Virtual Organisations for Collaboration
In some eResearch activities (e.g. the ecoinformatics project) the best way to enable collaboration is to use a Virtual Organisation or VO. A VO is a secure, web-based, online collaboration space where a group of authorised collaborators can share files and data and access common tools without the problems associated with firewalls and compatibility.
The VO is analagous to a bricks-and-mortar organisation or company. A company usually has a defined purpose, colocates its staff in a secure environment (to collect together and protect proprietary information) and provides workspaces, shared facilities (meeting rooms, filing cabinets, libraries, communications etc) and administration (HR, finance etc). In the VO the bricks-and-mortar are replaced by computers and web pages. It's not necessary to colocate the members of a VO; their "office" is on-line and accessible anywhere connected to the internet.
For security and privacy every VO user is assigned to a group. Within each group there are workspaces; these contain the content that the user is authorised to access. In the company analogy the groups might be "management", "HR", "finance", "sales" etc. A person in the "sales team" workspace might be authorised to see their own HR records, summary data from finance and all of the sales information but nothing else - the content in a VO can be partitioned similarly to provide Role Based Access Control.
One aspect of the VO that has no parallel to regular organisations is that they can be set up quickly and for special purpose and closed down with little consequence when the job is done.
Elements of the VeRSI VOs - Identity and Authorisation
VeRSI VOs are accessed using Shibboleth. The Shibboleth website provides the definition;
| "The Shibboleth System is a standards based, open source software package for web single sign-on across or within organizational boundaries. It allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner." |
There are two prerequisites to accessing a VeRSI hosted VO;
1. You must have be registered at either an institutional Identity Provider (IdP) or the VeRSI Open IdP; and
2. You must be authorised to use the VO by the moderator who will assign you a workspace and set up permissions governing what content and applications you can see and what you can do to it (e.g. read, add, edit).
If you are at an Australian university, contact the IT help desk to find out if your university has a Level 2, Federated IdP, that you have had an account set up for you and what you username and password are.
If you're not at an Australian university or if your institution does not have a Level 2 IdP, visit the VeRSI authorisation site at http://versi.edu.au/register to request an account on the VeRSI Open IdP. Please note you may be required to provide photo-id as proof of identity.
Once you have an account you have to contact your VO moderator who can set up your access and permissions at the VO site. If you don't know who VO moderator is please contact VeRSI and we can advise.
Elements of the VeRSI VOs - Collaborative Tools and Applications
The VO is a web based environment that hosts links to collaborative tools and applications including wikis and blogs, project management tools, messaging and communications tools, calendaring, repositories and data stores.
An important concept in VOs is that the tools and applications do not have to be co-hosted; they can be hosted anywhere on the Internet and integrated into a VO by virtue of the fact that they support Shibboleth.
In the case of VeRSI the VO is powered by the MAMS IAMSuite hosted on a dedicated server.