Subject RE: VO challenges - article
From Paul Caskey <pcaskey@xxxxxxxxxxxxx>
Date Tue, 27 Oct 2015 17:43:10 +0000

Yep, there's that risk vs. reward that I mentioned.

And I would argue that all risk is perceived risk, otherwise we'd call it a threat.

So, we need to change perceptions and I don't think IT is the best place for that.

-----Original Message-----
From: Warren Anderson [wganderson12@xxxxxxxxx]
Received: Tuesday, 27 Oct 2015, 1:30PM
To: Jones, Mark B [Mark.B.Jones@xxxxxxxxxxx]
CC: Nick Roy [nroy@xxxxxxxxxxxxx]; Paul Caskey [pcaskey@xxxxxxxxxxxxx]; Thomas Scavo [trscavo@xxxxxxxxxxxxx]; Cantor, Scott [cantor.2@xxxxxxx]; Niels van Dijk [niels.vandijk@xxxxxxxxxx]; refeds@xxxxxxxxxx [refeds@xxxxxxxxxx]
Subject: Re: [refeds] VO challenges - article

On Oct 27, 2015, at 12:06 , Jones, Mark B <Mark.B.Jones@xxxxxxxxxxx> wrote:
  On 10/27/15, 11:45 AM, "Nick Roy" <nroy@xxxxxxxxxxxxx> wrote:
>> The problem is that the reward is something that (primarily faculty and
>> graduate students) get if their institution takes the (perceived,
>> incorrectly I
>> think) 'risk.'  The perceived 'risk,' in the US, in the case of R&S, seems
>> to be
>> based on some combination of fear and extreme risk aversion on the part of
>> IT
>> departments and possibly registrars, although I suspect many IT departments
>> never get as far as having a conversation with the registrars.
> [Mark] I don't think 'perceived risk' is the issue here.  There are no users
> here asking for this and so it is not on anyone's to-do list.  I think it
> would be an easy sell if it were a priority for someone not in IT.

In my experience, most researchers in research VOs don’t know what federated identity is or what it would buy them, so it’s not surprising that they’re not asking. If the VO has a computing person (or, fates forbid, a computing group), someone in the VO might know about identity federation and  want to enable it for their collaboration. Would having someone from NIH contact you and say “can you support R&S entity category for us so we can enable research for people on your campus” be enough to get it done? Because, if so, I might be able to arrange that.

In any case, I can assure you from personal experience that it is not the case that all IdP operators simply need to be asked and will then start supporting research VOs, even with R&S attributes. There are some large research campuses that we (LIGO) have been asking on many levels, including having on-campus researchers ask on our behalf, and still have not gotten R&S support. The reasoning we’re given supports Nick’s assertions - there is a perceived risk that someone somewhere on campus can’t sign off on. Whether that is the only or most pressing reason it is not done I can’t know.


+================[ WARREN G. ANDERSON ]====================+
| PO Box 413, Dept. of Physics, Milwaukee, WI 53201, USA   |
|   CANADA: (403) 617 6720          USA: (414) 212 5446    |