The InCommon project describes activities to produce a guidance document for use by NSF Cyberinfrastructure (CI) projects, their researchers, their users, and campus policy makers, in adopting and using the technologies and policies that make up the identity federation among US campuses called InCommon. Working off existing InCommon documentation, this Roadmap document will focus as much on the motivations and policies as the technologies for joining and participating in the InCommon federation. The document will include advice to NSF as well. The document will be produced under the auspices of an editorial board of technical and policy experts with approval of a final version to be approved by the ACCI Campus Bridging Task Force. Metrics of success for the Roadmap document relate to increased membership and use of federated identity. These metrics therefore address quantitatively the criterion of Broader Impact. Intellectual merit is noted by the proposal as how to overcome the policy, technical, and social challenges in producing clear and concise guidance.

In reality, a single expert will be doing the vast majority of work on this document. The creator of GridShib, along with the identified members of the editorial board, are highly qualified to produce a sound Roadmap. A key driver for adoption and use of this document will be in the motivations for use of InCommon, properly situated as the first thrust area. The proposal includes a detailed timeline and defines the three thrust areas appropriately. The process of using a stellar editorial board with required approval of the ACCI Campus Bridging Task Force ensures the release of a Roadmap that is both technically sound and fully responsive to the needs of CI-centric projects and capabilities of campus CI. If successful, this document will be a cornerstone for wider scale adoption and use of federated identity as defined by the InCommon Federation, the predominant trust fabric in existence today across academic campuses, while providing NSF a reference for the community in defining a path toward achieving the goal of shared CI.

Project Report

Competitiveness in research, and by extension the US economy as discoveries are moved to innovations that spark new business opportunities, increasingly depends on the ability of scientific teams to quickly assemble, share data and facilities, and interpret results. Science is now not only a team effort, it is a distributed one. The Internet has long been a tool of individual scientists, and now it is becoming a tool of distributed science teams. In order for these research teams to be competitive, some basic technologies like easy and secure logins must become part of the fabric of research. The InCommon Federation, with over 300 university, government, and industry partners, has developed tools that allow investigators to use their institutional login credentials to access facilities and share data across the country. This is a significant innovation – scientists can now use one login ID and password to access many resources which means they don’t have to remember a password for each system and project. However, implementing these technologies is not straightforward. Each institution that wishes to participate must not only put in place the technologies to securely share login information, but administrators must understand how these system impact them. Scientists need to know how federated logins can be used to accelerate their research. The guide funded through this grant helps scientists understand the value of federated identities and the uses to which it may be put to advance research. For example, scientists at several institutions can now use their institutional logins to rapidly and easily submit joint grant applications to federal agencies such as the National Science Foundation. They can then use these same logins to access data from shared instruments such supercomputers to analyze their data. They can then rapidly collaborate to produce scientific reports by secure online data and document sharing. It helps university administrators understand the costs and policy implications of investing in these technologies. Administrators need to adopt practices institutionally that support federated identities while still ensuring that sensitive data are protected. It also helps them understand the financial implications of investing in these systems, the value an institution will see from these investments in terms of increased productivity, and describes partnership options to partner with InCommon, other universities, and industry to establish a sustainable program in federated identities. It provides technologists with a comprehensive guide to implementing federated identities. Topics covered include best practices for managing identities internally so that an institution can share them effectively and efficiently, various technology options and how these technology options can be implemented, foundational infrastructures that must be in place to ensure that solutions operate smoothly and securely, and guides and examples of institutions that have already implemented federated identities so they can take advantage of lessons learned by those who have come before them. Federated identity systems have already been successfully implemented by a number of universities and companies, by federal agencies such as the National Science Foundation and the National Institutes of Health, and by virtual research organizations that support research activities such as the TeraGrid (now XSEDE) national grid of supercomputing resources and the Indiana Clinical and Translational Sciences Institute that is dedicated to the acceleration of health research ‘from bench to bedside’ which will result in improved health outcomes across the country. This guide has been widely distributed. It is posted online on the InCommon website and archived in Indiana University's Scholarworks where it is available via print-on-demand. Project leaders presented this information at the Internet2 and TeraGrid 2011 meetings – key conferences for disseminating information and getting community feedback. That feedback has been uniformly positive, indicating we achieved one of our primary goals of making this complex challenge understandable to a number of stakeholders. We were also able to complete this project $12,000 under budget, resulting in savings back to the NSF. By helping more institutions and facilities accelerate research and lower its risk and costs, this project will help accelerate science productivity and, therefore, innovations that drive our economy.

Agency
National Science Foundation (NSF)
Institute
Division of Advanced CyberInfrastructure (ACI)
Type
Standard Grant (Standard)
Application #
1040777
Program Officer
Kevin Thompson
Project Start
Project End
Budget Start
2010-08-01
Budget End
2011-07-31
Support Year
Fiscal Year
2010
Total Cost
$45,783
Indirect Cost
Name
Indiana University
Department
Type
DUNS #
City
Bloomington
State
IN
Country
United States
Zip Code
47401