DARIAH EU AAI consideration K. Skala, D. Davidović, Z. Šojat Lisbon, 22 May 2015

Multi-Source Distributed Real- Time Search and Information Retrieval’ application (GWDG) Bavarian dialects dataset (AAS) Clouds and GridsFederated DARIAH resources CDSTAR JRA2.1 Federated Data New DARIAH applications and datasets (RBI, DANS) JRA2.2 Federated Cloud DARIAH Virtual Organisation ? Outreach, training, user support (all) Technologies e-Infrastructure Apps. and datasets Community ? DARIAH Competente Centre: Architecture & Activity Summary EGI Conference 2015, Lisbon, Portugal2

Services offered by DARIAH CC WS-PGRADE/gUSE: Liferay-based, generic-purpose, workflow-oriented, customizable gateway technology EGI Conference 2015, Lisbon, Portugal3 DCI Bridge: compute resource access abstraction layer, using standardized OGSA-BES (access to EGI services, EC2-based clouds, clusters) Data Avenue: data resource access abstraction layer (access to S3, SRM, iRODS, Cassandra, GSIFTP, etc.)

Use Case Bavarian dialects database dialects within the Austrian-Hungarian monarchy from the beginnings of German language to nowadays File types: text, multimedia (images, audio files etc.), primary collection data, interpreted data, secondary background data and geo-data Headwords (about 50,000 A-Z) Records (about 40,000 plants; about 70,000 in general) Aim: provide distributed repository on EGI using gLibrary Final decision later Possible extension/upgrade with other use cases

Other possible use cases (to be decided) The Quadriga System: Computational Analysis of deep semantically annotated text develop prototypical workflow for the computational analysis of historical documents Multi-Source Distributed Real-Time Search and Information Retrieval distributed real-time search engines built on-top of a big-data search and analytics platform

Current AAI status of DARIAH community/research Infrastructure To be defined after the survey process in DARIAH CC AAI related questions: Has your community/research infrastructure already used AAI solutions for their use case? Can you describe the solutions you have adopted highlighting as applicable: Technology adopted (e.g. X509, SAML Shibboleth,...) Identity Providers (IdP) federations integrated (e.g. eduGAIN) or approximate number of individual IdPs integrated Solution for homeless users (users without an insitutional IdP) Solutions to handle user attributes How do users access your online resources? (Which kind of access control did you implement to grant access to your service and resources) What do users of your resources need authentication for?

Needs and expectations from an AAI integration in the EGI infrastructure Type of IdP to be integrated (e.g. institutional IdP part of national federations and eduGAIN or non federated, social media credentials, dedicated research community catch-all IdP,...) Preferred authentication technology, and requirements for support of multiple technology and credential translation services (e.g. SAML -> X509 translation) Community level authorization/attribute based authorization to support different authorization levels for the users Web access and/or non-web access Need for delegation (e.g. execute complex workflows on behalf of the user) Support for different level of assurance credentials, and need to use the information about users with lower level of assurance credentials to limit their capability Requirements for high level of assurance credentials (e.g. to access confidential/sensitive data)

Planned AAI solutions Web-based platform Authentication and authorization available via: SAML2 (eduGAIN, HEXAA - authZ) Social media credentials (Facebook) Username/password X.509 ceredntials LDAP Access to compute/data services via: SAML assertions X.509 Username/password Public key Delegation also planned beside robot credentials