Data Access Meeting 2015-10-12

Date

12 Oct 2015

Attendees

• Unknown User (jar), Unknown User (xiuqin), Gregory Dubois-Felsmann, Tatiana Goldina

• Brian Van Klaveren, Unknown User (npease), Jacek Becla

Discussion items

butler

• configurable. Can access local or remote resources (or both) resouces
• should be able to access data via RESTful or any other channels that might be available
• must pay attention to authorization/authentication

automatic fallback if some data not available?

• two cases: data never brought up to a given DAC - this is project policy decision. At the moment unclear if we should automatically fallback.
• data corrupt at a given site, need to be brought from other site

running dax services continuously

• SUI team would find it useful
• lsst-dev used now to run dax_webserv. The machine is periodically rebooted, services have to be restarted manually
• don't have control over the stack that is installed on lsst-dev (Bremerton setup required that particular version of stack to work)

authentication / authorization

• same user can belong to different institutions/groups, we will need to check all access rights when determining if user can access data

• multiple implementation of authentications: delegate/pass through or direct authentication

• once you establish identity, move it around, don't re-authenticate

• sui will be spinning python processes on user behalf, we will need to forward authentication token down to these processes

• 3 tier organization: users/groups/tenants