[glue-wg] Multi-institutional Infrastructures for e-Science

[Laurence Field]

As input into the discussion on Friday, I have tried to give a 
description of the main problem domain which we are trying to address. 
After this description, I have tried to define what we understand by 
site, service, VO and resource based on our experience within this 
problem domain.

Problem Description:
Universities and research institutes are real organizations that have 
computing centers. Each organization is autonomous and have their own, 
security infrastructure, policies, systems etc. and are ultimately 
responsible for their resources.

Scientists from different institutions collaborate on specific research 
topics and they would like to use the resources available to them.  The 
difficulties faced by the collaboration is that each organization where 
the resources are located have different, security infrastructures, 
policies, systems etc. 

To solve this problem the security infrastructures, policies, systems 
need to be generalized. A common security model is adopted where usage 
of resources at an organization is dependent on the collaboration to 
which the user is participating.  Types of systems are also generalized 
so that the user does not have to understand the details of different 
implementations that organizations have.  An interface is required at 
the organizational boundary that maps the generalized system to the 
organizational specific security model and the local system.

Site:
A site represents the real organization, eg Universities and Research 
Institutes which are administrative domains. It is usually a physical 
location where the resource and system administration team can be found. 
They have their own polices and identity and exist independently of 
other sites.

Virtual Organization: 
A virtual organization represents the collaboration, a group of 
scientist working together for a specific topic. Within this virtual 
organization there may be sub groups and different roles.  Virtual 
organizations also have there own policies and exist independently.  
Members of the VO do not have to belong to any organization which 
provides resources.

Service:
The service is the interface at the site boundary that maps from a 
generic grid interface to the local system. As the service provides the 
interface between the grid and a local system,  there is a relationship 
between the service and the site. In addition there is also a 
relationship between the service and the virtual organization.  Services 
also have to ensure the adherence to agreed common polices, eg access 
logs, accounting and auditing etc.

Resource:
A resource is the functionality that the user would like to use.  As the 
resource is local to the site, there is a relationship between the 
resource and the site.  As the service gives access to the resource 
there is also a relationship between a resource and a service.