The Information Technology Shared Services (ITSS) team at the Agency for Science, Technology and Research (A*STAR) in
Singapore has developed a web-based system for automated authentication and
authorisation for end-users of the National Super Computing Centre (NSCC)
resources at the Institutes of Higher Learning (IHLs) in Singapore.
The Federated Identity Management (FIM) System allows staff,
researchers, and students at A*STAR, National University of Singapore (NUS), Nanyang
Technological University (NTU), Singapore University of Technology and Design (SUTD),
and Singapore Management University (SMU) to access e-Resources offered by the NSCC and
SingAREN, without the need to change
existing usernames or passwords of their home IHLs.
NSCC manages Singapore’s first
national petascale facility with high performance computing (HPC)
resources to support science and engineering computing needs for academic,
research and industry communities, while SingAREN is the sole provider of
local and international networks dedicated for serving the Research and
Education community in Singapore. SingAREN’s members consist of the
Institutions of Higher Learning (IHLs), Research Organizations, Government and
network industry players.
The proposed solution has been adopted by NSCC since it is a
proven working system. The solution is well-connected and integrated seamlessly
with the existing systems, as compared to the commercial products available in
the market.
The identity management system removes the risk of user
keying errors, as the users are automatically authenticated against their home
organisation. The system not only allows the members to sign-on to the NSCC
facilities, but also supports the users to access services across various
organisations, such as A*STAR, NUS, NTU, SUTD.
This project provides significant benefits for the end user,
service provider and Identity provider.
The end-user gets an improved user experience by accessing
more services, and there is no need for them to remember additional passwords.
The service provider can easily interface with the system,
thereby saving significant time in creating user accounts to access the new
services. Identity provider is the one who manages the single identity
management system (user accounts and passwords etc.), while allowing their
valid users to access more services in the federation.
Researchers, faculty staff and students from stakeholder
organisation of NSCC can self-register their accounts, anytime and anywhere (Web
Single Sign – On or WebSSO), immediately using their existing Username and
Passwords of the host organisation. This FIM User Portal also helps to
periodically verify the user access rights of staff – such as password changes every
3 months – due to built-in security features.
In the absence of the FIM system, it would be a highly
tedious process to register thousands of user accounts from different
organisations. Thus, FIM improves the overall staff productivity, and also
saves time and money. Furthermore, this provides the option to add more
organisations into the FIM system.
Through the FIM implementation, a total cost savings of about
S$250, 000 has been achieved, as it eliminated the need to buy a commercial
software available in the market. The amount of $250,000 cost savings has been
considered based on the customer quotation received from Centrify.
The FIM system also provides faster access to global
scientific databases and libraries. The system provides a ‘File Sender’
facility, a secure collaboration ‘Dropbox’ for sending/ receiving big files
globally.
Professor Tan Tin Wee, Chief Executive, NSCC, praised the
FIM system, saying, “FIM provides an opportunity for everyone in our
stakeholder institutions to have an universal access to NSCC supercomputers at
the level of most basic of resources, i.e., able to try it out, educate
themselves on the supercomputer, write and compile software, run very small
test jobs, learn how to submit jobs etc.”