Presentation
Federated Single Sign-On and Zero Trust Co-design for AI and HPC Digital Research Infrastructures
DescriptionScientific workflows have become highly heterogeneous leveraging distributed facilities such as HPC, Artificial Intelligence (AI), Machine Learning (ML), scientific instruments (data-driven pipelines) and edge computing. As a result, Identity and Access Management (IAM) and Cybersecurity challenges across the diverse hardware and software stacks are growing. Nevertheless, scientific productivity relies on lowering access barriers via seamless, single sign-on and federated login while ensuring access controls and compliance. We present an implementation of a federated
IAM solution, which is coupled with multiple layers of security controls, multi-factor authentication, cloud-native protocols, and time-limited role-based access controls (RBAC) that has been
co-designed and deployed for the Isambard-AI and HPC supercomputing Digital Research Infrastructures (DRIs) in the UK.
Isambard DRIs as a national research resource are expected
to comply with regulatory frameworks. Implementation details
for monitoring, alerting and controls are outlined in the paper
alongside selected user stories for demonstrating IAM workflows
for different roles.
IAM solution, which is coupled with multiple layers of security controls, multi-factor authentication, cloud-native protocols, and time-limited role-based access controls (RBAC) that has been
co-designed and deployed for the Isambard-AI and HPC supercomputing Digital Research Infrastructures (DRIs) in the UK.
Isambard DRIs as a national research resource are expected
to comply with regulatory frameworks. Implementation details
for monitoring, alerting and controls are outlined in the paper
alongside selected user stories for demonstrating IAM workflows
for different roles.