7,518 research outputs found
Identity in research infrastructure and scientific communication: Report from the 1st IRISC workshop, Helsinki Sep 12-13, 2011
Motivation for the IRISC workshop came from the observation that identity and digital identification are increasingly important factors in modern scientific research, especially with the now near-ubiquitous use of the Internet as a global medium for dissemination and debate of scientific knowledge and data, and as a platform for scientific collaborations and large-scale e-science activities.

The 1 1/2 day IRISC2011 workshop sought to explore a series of interrelated topics under two main themes: i) unambiguously identifying authors/creators & attributing their scholarly works, and ii) individual identification and access management in the context of identity federations. Specific aims of the workshop included:

• Raising overall awareness of key technical and non-technical challenges, opportunities and developments.
• Facilitating a dialogue, cross-pollination of ideas, collaboration and coordination between diverse – and largely unconnected – communities.
• Identifying & discussing existing/emerging technologies, best practices and requirements for researcher identification.

This report provides background information on key identification-related concepts & projects, describes workshop proceedings and summarizes key workshop findings
Managing Access to Service Providers in Federated Identity Environments: A Case Study in a Cloud Storage Service
© 2015 IEEE. Currently the diversity of services, which are adhering to Identity Federation, has raised new challenges in the area. Increasingly, service providers need to control the access to their resources by users from the federation as, even though the user is authenticated by the federation, its access to resources cannot be taken for granted. Each Service Provider (SP) of a federation implements their own access control mechanism. Moreover, SPs might need to allow different access control granularity. For instance, all users from a particular Identity Provider (IdP) may access the resources due to some financial agreement. On the other hand, it might be the case that only specific users, or groups of users, have access to the resources. This paper proposes a solution to this problem through a hierarchical authorization system. Our approach, which can be customized to different SPs, allows the SP administrator to manage which IdPs, or users, have access to the provided resources. In order to demonstrate the feasibility of our approach, we present a case study in the context of a cloud storage solution
Semantic security: specification and enforcement of semantic policies for security-driven collaborations
Collaborative research can often have demands on finer-grained security that go beyond the authentication-only paradigm as typified by many e-Infrastructure/Grid based solutions. Supporting finer-grained access control is often essential for domains where the specification and subsequent enforcement of authorization policies is needed. The clinical domain is one area in particular where this is so. However it is the case that existing security authorization solutions are fragile, inflexible and difficult to establish and maintain. As a result they often do not meet the needs of real world collaborations where robustness and flexibility of policy specification and enforcement, and ease of maintenance are essential. In this paper we present results of the JISC funded Advanced Grid Authorisation through Semantic Technologies (AGAST) project (www.nesc.ac.uk/hub/projects/agast) and show how semantic-based approaches to security policy specification and enforcement can address many of the limitations with existing security solutions. These are demonstrated into the clinical trials domain through the MRC funded Virtual Organisations for Trials and Epidemiological Studies (VOTES) project (www.nesc.ac.uk/hub/projects/votes) and the epidemiological domain through the JISC funded SeeGEO project (www.nesc.ac.uk/hub/projects/seegeo)
Single sign-on and authorization for dynamic virtual organizations
The vision of the Grid is to support the dynamic establishment and subsequent management of virtual organizations (VO). To achieve this presents many challenges for the Grid community with perhaps the greatest one being security. Whilst Public Key Infrastructures (PKI) provide a form of single sign-on through recognition of trusted certification authorities, they have numerous limitations. The Internet2 Shibboleth architecture and protocols provide an enabling technology overcoming some of the issues with PKIs however Shibboleth too suffers from various limitations that make its application for dynamic VO establishment and management difficult. In this paper we explore the limitations of PKIs and Shibboleth and present an infrastructure that incorporates single sign-on with advanced authorization of federated security infrastructures and yet is seamless and targeted to the needs of end users. We explore this infrastructure through an educational case study at the National e-Science Centre (NeSC) at the University of Glasgow and Edinburgh
Transformative Effects of NDIIPP, the Case of the Henry A. Murray Archive
This article comprises reflections on the changes to the Henry A.
Murray Research Archive, catalyzed by involvement with the National
Digital Information Infrastructure and Preservation Program
(NDIIPP) partnership, and the accompanying introduction of next
generation digital library software.
Founded in 1976 at Radcliffe, the Henry A. Murray Research
Archive is the endowed, permanent repository for quantitative and
qualitative research data at the Institute for Quantitative Social Science,
in Harvard University. The Murray preserves in perpetuity all
types of data of interest to the research community, including numerical,
video, audio, interview notes, and other types. The center
is unique among data archives in the United States in the extent
of its holdings in quantitative, qualitative, and mixed quantitativequalitative
research.
The Murray took part in an NDIIPP-funded collaboration
with four other archival partners, Data-PASS, for the purpose of
the identification and acquisition of data at risk, and the joint development
of best practices with respect to shared stewardship,
preservation, and exchange of these data. During this time, the
Dataverse Network (DVN) software was introduced, facilitating
the creation of virtual archives. The combination of institutional
collaboration and new technology lead the Murray to re-engineer
its entire acquisition process; completely rewrite its ingest,
dissemination, and other licensing agreements; and adopt a new
model for ingest, discovery, access, and presentation of its collections.
Through the Data-PASS project, the Murray has acquired a
number of important data collections. The resulting changes
within the Murray have been dramatic, including increasing its
overall rate of acquisitions by fourfold; and disseminating acquisitions
far more rapidly. Furthermore, the new licensing and
processing procedures allow a previously undreamed of level of
interoperability and collaboration with partner archives, facilitating
integrated discovery and presentation services, and joint
stewardship of collections.published or submitted for publicatio
Agile and Pro-Active Public Administration as a Collaborative Networked Organization
In highly competitive, globalized economies and societies of always-on-line
people intensively using the Internet and mobile phones, public administrations
have to adapt to new challenges. Enterprises and citizens expect public
administrations to be agile and pro-active to foster development. A way to
achieve agility and pro-activity is application of a model of Collaborative
Network Organizations in its two forms: Virtual Organizations (VO) and Virtual
Organization Breeding Environments (VOBE). In the paper, advantages are shown
of public administration playing a role of a Virtual Organization customer on
the one hand, and a Virtual Organization member on the other hand. It is also
shown how public administration playing a role of a Virtual Organization
Breeding Environment may improve its agility and promote advanced technologies
and management methods among local organizations. It is argued in the paper
that public administration should provide a Virtual Organization Breeding
Environment as a part of public services.Comment: 6 pages, 2 figure
- …