XSEDE Capability Delivery Plan for "GRP-12: Use groups to control access within an XSEDE L1 or L2 resource"

Use Case GRP-12: Use groups to control access within an XSEDE L1 or L2 resource

Area: Account Management
URLs: Public, Review

Executive Summary: An L1 or L2 service provider needs to use groups to control access to his/her resource. The most common reason is to limit access to the resource to project groups that have active allocations via an official allocation process.

URLs: Public
First CDP: 2017-11-15

Current Implementation Status:

PARTIAL

Issues to be Addressed:

XCI-273: Technology readiness assessment for group management systems/services

This capability is currently supported by the following 3 components:

Component	User facing?	Component’s role in the capability
AMIE	no	A secure messaging service that is used to share individual user identity information and XSEDE group definitions between XCDB and individual SP resources and accounting systems.
XSEDE Central Database (XCDB)	no	The repository that stores XSEDE user profile data for individuals and XSEDE group definitions. Group definitions are currently used only for two purposes: XSEDE staff membership (for access to staff tools) and allocation project memberships (for permission to use resources associated with a project allocation).
XSEDE User Portal (XUP)	yes	The front-end (web browser-based) user interface to the XSEDE system where individuals register with XSEDE, manage their user profile information, request allocations to use XSEDE SP resources, and manage membership in projects that have active allocations.