Embed Size (px)
Citation preview
Resource Entitlement Management System
Mikael LindenCSC – IT Center for Science
REMSREMS
Access to research datasets
0. Fully public access
1. User has a role/group membership– ”for academic users” (IdP managed)– ”for archeology researchers in a good standing” (Virtual
Organisation managed)
2. User commits to datasets’ licence terms
3. User fills in and submits an application- Dataset owner approves/rejects
Or any combination of 1, 2 and 3.
Principalinvestigator
Applicant
Research groupMembers of the application
The REMS concept
Metadata on dataset 1&2
Dataset 1
Dataset 2
DAC 1Approver
DAC 2Approver
REMS
Workflow
Reports
Entitlements
IdP
IdP
IdP
SP
1. Apply for access
4. Approve
5. Access
3. Circulate to approver
2. Commit to licence terms
The REMS implementation
Funded by the ELIXIR ESFRI project
A Java portlet on Liferay, using Vaadin framework
Open source (LGPL)
Discipline-independent– Initially bioinformatics– Deploying also for social sciences– Piloting for linguistics in the EUDAT project
CSC is going to offer a REMS instance to other ELIXIR nodes– Subject to a positive funding decision
Design criteria
Automation/integration– To reduce operational cost
Usability– Simplicity for common users
Federated authentication– No local user accounts– Shared user identifier (eduPersonPrincipalName)
Modularity– Integration to the data archive’s other components
REMS integrates to the data archive
Data archive’s portal/catalog Metadata
REMS
Dataset delivery
Datasets
1.
2.
3.
SP
5.
AA
4.
SP
6.
REMS integration points
Data archive’s portal/catalog Metadata
REMS
Dataset delivery
Datasets
SP
AA
SP
1.
2.
3.
REMS integration points
Data archive’s portal/catalog Metadata
REMS
Dataset delivery
Datasets
SP
AA
SP
1.
2.
3.
Metadata import (JSON/REST):Dataset’s
- Identifier (PID)- Name (for the REMS UI)- Approver(s) mail/ePPN- License terms
REMS generates workflows and application forms automatically
Metadata import (JSON/REST):Dataset’s
- Identifier (PID)- Name (for the REMS UI)- Approver(s) mail/ePPN- License terms
REMS generates workflows and application forms automatically
REMS integration points
Data archive’s portal/catalog Metadata
REMS
Dataset delivery
Datasets
SP
AA
SP
1.
2.
3.
A simple URL in the portal which triggers a new application in REMSe.g. https://rems.csc.fi/new?PID=1234
A simple URL in the portal which triggers a new application in REMSe.g. https://rems.csc.fi/new?PID=1234
REMS integration points
Data archive’s portal/catalog Metadata
REMS
Dataset delivery
Datasets
SP
AA
SP
1.
2.
3.
Ordinary attribute queryRequest: ePPNResponse: list of PIDs
Ordinary attribute queryRequest: ePPNResponse: list of PIDs
CASE: NORDIC CONTROL DATABASE
CASE: Nordic Control Database
GWA data from 5500 samples from Estonia, Denmark, Finland and Sweden
Nordic Centre of Excellence in Disease Genetics NCoEDG
Dataset hosted by EGA, The European Genome-Phenome Archive (www.ebi.ac.uk/ega), a service of the European Bioinformatics Institute
Applying access rights to Nordic control DBR
esea
rch
grou
p m
embe
rs
Prin
cipa
l In
vest
igat
orD
AC
se
cret
ary
DA
CO
pera
tor
Technical check of the application
Approval, rejection or request to amend of the application
Implement access rights for the
research group
Request amendments
Proposes approval or rejection
Yes
Infomrs how to access
Informs PIon decision
PI learns access has been granted/
denied
Implementation of DAC’s decision
Information on approval or rejection
Fill in or update an application and commit to the terms of use
Submit application
Submission Sanity check Decision Implementation
Research group members learn how to use the access rights
Access grant?
End
Informs Operator
No
Start
End
CASE: process for applying access to the Nordic Control Database
REMS DEMO
QUESTIONS?
See also the TNC2013 full paper in
http://tnc2013.terena.org/getfile/870
