EISCAT_3D will be an international research infrastructure using radar observations and the incoherent scatter technique for studies of the atmosphere and near-Earth space environment above the Fenno-Scandinavian Arctic, as well as for support of the solar system and radio astronomy sciences. The radar system is designed to investigate how the Earth’s atmosphere is coupled to space but it will also be suitable for a wide range of other scientific targets for e.g space weather forecasts and detecting space debris.
The EISCAT_3D users are expected to access the User Analysis Facility through a user portal (Web) or a command-line interface to the virtualized resources. The metadata searches for analyses may also be performed through either the EISCAT_3D portal or command line interface. The data that is to be analysed must be accessed from the data centres from the fast and slow data stores and transferred to the computing resources where the analysis code will run. As the EISCAT_3D users will access the computing e-infrastructure from different countries (also expected to be from outside the Nordic area), a common means of authenticating (identifying) users and authorising access is needed.
EISCAT currently provides their resources to their partners through a web portal, which uses IP addresses and country codes to provide access. The current setup, all made of software components written in Python, consists of:
The intended AARC AAI setup consists of:
The main goal of the pilot is to have EISCAT_3D move away from the IP based Authentication model they are currently using for their portal to embrace the federated AAI model based on the AARC BPA for authenticating and authorising their users. In fact, EISCAT_3D has a large set of user roles and functions.
To achieve this goal, the Authentication part of the Python code currently implementing the IP based authentication will be replaced by a page published as a user landing page, after successful proxy authentication, protected by a SAML service provider, whose content will be displayed only to successfully authenticated and authorised users.
The main implementation phases designed for this pilot are the following ones:
To support the implementation of the whole pilot in its various phases, a specific training for the EISCAT_3D community will be organized by AARC NA2 at a later point, in close collaboration with SA1.
Current understanding of pilot architecture, as proposed in Milan at the PlugFest - Sketchy whiteboard notes :