ESA > Join & Share > HMA-T > HMA-T Contribution Terradue

HMA-T Contribution Terradue

HMA-T User Management in G-POD


In its current design and implementation, G-POD authentication and authorization are solely directed to a GRID infrastructure point of view. No interoperability other than the GSI, exists with identity management interfaces from other data and service providers.

This activity package has the objective of improving the harmonization of the authentication and authorisation approaches between HMA and the Grid Processing on-Demand infrastructure (G-POD). This harmonisation will allow the integration of the G-POD security model in a federated structure of ground segments and processing centres with common authorisation interface.
This work package will design and implement a prototype of the HMA User Management protocol (OGC 07-118) that will interface and be integrated with the G-POD system. The work will focus on adapting the underlying gridify component, (Attribute Authority Service) with a SOAP Web Service gateway enabling authentication and authorization requests from external services.

This gateway will expose the necessary methods to query the attributes of a given user according the above specification.
Following this implementation and integration it will be demonstrated its conformance with the specification. In it, conformance test scripts and test pages will be deployed and the OGC CITE11 test environment will be used. For this activity the bidding team will develop, deliver and deploy the necessary conformance test scripts and the necessary auxiliary test data required for their execution.

Activity Objectives and Challenges

G-POD User Management

Based on the Grid Security Infrastructure (GSI)

  • Secure communications between elements of a computational Grid.
  • Security across organizational boundaries, (without a centrally managed security system)
  • User�s â�?Single sign-on", including delegation of credentials for computations that involve multiple resources and/or sites

GRID Technology develop comprehensive infrastructure to handle common issues:

  • Security and �single sign onâ�? with X509 certificates
  • Cross-community workgroups formation -�Virtual Organizationsâ�?
  • Dynamic discovery and utilization of shared resources and services
  • Location transparency (of users, computing resources, data etc.)
  • Workload scheduling and load-balancing
  • Accounting, auditing and traceability


  • Harmonization of auth/N and auth/Z between G-POD and HMA
  • Assess the potential of 07-118r1 in a Grid infrastructure
  • Promote the usage of 07-118r1

Expected Output

Prototype SOAP Gateway implementing 07-188r1 integrated in G-POD (reference platform @Terradue)

Work Plan

MilestonePlanned DateDescription
KO T02-3 July 2008Kick Off
CDR T0+7M January 2009
AR-2 T0+9M March 2009Acceptance Review
FPT0+11MJune 2009Final Presentation of revised documents

Related HMA Specifications

OGC 07-118: User Management

Companies and contacts


A private company focusing its activities on the usage of web services, GRID and peer-to-peer technologies to support distributed spatial data management, and high performance computing applications in collaborative digital environments

For technical matters Pedro Gonçalves pedro.goncalves (at) terradue.com
For management issues Fabrice Brito fabrice.brito (at) terradue.com


The Rutherford Appleton Laboratory (RAL) of the UK Science and technology Facilities Council (STFC) has considerable experience applying OGC specifications for earth observation and the earth sciences more generally. The UK NERC Earth Observation Data Centre is hosted at RAL, as part of the Centre for Environmental Data Archiving.

For technical matters Andrew Woolf

Contributors to this page: SSE Operations Team

Page last modified on Thursday 21 of October 2010 14:04:42 CEST by SSE Operations Team.

Category: HMA-T