Monday, April 1 • 1:50pm - 2:20pm
AAI, 2FA & Federated Ambitions for OpenStack at Big Data Institute Oxford - Callum Smith, University of Oxford

Sign up or log in to save this to your schedule and see who's attending!

Delivering a single authentication and authorisation platform to support scientific workloads requiring HPC on patient identifiable datasets. A solution that supports web and non-web technologies consistently across the estate and has opportunity to integrate federated identity.

As a development of the research computing platform of Oxford’s Wellcome Centre for Human Genetics and the Big Data Institute, the newly named Biomedical Research Computing (BMRC) facility has undergone massive expansion in scope and service diversification over the past 12 months. Our emerging requirement is to enable high-performance processing of very large-scale sensitive data sets.

At the centre of our new service provision to deliver this is an OpenStack environment with a powerful authentication and authorisation infrastructure platform to enable high performance compute workloads on these sensitive datasets. Our AAI solution is based on open source technologies and supports a wide range of both web and non-web authentication protocols to ensure comprehensive support for the entire estate. Second factor authentication is provided in the form of HOTP/TOTP tokens (Google Authenticator/FreeOTP) or YubiKey hardware tokens.

Federated identity is a challenge to a number of HPC service providers, not just a collegiate university such as Oxford, so we have architected our solution around support for external identity mapping. Web federation is a well established and supported concept but non-web implementations often fall short in terms of usability and security. We have large ambitions to deliver secure and easy-to-use federated identity.


Callum Smith

Oxford BDI

Monday April 1, 2019 1:50pm - 2:20pm
Specialist Etc.Venues St. Paul's

Attendees (6)