PODD (UQ)

PODD - AAF Enablement

Overview

The Phenomics Ontology Driven Data repository (PODD) is a NeAT funded project that will provide a Semantic Web enabled data repository for phenomics data resources. This project is being developed in collaboration between: the Australian Plant Phenomics Facility (APPF) (a collaboration between CSIRO, ANU and the University of Adelaide); the Australian Phenomics Network (APN) (a network of mouse phenomics centres including the ANU, the University of Melbourne and other institutions); the University of Queensland eResearch group and the Atlas of Living Australia (ALA). Phenomics is the systematic analysis of an organism’s phenotype and is determined through a combination of high and low throughput imaging and measurement based analysis platforms. The purpose of PODD is to be an open platform that captures, manages, annotates, distributes and publishes the data generated by these phenotyping platforms. It supports both the Australian and international biological research communities by providing repository and data publication services.

Goals

To integrate the access and authentication services of PODD with the AAF based services to allow institutional users seamless access to the PODD repository through the use of their own institutional IDs. Access and utilise AAF based user attributes in a secure and trusted environment for determination of user status and for supporting data publication processes through the authorised redistribution of user metadata. Utilise AAF based user attributes to support PODD Project Leader roles in determining project level (and consequent object level) authorisation. Through its role as an AAF service provider and the consequent ease of access we would demonstrate PODD’s utility to the biological research community. To generate services and data representation standards that would be accessible to the eResearch community in general and would contribute to the AAF community.

Scope

The PODD repository utilises Fedora Commons as its backend metadata repository. The PODD project team has chosen to bypass the Fedora Commons provided XACML based authentication and authorisation module because: a) it manages user information in an XML format that potentially exposes sensitive user information (i.e. passwords) in an un-encrypted form; b) the Fedora Commons authorisation methodology of retrieving metadata documents to determine user rights is inefficient when large numbers of requests are required, particularly where these files may be stored anywhere on the ARCS Data Fabric; and c) the XACML access control is at the digital object level, not providing sufficient context for application-level authentication and authorization.

Currently, to address these issues, the PODD development team have implemented a RDBMS based service for authentication and authorisation. This service is then integrated into the PODD service layer using the Spring Framework’s Security Architecture. The proposed scope would remove the reliance upon the existing process for Federation users.

Project Contacts

Primary: Gavin Kennedy PODD Project Manager 0413 337 819 g.kennedy1@uq.edu.au

Secondary: Jane Hunter Leader of the eResearch Lab, UQ 07 3365 1092 jane@itee.uq.edu.au