Account Management Use Cases

Like any computer system, XSEDE needs a way to identity the people who use it, limit/control its use, and ensure that community rules and expectations are honored.

XSEDE identity management describes how we identify individual people and their relationships with other systems and other organizations. XSEDE group management describes how we organize and name groups of individuals. Finally, XSEDE allocation management describes how our community authorizes and/or limits the use of community services by specific individuals or groups.


Allocation Management:

The use cases in this area describe how access to specific XSEDE resources is managed, including: the project proposal process, the proposal review process, and the process of allocating XSEDE resources to specific projects.

One of XSEDE's central missions is to facilitate the use of the most powerful public computers in the United States. These computers are powerful, but the demand to use them is larger than the capacity they offer. The scientific community must assign access to these resources based on national priorities. The allocation system described in these use cases is an important part of the overall XSEDE system. A central allocation system--one that researchers can use to request access to many resources--is important to ensure the easiest access by researchers.

(10 use cases)
Use Case ID Title Use Case Description
P2-01 Establish an Allocations Process
P2-02 Establish allocation review panel
P2-03 Add resources to allocations process
P2-04 Establish an allocation Submission Opportunity
P2-05 Submission of Allocation Request
P2-06 Manage review of Submissions to an Allocations Opportunity
P2-07 Submission of a Review
P2-08 Award or reject allocation request
P2-09 Allocation data reporting and access
P2-10 Customize allocation request data fields


Group Management:

These use cases describe how XSEDE users, staff, and partners create and manage groups of registered users for various purposes. In its simplest form, a group is a list of people, maintained for some ongoing purpose. Groups can be used to coordinate research teams (e.g., authorizing use of a specific XSEDE allocation), for communication (e.g., managing an email list), or for project management (e.g., task assignments). More generally, groups can be used as a basis for authorization decisions by services that use the XSEDE identity platform. (See identity management use cases IDM-* and system functions CAN-6 and CAN-9.)

(13 use cases)
Use Case ID Title Use Case Description
GRP-01 Researcher manages membership of a project group
GRP-02 Manually create a group
GRP-03 Manually view or manage the configuration or membership of a group
GRP-05 Invite members to a group
GRP-06 Request membership in a group
GRP-09 Synchronize an external group
GRP-10 Automate a group's configuration
GRP-12 Use groups to control access within an XSEDE L1 or L2 resource
GRP-13 Use a group to control access within an XSEDE service
GRP-14 Use a group to control access within an external resource
GRP-15 Use a group for task assignments within a staff tool
GRP-16 Use a group for email distribution
GRP-17 Drive project membership with an email message


Identity Management:

How researchers, scientists, and other community members register themselves with the XSEDE system, manage their profile information, and authenticate their identities when using XSEDE services

(13 use cases)
Use Case ID Title Use Case Description
IDM-01 Register with XSEDE
IDM-02 Login to XSEDE user portal with username/password
IDM-03 Change an XSEDE user profile
IDM-04 Login to XSEDE user portal with a non-XSEDE identity
IDM-05 Link or unlink a non-XSEDE identity
IDM-06 Login to a science gateway with an XSEDE identity
IDM-07 Login to a locally installed application with XSEDE username/password
IDM-08 Login to a locally installed application with SSH/X.509 key
IDM-10 Authenticate to an XSEDE identity using WS-Trust Secure Token Service
IDM-11 Use an XSEDE identity for InCommon authentication
IDM-12 Single sign-on for XSEDE OpenStack resources
IDM-13 Authenticate to XSEDE OpenStack APIs
IDM-14 SSH access using XSEDE identities for education