June 2023

Backbone Services

AAI: Fostering the participation of non Helmholtz IdPs in Helmholtz AAI

Users from numerous non-Helmholtz organisations can in principle access Helmholtz AAI and Cloud services by logging in via their home IdP. However, lack of standard conformity, local policies and technical inconsistencies frequently prevent successful authentication, frustrating the users and also putting high load on the HIFIS support. A frequently used workaround, authenticating via social IdPs (ORCID, Github, Google) allows users to access our services with caveats. Using AAI statistics of user’s originating organisations, we will identify organisations with significant numbers of users, and non-working IdP based authentication, so that we can concentrate efforts on actively integrating these organisations systematically. The identification and workflow to do so is planned to be established by late spring 2023, with follow-up work being continuous.

HIFIS Overall

Follow-up process on user feedback

HIFIS provides numerous channels that already allow users and user groups to funnel their feedback on HIFIS services. The tools include the single point-of-contact Helpdesk, direct feedback in the Helmholtz Cloud Portal, surveys, the Helmholtz Cloud Service Operation KPI, and many more. Until summer, we will streamline the processes to follow-up on user queries, including selection and priorisation. We will decide on potential additional or altered formats to systematically obtain user feedback. Further, the reporting (KPI) will be adapted, moving a bit away from reflecting the build-up of services, towards the representation of user acceptance and user satisfaction.

Software Services

Empower CI/CD part two

Again, a special focus will be put on Continuous Integration (CI). For this purpose, the team offers a container workshop or GitLab-CI workshop once per quarter. In addition, general CI support for Windows will be added to the Helmholtz Codebase.

Software Spotlights in the Helmholtz RSD

The Helmholtz Software Spotlights found their new home in the Helmholtz RSD. The Spotlights previously presented at will be migrated to the Helmholtz RSD and presented there from now on.

Software Services

Improve Consulting Outreach

After filling the vacancies, the consulting team will put dedicated efforts to increase outreach and awareness of the consulting service in Helmholtz.

Cloud Services

GDPR Joint Controller Agreement about Helmholtz Cloud Core Components

In close cooperation with the Helmholtz Data protection officers, a Joint Controller Agreement is finalized that is regulating the processing of personal data in the Helmholtz Cloud Core Components. The Core Components are needed to run the Helmholtz Cloud: Helmholtz AAI, Helmholtz Cloud Portal, Service Database and Helpdesk.

July 2023

Backbone Services

First Coordination of future operational Cybersecurity Activities

The HIFIS Backbone cluster, together with Cloud cluster, will define first coordinating steps to align with Helmholtz KoDa’s activities in fostering Operational Cybersecurity.

HIFIS Overall

Incubator Workshop: Presentation of future developments

In the Helmholtz Incubator Workshop to be held in July, HIFIS will present the envisioned future developments, especially in the light of the advises given during HIFIS evaluation.

August 2023

Backbone Services

AAI: Deprovisioning of inactive / non-present users

The technical tooling of asking IdPs to report the status of a specific user via Attribute Query, is supported by the Helmholtz Community AAI. For summer, we plan to put the automated deprovisioning process into action for users that have not logged in to Helmholtz AAI by more than a defined grace time, either by a) querying IdPs which support this until then, or b) querying users via email to log in again. The deprovisioning information is then forwarded to connected cloud services.

Cloud Services

Access List DB manages the resource bookings in the Helmholtz Cloud

The Helmholtz Cloud Portal allows to book resources within specific Helmholtz Cloud Services. In order to know who is allowed to book which type of resource in which capacity, an access list is programmed in the service database Plony. This brings together the information about the resource booking in the Cloud Portal and the group membership in the Helmholtz AAI.

September 2023

Backbone Services

AAI: Integrate most relevant federations, based on negotiated use cases (pilot)

Any completely transparent interconnection of Helmholtz AAI with other federations, such as EGI Checkin, ELIXIR/Lifescience, or Indigo IAM, is notoriously problematic due to many degrees of freedom of such implementations (and thus potential conflicts) in terms of user lifecycle management, authorisation management, group memberships, applying policies and more. In coordination with specific user groups using infrastructures from other federations and communities, we will define specific technical and administrative procedures to enable the negotiated use cases while minimising the abovementioned problems.

HIFIS Overall

Detailed elaboration on long-term plans

Following the first presentation of envisioned future developments of HIFIS in the Helmholtz Incubator Workshop in July, further details are planned to be worked out until fall 2023.

Software Services

Incubator Summer Academy #2

The second iteration of the Incubator summer Academy will take place in September. As last year, the event, which is jointly organized by all Incubator platforms, will offer a broad portfolio around the topics of Research Software Engineering, Data Science or Artificial Intelligence.

Cloud Services

Submission of the Cloud Regulations to the Helmholtz Assembly of Members

The draft rules comes to an accepted solution for all touched diciplines: general legal, VAT, and state aid topics. Stakeholders such as data protection officers and works councils are informed. The Assembly of Members of the Helmholtz Association have received the document for signature, so that the use of technical resources within the context of the Helmholtz Cloud are regulated.

Cloud Services

For the user to easily find up-to-date documents related to the service (e. g. AVV templates), we will set up a download area in Plony. Logged in users find all documents related to the service in one central place. In order easily find the download area, every service card will include a counter, thus giving the user the information how many documents can be found in the download area (including a link to get there).

October 2023

HIFIS Overall

HIFIS All Hands Meeting

Having worked out the future plans for HIFIS and possibly with a first feedback from the Helmholtz Assembly of Members to be held in September, we will gather in an all-hands meeting in or nearby Dresden / HZDR. HIFIS stakeholders such as SAB and Federation Board will be invited.

November 2023

Backbone Services

AAI: Robot accounts, group accounts

Group Accounts and Robot Accounts are not yet fully supported by DFN AAI and thus Helmholtz AAI. As such accounts are envisioned to play an increasing role in the Helmholtz AAI and Helmholtz Cloud, HIFIS will foster to establish an AARC guideline to fully support such accounts. In parallel, HIFIS will provide first conceptually compatible implementations so that ongoing use cases can be supported soon.

Software Services

Helmholtz Software Award

For the first time, an award for high-quality research software will be granted in Helmholtz.

Backbone Services

AAI: Policy Review Process (close collaboration with Cloud Cluster)

With experiences made during the annual housekeeping, user deprovisioning, adoption of new use cases (for example, including robot accounts), and updates in the upstream AARC guidelines (SIRTFI-v2, REFEDS Assurance Framework V2), the AAI policies may need regular updates. This and yet to be defined elements will be part of the policy review process that is due to be defined. As this strongly related to similar review activities of the HIFIS Cloud cluster for the Helmholtz Cloud services, there will be a close collaboration between clusters on this.

Software Services

Improve software quality to uphold policy standards

Best practice workflows are to be defined on the basis of the guidelines for the sustainable handling of research software that are currently being established at Helmholtz. These can be used to check compliance with certain criteria as automatically as possible and to award software quality badges for research software. Initial work in this area is expected to be ready for presentation towards the end of 2023.

December 2023

Software Services

Empower CI/CD part two

New functionalities will be enabled by a closer connection of the services Helmholtz Codebase and Mattermost with the Helmholtz Cloud Portal. This will, for instance, add support for VOs or allow the automatic deprovisioning of users.