• Question: What sort of data do you control the access to?

    Asked by anon-257014 to Tom on 15 Jun 2020.
    • Photo: Tom Dack

      Tom Dack answered on 15 Jun 2020:

      My work is part of a science community called IRIS. The Science and Technology Facilities council and its partners provide computing resources to a whole range of different science activities, including things like the Square Kilometre Array Telescope, the Large Hadron Collider and the LIGO Gravitational waves experiment. The IRIS activity looks to unify a lot of the computing work being done to support these, so that the experiments can benefit from each other and best practice can be shared by all.

      One part of this is the desire to make it so that a researcher can use a single account – usually thier University ID – to access all of the resources and services which make up IRIS, rather than needing to have a separate account for each one. This idea is much like how you can use your Google and Facebook accounts to sign up to all different websites – we want to do similar with Science. My work is to put together an Identity and Access Management (IAM) service, which allows people to log into the different parts of IRIS using their science identity. The IAM then uses this identity to control who gets access to which resources, making sure a scientist only has access to the experiments they should do!

Comments

  • Photo: Nigel

    Nigel commented on :

    I look after data for the fuel and items (ice cream, grocery, fast food etc) we sell at petrol (gas) stations. We have thousands of sites and many millions on transactions, so it’s a fair bit of data!
    In some countries they are more sensitive about the data and who can see what. Therefore we have access controls to ensure users can only see the data they are supposed to. There is a technique called Row Level Security which is basically some code that looks at the data line by line and determines whether that user can see that data or not.