Skip to main page content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Access keys NCBI Homepage MyNCBI Homepage Main Content Main Navigation
. 2019 Jun 10:8:842.
doi: 10.12688/f1000research.19013.1. eCollection 2019.

de.NBI Cloud federation through ELIXIR AAI

Peter Belmann  1 Björn Fischer  1 Jan Krüger  1 Michal Procházka  2 Helena Rasche  3 Manuel Prinz  4 Maximilian Hanussek  5   6 Martin Lang  4 Felix Bartusch  6 Benjamin Gläßle  6 Jens Krüger  6 Alfred Pühler  1 Alexander Sczyrba  1
Affiliations

de.NBI Cloud federation through ELIXIR AAI

Peter Belmann et al. F1000Res. .

Abstract

The academic de.NBI Cloud offers compute resources for life science research in Germany. At the beginning of 2017, de.NBI Cloud started to implement a federated cloud consisting of five compute centers, with the aim of acting as one resource to their users. A federated cloud introduces multiple challenges, such as a central access and project management point, a unified account across all cloud sites and an interchangeable project setup across the federation. In order to implement the federation concept, de.NBI Cloud integrated with the ELIXIR authentication and authorization infrastructure system (ELIXIR AAI) and in particular Perun, the identity and access management system of ELIXIR. The integration solves the mentioned challenges and represents a backbone, connecting five compute centers which are based on OpenStack and a web portal for accessing the federation.This article explains the steps taken and software components implemented for setting up a federated cloud based on the collaboration between de.NBI Cloud and ELIXIR AAI. Furthermore, the setup and components that are described are generic and can therefore be used for other upcoming or existing federated OpenStack clouds in Europe.

Keywords: Authentication; Authorization; Cloud Computing; ELIXIR; Life Sciences; OpenID Connect; de.NBI; de.NBI Cloud.

PubMed Disclaimer

Conflict of interest statement

No competing interests were disclosed.

Figures

Figure 1.
Figure 1.. Project application process for de.NBI Cloud users.
Figure 2.
Figure 2.. The user workflow which is implemented by the de.NBI Cloud Federation.
1. User logs in to the portal and applies for a project. 2. The Virtual Organisation manager configures the project. 3. Project configuration data is saved in Perun. 4. The project data is propagated to an OpenStack installation.
See this image and copyright information in PMC

References

    1. Prochazka M, Licehammer S, Matyska L: Perun - modern approach for user and service management. In 2014 IST-Africa Conference Proceedings IEEE,2014. 10.1109/istafrica.2014.6880654 - DOI
    1. De Clercq J: Single sign-on architectures. In Infrastructure Security Springer Berlin Heidelberg,2002;40–58. 10.1007/3-540-45831-x_4 - DOI
    1. Ragouzis N, Hughes J, Philpott R, et al. : Security assertion markup language (SAML) v2.0 technical overview. Technical report.2008. Reference Source
    1. Linden M, Prochazka M, Lappalainen I, et al. : Common ELIXIR Service for Researcher Authentication and Authorisation [version 1; peer review: 3 approved, 1 approved with reservations]. F1000Res. 2018;7: pii: ELIXIR-1199. 10.12688/f1000research.15161.1 - DOI - PMC - PubMed
    1. Hardt D: The OAuth 2.0 Authorization Framework. RFC 6749, RFC Editor,2012. Reference Source

Publication types

LinkOut - more resources