Draft Minutes: COmanage-TAC call 8-July- 2011
Attending
Heather Flanagan, Internet2 (chair)
Ken Klingenstein, Internet2
Keith Hazelton, University of Wisconsin-Madison
Scott Koranda, U. Wisconsin - Milwaukee (LIGO)
Steve Olshansky, Internet2
Emily Eisbruch, Internet2 (scribe)
New Action Items
[AI] (Benn) will email the COmanage-TAC list on the issues affecting the FIFER API as it relates to COmanage.
[AI] (Keith) will review the "Create a New Virtual Organization" reference and link in the 1-July-2011 email to i2-news re "Workshop On Science Agency Uses Of Clouds And Grids Announced"http://www.opensciencegrid.org/About/Getting_Started_with_OSG/Form_New_VO
[AI] (Keith) will start a problem statement on the need for a "virtual Switzerland."
Carry Over Action Items
[AI] (Benn) during upcoming trip to SURFnet, inquire about progress in domesticating FileSender
[AI] (Keith) will check with Project Bamboo concerning IRODS connection.
[AI] (RL "Bob") will initiate a GSS / SAML / LDAP discussion with Scott Cantor.
[AI] (Keith) will send a pointer to OpenSearch information
[AI] (Ken) will provide a link to the French listing regarding applications and sets/bundles of attributes.
[AI] (Ken) will contact David Groep about VOMS GUMS.
[AI] (Steven) will develop a one-page write-up on attribute aggregation.
DISCUSSION
Virtual Organizations: Circle of Pain Document from SURFnet
Heather asked for thoughts on the "Virtual Organizations: Circle of Pain" document from SURFnet.
• Scott commented on sentence "It seems reasonable that the portal administrator wants to have control over the services that can be accessed through the portal. The portal administrator needs to make sure the services are of sufficient quality, make use of the federated identities and are capable of managing groups without having to redefine the groups and the authorizations of each of its members."
• That implies that there will be a single IdP responsible for or in control of the platform instance (the CMP)
• This assumption may apply more to a service instance CMP
• There are cases when VOs need to work together and the services cannot be tightly controlled by a single party.
• Sometimes, there may be a need for a neutral domain in the middle where the CMP will run / where services are hosted, especially when there is not a formal data sharing arrangement in place
• Both sides would make available an IdP thru which people can authenticate and gain access to services
• There may be cases where the SP identifiers cannot reveal where they are from, where there is a need for the services to appear neutral.
Keith:
• Must understand what the policy and politics permit and forbid
• When using Social SAML gateways, different social IDPs will representing user identifiers in different ways.
• Gateways will represent different social IdPs in different ways
• Without a global level schema, the best we can do is to share info on how we are doing it
• Attempt to minimize the number of variations and mapping points
Ken:
• This topic may also relate to multi-federation issues
• Interfederation is not yet formed to a point where it can solve all the issues, such as attribute release and reassertion of values
• Possibly a neutral domain can help some of the politics
Keith:
• Does it make sense to creating a new logical Switzerland in cyberspace?
• Or is it simpler to just register a neutral domain name to fit each mini-collaboration that needs one?
Scott:
• There may be an opportunity here for particular communities to build the infrastructure to enable collaboration for that community
Keith:
• Need some way to get conversation defined and discussed in the right venues
• [AI] (Keith) will start a problem statement on the need for a "virtual Switzerland."
Report from collab-intl Call
• Heather reported that the Intl. Colllab group met yesterday, with SURFnet and COmanage folks on the call.
• SURFconext is making progress, using domesticated applications such as SharePoint 2010. They are working on Adobe Connect . There is fully domesticated version of Foodle available.
• There was discussion on the topic of federated storage, including box.net.
File Sender and File Storage
• There was a call recently among TERENA folks plus Heather, Ken and Shel to talk about issues related to federated storage and the requirement definition process.
• Two action items emerged:
• - one group will develop requirements that would be put in an RFP to the commercial vendors
• - another group will look at the open source model
Internet2 File Service Offering
Work continues on a potential Internet2 file sender service.
Ken posed the question to Scott, whether in the LIGO world, either of these services are attractive:
• 1) File Sender service (federated and domesticated) for very large files,
• 2) A service focused more on smaller files and persistent storage
Scott commented:
• Yes, there is a need for such services, and there is competition in that space
• globusonline.org has reached out concerning a service focusing on transferring files. They have traction from work in Grid Computing computing
• Scott noted that the use case of interferometer data is not suitable for a service like this, that LIGO already has tools for handling such data
• But there is a need for proper curation of data from individual researchers' pipeline and workflow
• Users generate large amounts of output, they have trouble keeping track of their data, which can be on different computing clusters
• LIGO would be interested in a mechanism for scanning the files and coming up w metadata for easy searching
Email on July Workshop
https://lists.internet2.edu/sympa/arc/i2-news/2011-07/msg00000.html
There was a recent email on I2-News re "Workshop On Science Agency Uses Of Clouds And Grids Announced," The email mentioned steps for forming a new VO. Seemed to be specific to Open Science Grid.
[AI] (Keith) will review the "Create a New Virtual Organization" reference and link in the 1-July-2011 email to i2-news re "Workshop On Science Agency Uses Of Clouds And Grids Announced"http://www.opensciencegrid.org/About/Getting_Started_with_OSG/Form_New_VO
COmanage Roadmap Update
Heather reported that COmanage 2 release was going to integrate the FIFER API, but this is no longer the plan.
The individuals working on the FIFER API did not agree on a common path forward regarding the work for COmanage.
[AI] (Benn) will email the COmanage-TAC list on the issues affecting the FIFER API as it relates to COmanage.
Next COmanage-TAC call: Friday, 22-July-2011 at 2pm ET