Document(s): 

transversal_meeting.docx

Year of publication: 

2015

Transversal Meeting

9 Nov 2015, Brussels  

Introduction 

The projects gathered for the trasversal group covered different perspectives (some focused more on SMEs, some others more on end-users and data driven science and some others offers facilities and services outside the project remit). All representatives had a common understanding on the value of AAI. EUDAT noted that they already support federated access and they are also working to join eduGAIN with some of their services.  Whilst there was consensus that existing AAIs work within their community, all agreed that seamless sharing of resources across e-Infrastructures is not really possible to date. We should enable SSO across e-infrastructure, implement better authorisation mechanism whilst preserving security and in line with the data protection. Regarding security, all current e-Infrastructure could probably make an effort and highlight the security aspects they cover.  This may help both users understanding what exists and how increasing the level of security adds complexity, costs and challenges easy of use.  The main goal for those delivering AAI should be to remove fragmentation and improve the user experience.   

Requirements  

Participants were asked to share some their requirements.  VRE4EIC presented some concrete examples on researchers that need access to services that are scattered among different e-infrastructures. Although each e-Infrastruture offers a way to access services, these approaches varies among  infrastructures. The user experience is not homogenous, due to different technologies used (federated access, X.509 certificates and in same cases a mix of them)  as well as different procedures. AARC is looking at improving this aspect by enabling users to access services across the e-infrastructures regardless of the credentials they own and by harmonising policies. However the process will need time as the adaption of common policies cannot be a top down process.   Further requirements identified covered:

• Research entitlement management.  This poses a new requirement on the AAI where a user can delegate somebody else to access data (i.e. data generated from earthquake sensors in Italy made available by the owner to a user in the UK). 
• group management to access facilities 
• Role based access control and multi-factor authentication 
• persistent IDs and how to use them in existing AAIs
• Scalability vs specific requirements 
• Support for Citizen scientist; openAire noted there already users in the Horizon2020 do not user federated access. 

The discussion moved to open access - are researchers always happy to share? Do they benefit of an AAI that support this? The MuG project representatives noted that the trend is changing and more researchers particular on the medical side, are happier to share data and to use third parties to hold their data. In many cases they only share the data after the research is published. Not all researchers however have a proper AAI in place.  The representative of the EoCoE project noted that in France strong national regulations are in place to access machines in super computing centres; this more in general shows how national laws have an impact on research and sharing of data.  

Summary 

Whilst the group did not come up with a concrete set of actions to carry over, the discussion however highlighted a few opportunities. Namely:

• Cross sector is an interesting case both in terms of privacy (particularly when dealing with medical data, eIDAS and open government data) and technology. eID could be used as an alternative to support citizen scientists.
• Long term preservation, what is that standard pipeline? All agreed on the importance of the AAI to manage access to the data, although it was agreed that the  general preservation aspect should be dealt by each community. Is there an opportunity to engage with the public sector (particularly with national data centres)?
• data protection: health sector was mentioned as very critical for data protection. To this extend it was noted that sharing information on common practices would be helpful (safe harbour was mentioned).
• Terms of usage in different e-Infrastructures are different; even more so when using commercial facilities. Should we provide a comparisons? Is this in scope? 

 A discussion followed on the lack of mechanisms to monetise the results of the research; in many cases sharing the results of a research makes it more difficult to exploit it with SMEs. The EC has a policy to encourage the funded projects to make data available after the research is done, but to also support patents Lastly we talked about how do we ensure that users can still access their research data when they move. Licia noted that some projects to look at this space already exists, namely eduKEEP (led by the Swiss NREN SWITCH).  It was agreed to use the digital4Science platform to share information among the projects in this group.