Skip to main content

Research grids and industrial data

What happens when industry collaborates with academics, using the grid to share data? This was one of the main issues that we discussed today in a meeting of the NanoCMOS project. The industrial partners were clear that they would have to be convinced that their valuable data will be adequately protected before they allow their academic colleagues to use it on the grid.

The NanoCMOS project is looking at the impact of variability on the design and production of next-generation microchips. It is funded by the EPSRC and involves several leading electronics companies. The aim is to make circuit designs more resistent to the variations in the yield and performance of microchips; such variability is increasing as transistors get smaller and smaller. In a multi-billion dollar industry, it is clear that the companies involved do not want information about the design or performance of their products to go AWOL.

In the B.G. world (Before Grids), companies license their data to certain academics for them to use at their institutions. The academics are responsible for the use or misuse of this data and their institutions can be held to account in the courts.

In the world of grids, the licensing situation becomes more complicated. When scientists in different institutions use a grid to collaborate, all of them have to be bound into a licence agreement. In addition, the data providers must also trust the underlying technology and the people who use and maintain it. This requires advances in the state of the art of both the technology and in writing licences.

So far, the NanoCMOS project has focussed on the technology. Richard Sinnott's group at NeSC Glasgow are using Shibboleth to manage remote authentication and authorisation. They have developed appropriate authorisation roles, which include the authority to access particular software packages or particular data sets. Users can also be given the authority to delegate some of their roles to other people.

This apporach should work; it will allow data owners to restrict access to named individuals. The more taxing question is who manages the creation and assignment of roles. Ultimately this policy must be determined by the licensing organisation. They may install Shibboleth themselves and require all attempts to access a data set to seek authorisation from their server. Alternatively, they could delegate this right to the lead academic, who would then be responsible for managing the allocation of access rights.

Underlying this, the implementation, deployment and management of the technology must be trustworthy. The system administrators at the various sites will have the opportunity to misconfigure a system (whether deliberately or not). Additionally, of course, each deployment must be secure in itself. This will require a system of checklists and audits. Finally, each system must keep a secure log, so that they can demonstrate they have satisfied the licence agreements.

The NanoCMOS project should provide an excellent opportunity to test this in practice. The industrialists want to contribute real data and will only do so if we can get all the details right.

Comments

Popular posts from this blog

Changing Principles

In EA, architecture principles set a framework for making architectural decisions.  They help to establish a common understanding across different groups of stakeholders, and provide guidance for portfolios and projects.  Michael Durso of the LSE gave a good introduction to the idea in a webinar last week for the UCISA EA community.

Many organisations take the TOGAF architecture principles as a starting point.  These are based on the four architectural domains of TOGAF: business, information/data, applications, technology/infrastructure.  These principles tend to describe what should be done, e.g. re-use applications, buy in software rather than build it, keep data secure.  See for example the principles adopted at Plymouth University and the University of Birmingham.

Recently though, I encountered a different way of looking at principles.  The user experience design community tend to focus more on how we should do things.  E.g. we should start with user needs, use iterative developm…

Why the UCISA Capability Model is useful

What do Universities do?

This may seem a strange question to ask and the answer may seem obvious.  Universities educate students and undertake research.  And perhaps they work with industrial partners and create spin-off companies of their worn.  And they may work with local communities, and affiliation bodies for certain degress, and they definitely report on their activities to government bodies such as HEFCE.  They provide student services and support.  The longeryou think about it, the more things you can think of that a University does.

In business, the things that an organisation does are called "capabilities", which is a slightly strange term.  I think it is linked to the HR idea of a combination of the CAPacity and ABILITY to do a task.  Whatever the name, it is a useful concept.  A capability is more basic than a process: a University may change the way it educates students but as long as it remains a University it will educate them one way or another.

A capability …

A new EA Repository

One of my goals since starting this job two years ago has always been to create a repository for architecture documents.  The idea is to have a central store where people can find information about the University's applications, data sources, business processes, and other architectural information.  This store will make it easier for us to explain our plans, to show the current state of the University's information systems, and to explain what Enterprise Architecture is all about.

It's taken a long time to reach this goal, mainly because we're often had more pressing and immediate work to be done.  The creation of a repository is one of those tasks that is very important but never quite urgent.  So I'm now very happy to say that we are in the process of deploying a repository and modelling tool.


This is the culmination of a careful process to select the most appropriate tool for our needs.  We began by organising several workshops to gather requirements from a rang…