{"title":"Integrating Science Gateways with Secure Cloud Computing Resources: An Examination of Two Deployment Patterns and Their Requirements","authors":"M. Pierce, S. Marru","doi":"10.1109/HUSTProtools51951.2020.00010","DOIUrl":null,"url":null,"abstract":"This paper examines scenarios in which science gateways can facilitate access to cloud computing resources to support scientific research using regulated or protected data stored on clouds. Specifically, we discuss the use of science gateways to access Controlled Unclassified Information (CUI), a US regulatory standard that covers a broad range of US federal government-owned or regulated data, and that also provides a useful proxy for other types of sensitive data, such as private sector intellectual property. We focus on the impact of CUI requirements on science gateway platforms that can be used to create and manage science gateway instances. Gateway platforms are centrally operated by gateway platform providers who create and control gateway instances on behalf of gateway providers. Broadly, platforms operate following either a multi-tenant or else a multi-instance pattern. Multi-tenanted science gateway platforms are designed to support multiple science gateways simultaneously, with each gateway as a tenant to a single operational instance of the platform middleware. Multi-instance platforms, on the other hand, provide and manage an entire instance of the science gateway software for each gateway. This paper reviews these two scenarios from the perspective of the Science Gateways Platform as a service (SciGaP), a multitenanted gateway platform based on the open-source Apache Airavata software. We examine requirements for providing multitenanted platforms for CUI gateways and also the requirements for providing the same software as a multi-instance platform. In both cases, we assume the use of CUI-compatible resources from commercial cloud providers. Both approaches are technically feasible but have trade-offs that must be considered.","PeriodicalId":38836,"journal":{"name":"Meta: Avaliacao","volume":"15 1","pages":"19-26"},"PeriodicalIF":0.0000,"publicationDate":"2020-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Meta: Avaliacao","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/HUSTProtools51951.2020.00010","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"Social Sciences","Score":null,"Total":0}
引用次数: 4
Abstract
This paper examines scenarios in which science gateways can facilitate access to cloud computing resources to support scientific research using regulated or protected data stored on clouds. Specifically, we discuss the use of science gateways to access Controlled Unclassified Information (CUI), a US regulatory standard that covers a broad range of US federal government-owned or regulated data, and that also provides a useful proxy for other types of sensitive data, such as private sector intellectual property. We focus on the impact of CUI requirements on science gateway platforms that can be used to create and manage science gateway instances. Gateway platforms are centrally operated by gateway platform providers who create and control gateway instances on behalf of gateway providers. Broadly, platforms operate following either a multi-tenant or else a multi-instance pattern. Multi-tenanted science gateway platforms are designed to support multiple science gateways simultaneously, with each gateway as a tenant to a single operational instance of the platform middleware. Multi-instance platforms, on the other hand, provide and manage an entire instance of the science gateway software for each gateway. This paper reviews these two scenarios from the perspective of the Science Gateways Platform as a service (SciGaP), a multitenanted gateway platform based on the open-source Apache Airavata software. We examine requirements for providing multitenanted platforms for CUI gateways and also the requirements for providing the same software as a multi-instance platform. In both cases, we assume the use of CUI-compatible resources from commercial cloud providers. Both approaches are technically feasible but have trade-offs that must be considered.