Federated Identity Management for Research Collaborations

A number of laboratories including national and regional research organizations, are facing the challenge of a deluge of scientific data that needs to be accessed by expanding user bases in dynamic collaborations that cross organisational and national boundaries. Representatives from a variety of research communities, including European photon/neutron facilities, social science & humanities, High-energy physics, atmospheric science, bioinformatics and fusion energy, have come together to discuss how to address these issues with the objective to define a common policy and trust framework for Identity Management and secure access to data based on existing structures, federations and technologies. The discussions have been promoted via a series of the three workshops on federated Identity Systems for Scientific Collaborations. This paper will describe the needs of the research communities, the status of the activities in the FIM domain and highlight specific use cases. The common vision for FIM across these communities will be presented as well the key stages of the roadmap and a set of recommendations intended to ensure its implementation.



  • Daan Broeder is deputy head of the "Language Archive" a unit of the Max-Planck Institute for Psycholinguistics and is responsible for the group developing the LAT archiving software. He was one of the technical coordinators in the CLARIN EU project and is a member of the CLARIN NL Executive Board.
  • Bob Jones is head of the CERN openlab project (openlab.cern.ch) which facilitates collaboration between CERN and its industrial partners to study and develop data-intensive solutions for scientists working at the next-generation Large Hadron Collider (LHC). His experience in the distributed computing arena includes mandates as the technical director and then project director of the European Commission co-financed EGEE projects (2004-2010 http://www.eu-egee.org), which established and operated a production grid facility for e-Science spanning 300 sites across 48 countries for more than 12,000 researchers.
  • David Kelsey is Head of Particle Physics Computing at the STFC Rutherford Appleton Laboratory. He has held security related responsibilities within various Grids (GridPP, WLCG, EGEE and EGI), starting with the creation of the EU Certification Authorities Coordination Group in 2001. This subsequently resulted in the formation of the EUGridPMA and the International Grid Trust Federation (IGTF). Today he continues to lead the development of security policy for both EGI and WLCG and represents these infrastructures inside the IGTF.
  • Philip Kershaw is a senior developer with CEDA, the Centre for Environmental Data Archival at RAL Space, STFC Rutherford Appleton Laboratory in the UK. He is a specialist in federated identity management and has contributed to the security architecture for a number of distributed systems including the Earth System Grid Federation and Contrail, an EU Framework 7 project to develop a system to support federated cloud infrastructures. He authored and contributed to a number of papers and abstracts in the area of federated identity management and access control for applications in the environmental sciences domain.
  • Stefan Lüders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and infrastructure control systems against cyber-threats. Subsequently, he joined the CERN Computer Security Incident Response Team and is today heading this team as CERN’s Computer Security Officer with the mandate to coordinate all aspects of CERN’s computer security --- office computing security, computer centre security, GRID computing security and control system security --- whilst maintaining CERN’s academic environment and taking into account CERN’s operational needs. Dr. Lueders has presented on these topics at many different occasions to international bodies, governments, and companies, and published several articles.
  • Andrew Lyall, Ph.D., ELIXIR Project Manager (http://www.elixir-europe.org/), European Bioinformatics Institute (http://www.ebi.ac.uk/). ELIXIR aims to create a sustainable infrastructure for biological information in Europe, laying the foundations for the impending biological revolution. Before coming to EMBL-EBI Andrew spent 15 years working in industry, primarily at GlaxoSmithKline, where he rose to the position of Department Head. He has also worked in the biotechnology sector, at Oxford Glycosciences and as a founding director of Confirmant Ltd. Prior to this he worked as an academic researcher at the University of Bristol and the Edinburgh University as well as the Royal College of Surgeons in Ireland. He read biochemistry and computer science at Imperial College and received his PhD in bioinformatics from Edinburgh University.
  • Romain Wartel is the security officer for the Worldwide LHC Computing Grid. He has been involved in the operational security and policy aspects of several national and international grid projects. He has for example led the operational security coordination team of the EGEE infrastructure between 2006 and 2010. He currently focuses on international security incident response and on improving the collaboration on security issues between different computing infrastructures.
  • Heinz J Weyer PhD is teaching at Basel University. He was scientific coordinator of the Swiss Light Source SLS and leading author of the Digital User Office DUO in use at most European Photon and Neutron large facilities. As member of the SwissFEL team he is active in several EU projects for the development of the new generation of IT resources for the users at these facilities.