
• Exploring incorporation of AAI technologies
• Evaluating SIP.edu

9
The RedIRIS VRVS community
10
Resource location

• In the broad sense we have been using so far
• From a cluster to a set of related papers
• Common directories are the usual answer to this
• But they face data partition
• Formats, protocols, security (and privacy)
  considerations
• The result is the continuous re-building of
  central repositories of data
• Almost automatically outdated with respect to
  their once local sources
• The federated model comes into play once again
• Accessing or collecting data from them using a
  trusted link
• Maintaining total autonomy for the federated
  repository
• Policies, methods, interfaces
• Offering a common (possibly particular) view of
  information

11
The Searchy architecture

• Each source incorporates an agent, available
  through a SOAP interface
• Uses RDF as internal representation
• Agents for LDAP, SQL, Harvest, the Google API,
  and Searchy itself

12
A sample Searchy installation
13
The IRISGrid Directory
User
MDS
Centre
User
User
VO
User
MDS
User
Centre
User
User
VO
User
MDS
Centre
Area classification
User
User
IRISGrid Globus Directory
The IRISGrid Directory
14
The IRISGrid DirectorySchemas

• Support for VOs irisgridVo
• Support for Centres and/or departments
  irisgridOu
• Support for users irisgridUser
• Support for the PKI objects pkirisgridCertObject,
  pkirisgridRA, pkirisgridUser
• Other iris- schemas
• irisPerson, irisInetEntity, copaObject,
  papiUser,...
• Extensions to the eduPerson schema
• Standardization in process through SCHAC
• At least in the inter-institutional aspects
• Heavy use of the COPA coding schema to support
  navigation and searching

15
The IRISGrid DirectoryCOPA coding schema

• A coding schema to support (virtual) hierarchical
  access
• Based in creating strings identifiers (URNs, for
  example) that resemble the hierarchy of a given
  classification (or ontology)
• Identifiers are added to data available for a
  certain element
• Mappings between COPA identifiers and their
  semantics are kept in a separate repository
  (directory branch, for example)
• Simplifies searches and navigation
• Decouples representation from the view offered at
  each moment
• Several views can be offered in parallel
• And hot-swap them
• More on this athttp//www.rediris.es/ldap/copa/co
  pa-intro.en.pdf

16
The IRISGrid DirectoryA sample VO entry
COPA coding of the VO areas of research
17
The IRISGrid DirectoryA sample centre entry
VOs this centre is participating in
18
The IRISGrid DirectoryA sample user entry
VOs the user is member of
Centre the user belongs to
19
Web interfaces

• Navigation and management of the IRISGrid
  Directory
• Navigation and searching by research areas
• UNESCO Thesaurus, CATRE, e-Ciencia
• VOs related to a certain area
• Users participating in an VO
• Collaborative resources available to a VO
• mapfile generation
• Centres related to VOs
• Navigation through the computational resources
  (MDS)
• pkIRISGrid
• Users
• RA operators
• Many tasks ahead

20
Web interfacesNavigating through an VO
21
Web interfacesNavigating through a centre
22
Web interfacesData for a certain user
23
Web interfacesGenerating a mapfile for an VO
24
Web interfacesNavigating MDS
25
Web interfacespkIRISGrid CSR
IRISGrid identifier name_at_scope j.masa_at_rediris.es
PIN (passphrase) used for revocations
26
Web interfacesCSR management at an RA
New CSR
j.masa_at_rediris.es
a1b33c1
27
Web interfacesInstalling a certificate
Issuer CNCA, OUpki, DCirisgrid,
DCesSubject CNtowoto2.firefox_at_rediris.es,
DCirisgrid, DCes