Overall NFDI software architecture – data security and sovereignty
Measure S-5: Overall NFDI software architecture
The goal of this measure is to establish best practices for securely providing and accessing (meta)data in a distributed architecture operated by service providers from different scientific communities. Some examples for these so called data spaces are being implemented by the International Data Spaces Association, Gaia-X or EOSC. The tasks of this measure consider the following topics: Authentication and authorisation infrastructures (AAI), role management, data space interfaces, connectors as well as data identifiers and discovery.
The services established within this task area but also the activities within other task areas will eventually contribute to the overall vision of the NFDI. To achieve this goal, all offered services should be based on common grounds following consolidated practices. The objectives are widely aligned with the tasks:
1. Find common core for authentication and authorization infrastructures
2. Develop and deploy a role and access management service
3. Develop common interfaces and marketplaces within the federated dataspace
4. Build a linked data space for discoverability
The key challenges are tackled within the Measure and within coordinated activities that work across the different NFDI consortia.
Tasks
Task S-5-1: Harmonisation of authentication and authorisation infrastructures We will harmonise existing approaches for federated AAIs like DFN-AAI on national, or EDUGAIN on international level, with initiatives such as ORCID that aim at identification of researchers throughout their career at different institutions. If necessary, we combine existing approaches using present reference architectures like AARC. The Work in this task is coordinated with other NFDI consortia in the „Task Force AAI and Rights Management“.
Task S-5-2: Development of a role and access management service We will develop a role and access management service that uses AAI to identify users and provisions access to other services offered by the federation. Thus, we enable researchers to form workgroups across institutional boundaries. We will implement a service for role and access management that is able to provide access rights to other services within a federation. The task will be coordinated with the BMBF funded project „FAIR Data Space“.
Task S-5-3: Development of interfaces and marketplaces towards a common federated data space We will define a set of interfaces as a reference architecture of a federated data space for research data that is comparable, or better compatible, with existing interfaces for repository harvesting, linked data interfaces, or the International Data Space. The task will be coordinated with the BMBF funded project „FAIR Data Space“.
Task S-5-4: Building a federated linked data space for discoverability We will connect decentralised engineering-related (meta)data services and repositories with interfaces and services for data identifiers and discovery mechanisms in a federated data space. The task is carried out in conjunction with S-3 and it will be coordinated with the BMBF funded project „FAIR Data Space“.
Results
NFDI4Ing is active in the NFDI Task Force AAI and contributes to the overall vision of a common authentication infrastructure for the NFDI. Within the BMBF funded project „FAIR Data Spaces“, NFDI4Ing contributes requirements towards connecting FAIR research data services with cloud infrastructures provided by Gaia-X. The projects aims to coordinate the efforts of many NFDI consortia towards a common, cloud based data space.