ALISE

Federated Data Infrastructure

Release Notes and Future Plans

Related components

Use Cases

Description

A tool for linking a user’s federated identity with their facility account.

ALISE is a web application into which users log in with mutliple accounts to link them to one another.

Account linking can be implemented at various levels of the autentication / authorisation process. Using the AARC-Blueprint Architecture~\cite{aarc_bpa} to locate our account linking, ALISE is located at the “End-Services” layer. It implements account linking at the level of end services.

For this, ALISE requires an existing account at the computer centre which provides the service. After the first login with this computer centre account, users can link any number of federated identities to ALISE.
This information is used to build the mapping database.

Authorised services are then able to query the mapping database via the ALISE REST-interface. This allows services to map a federated identity to its local counterpart, so to support the local authorisation systems, e.g. in Unix filesystems.

Target Audience

All DT users that (directly or otherwise) make use of a facility that does not allow users to register their federated identity.

User Documentation

https://cvs.data.kit.edu/talks/2503-isgc-alise

Technical Documentation

ALISE supports OIDC. It is implemented in python, using fastapi.

License

MIT

Source Code

https://github.com/m-team-kit/alise/

Created by

KIT

Release Notes

This release represents the final release of the interTwin federated data management solution.

There are two external software components: FTS and Rucio. They are fully established projects, independent of the interTwin project. The software is production-ready, at TRL 9, and hardened with many years of production-critical use. Both projects have multiple deployments of their software, operated by different communities.

The ALISE software is currently in a development phase, under the aegis of interTwin. At the time of release, ALISE is TRL 4. The user-facing functionality of ALISE is mostly feature-complete; however, anticipated changes to the API imply that the necessary integration work (whereby a service uses ALISE to identify a user) should be considered experimental. Feedback from early adopters is encouraged, but any plans to deploy ALISE should be tempered by the anticipated changes to the API.

The teapot software has also been developed within the interTwin project. With this release, teapot is now TRL 6–7 and supports data transfer requirements of multiple, concurrent users. The per-user WebDAV instance management is automated, starting new services on demand, and terminating them if there is sufficient idle time.

Finally the first version of the Onedata S3 component is released, allowing integration of Onedata technology in the interTwin federated data management solution.

Future Plans

– Include more sites
– Support LDAP
– Integrate with `ssh-oidc`
– Support `entilement` / group based mapping

interTwin Use Case: A Digital Twin for Lattice QCD simulation

Applying Machine Learning techniques to Lattice Simulation to speed up data generation and open up...