pith. sign in

arxiv: 2410.18411 · v3 · pith:IUJ4THYTnew · submitted 2024-10-24 · 💻 cs.DC

Federated Single Sign-On and Zero Trust Co-design for AI and HPC Digital Research Infrastructures

classification 💻 cs.DC
keywords accesscontrolsfederatedresearchscientificcomputingdigitaldris
0
0 comments X
read the original abstract

Scientific workflows have become highly heterogenous, leveraging distributed facilities such as High Performance Computing (HPC), Artificial Intelligence (AI), Machine Learning (ML), scientific instruments (data-driven pipelines) and edge computing. As a result, Identity and Access Management (IAM) and Cybersecurity challenges across the diverse hardware and software stacks are growing. Nevertheless, scientific productivity relies on lowering access barriers via seamless, single sign-on (SSO) and federated login while ensuring access controls and compliance. We present an implementation of a federated IAM solution, which is coupled with multiple layers of security controls, multi-factor authentication, cloud-native protocols, and time-limited role-based access controls (RBAC) that has been co-designed and deployed for the Isambard-AI and HPC supercomputing Digital Research Infrastructures (DRIs) in the UK. Isambard DRIs as a national research resource are expected to comply with regulatory frameworks. Implementation details for monitoring, alerting and controls are outlined in the paper alongside selected user stories for demonstrating IAM workflows for different roles.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.