Home » Identity and Access Management: CAF » Case Studies » LIGO

LIGO

Helping scientists surf a wave of data from LIGO

LIGO

What was the science problem?

Albert Einstein’s General Theory of Relativity theorized that black holes could create gravitational waves. To explore this phenomenon, scientists are exploring data generated by the detectors at the Laser Interferometer Gravitational-Wave Observatory (LIGO), a $2B scientific instrument operated jointly by MIT and CalTech.

Two detectors are part of LIGO, and these instruments are located in Louisiana and Washington State. Over 300 scientists operate and manage LIGO, but more than 1000 physicists, astrophysicists and astronomers worldwide have access to the data generated by the detectors. These scientists are engaged in a wide range of collaborative research projects using LIGO data, and require access to distributed data, tools and services to further their research.

Over 1,000 scientists worldwide are
securely accessing data from LIGO.

What was the identity problem?

Initially, groups of scientists started solving their collaboration issues by developing their own wikis, distribution lists, and code repositories, with each member of each group having to keep a long list of usernames and passwords for each of these sites. This solution was not sustainable, as the scientists wanted to focus on the science, not on managing multiple user accounts.

What was the identity solution?

The tech specialists at LIGO saw this problem and knew that there was a better way to approach identity and access management – that is, a better way to verify that the right people were accessing the information, and that they were authorized to access it. They started by building their own single sign-on infrastructure, with a plan towards evolving this to a federated model. The federated model, in which the user’s home institution verifies the identity of the user and, through a controlled release of information, verifies that they are authorized to access the data, is a proven and scalable framework, and scale is what the LIGO team requires. As LIGO is the locus for global scientific collaborations, scientists from a wide range of disciplines need to have access to data and services, and the federated identity framework is the solution that best supports the evolving needs of scientists.

Warren G. Anderson, Associate Scientist in the Physics Department at the University of Wisconsin, Milwaukee, says that “seamless and secure access to LIGO resources allows collaborating astronomers from around the globe to have access to some of the most extraordinary astrophysics datasets in the world. It means that they can coordinate with LIGO to make discoveries about the nature of our universe, and the forces acting within it, that no single instrument or group can make alone.”

Deploying the federated framework to support scientific collaboration using the data generated by the LIGO detectors was a great success. Many scientists who benefited from the federated model now want to use this model in new projects, as the scalable, proven approach to identity and access management was a perfect fit for the needs of global scientific collaborations.

A federated model for identity
and access management was
“the best infrastructure
for people to collaborate.”

What’s next?

The federated access and identity management model was “the best infrastructure for people to collaborate,” according to Scott Koranda, Senior Scientist at University of Wisconsin-Milwaukee. Currently, LIGO operates as an Identity Provider, verifying the identity of collaborating scientists, but they will eventually turn this function off and the home institutional credentials of scientists will be used to verify identities and enable access to services.

The success of the federated model paves the way for additional services supporting research collaborations, and so the LIGO team works closely with REFEDs, the organization that represents the mutual needs of research and education identity federations worldwide. REFEDs works to find consensus approaches that all identity federations can adopt, developing policy on issues such as interfederation, privacy, assurance, and relationships with partner communities.

The future is collaborative – and CANARIE’s
Canadian Access Federation
supports secure and seamless access
to global research resources.

For the team at LIGO, the integrity of the federated framework is a jumping-off point for a range of new initiatives, including working with international peers on cybersecurity, level of assurance, and multi-factor authentication.

Deploying a proven, scalable federated framework to enable global collaboration among hundreds of scientists was just one of the wins for the LIGO team –the big win was proving the existence of gravitational waves, corroborating Einstein’s theory and making a truly ground-breaking discovery in physics.

Download: LIGO Case Study