Transcript Coriolis data center

User Registration in the SeaDataNet V1 system
by
Dick M.A. Schaap – technical coordinator
Oostende, June 08
SeaDataNet User’s portal schema V1
General request
Metadata request
Project info
Standards
Data request Status of
request
metadata
User
Data
registration download
data
Cross search
My transact.
Software
EDIOS
EDMED
CDI
Vocabularies
CSR
EDMERP
EDMO
Shopping
basket
Requests
status
manager
Organisation +
data source id
CSR
EDIOS
CDI
EDMO
EDMED
at BODC
BODC Database
+ EDMERP
at MARIS
BSH Database
Metadata & Data catalogues
Entry point for access hits
services for metadata
Data downloading services
Visualization services (WMS) for V2
AAA
User
Register
Ifremer Database
at BSH
Registr.
...
Download managers in Data centers
Authentication, Authorization and Administration
Single Sign On system required for access to distributed system
User’s authentication information based on
personal login / password
Central User Register, hosted at IFREMER
Login – password to give access to:
Submitting shopping basket orders by users
Checking the status of shopping requests and downloading of
data sets via the personal Request Status Manager by users
Checking and validating the outstanding shopping requests via the
Request Status Manager by Data centre managers
Checking the history of data requests via the Request Status
Manager by Data centre managers
Login to the SeaDataNet extranet by SeaDataNet partners
Authentication and authorization implementation
Authentication
User
4
CAS
authentication
form
CAS
User
catalogue
user
identifier,
&full user
information
LDAP
login +
password
Access
to
controlled
facilities
for authentication only
SeaDataNet
web portal
user
identifier,
password,
SDN role
(all distributed
components with
controlled access)
SDN user directory
Web
Service
To get user information
or to get user rôle
User log-in screen
User registration and registration validation process
User must register in order to get one login
Online request form to provide the necessary information
User agrees with the “SeaDataNet User Licence” which is part of
the SeaDataNet Data Policy
User request form is forwarded to the SeaDataNet data centre of the
country of the user
The national data centre must evaluate the request and effectuate
the user registration, thereby giving ‘user role(s)’
The ‘user roles’ are decisive for the authorisation process
After registration, the user will receive his/her login -password by
email (email check)
So a Central User Register, but with decentralized management
User registration and registration validation process
User
User personal identifier (login) + password
3
NODC of the user’s country
or SDN User Desk (default)
SDN User Desk
Registration
request
Validation
SDN licence agreement
+ User information
1
2
Registration
Web form
Validation of user registration
and SeaDataNet role assignment
Validation
Web form
+ SeaDataNet
role
SeaDataNet web portal
Transmission by email
3
User
directory
update
SeaDataNet
user directory
SDNR01
Administrator
A user who is able to bypass any access control
created by SeaDataNet but with no bypass rights for
local access controls
SDNR02
Public
Any authenticated individual with sufficient
credentials to satisfy SeaDataNet access logging
requirement
SDNR03
Academic
A user who accesses data on the SeaDataNet
network for purposes of education or bona fide nonprofit academic research
SDNR04
Commercial
A user who accesses data on the SeaDataNet
network with the objective of making a financial
profit from its use
SDNR05
National and
local
government
A user who accesses data on the SeaDataNet
network for administrative or legislative purposes
within the boundaries of a nation.
SDNR06
Pan-national
government
A user who accesses data on the SeaDataNet
network for international administrative or legislative
purposes. Generally but not exclusively the European
Union in the SeaDataNet context
SDNR07
Partner
A person employed by an organisation participating
in SeaDataNet. This gives the right to access, create
and (with ownership rights) maintain project
documents and metadatabase entries.
User Roles => See Vocabulary C866
1 Registration request
=> Page 1 : Agreement on data license
=> Page 2 : User personal information
1 Registration request
Page 3 : Confirmation of registration request
2 Registration validation
=> Mail sent to NODC or SeaDataNet user desk
=> SeaDataNet role attribution and validation
2 Change in user’s information
=> A web form is available at
https://www.ifremer.fr/AAARegistration/faces/UserPersonalInformation.jsp
=> The e-mail address can’t be changed (because linked to user’s login and id
in the central registry)
Action by SeaDataNet national data centres
Each SeaDataNet national data centre must provide to the
user desk ([email protected]) at least one e-mail
address, or better a list of addresses, of people in charge of
SeaDataNet user registration validation for their country.
Each SeaDataNet national data centre must process
registration requests from users from its country.