Create reproducible research environments
As a researcher or research supporter you can create a workspace for a specific research project. In SURF Research Cloud this research environment is called a workspace. But how do you keep track of the things you have installed in the workspace? And what if you want to reuse the workspace later with some small adjustments?
Research Cloud is based on the principle of infrastructure-as-code. Research Cloud catalogue items are human readable scripts that can be versioned. When executed within Research Cloud they provision the research workspace exactly as the configuration file specifies. The specified research workspace may consist of IaaS, PaaS or SaaS resources and may contain datasets so you can rebuild your workspace at any time. Or you can choose to only reuse certain parts of the script to generate a new workspace for a new research project.
Use the best resources for your research
For your research you might have some specific compute or storage requirements. So how can Research Cloud accommodate these special needs? With Research Cloud you can manage HPC Cloud resources and connect to Research Drive. Connections to iRODS instances at SURF will also become available. Public cloud providers via SURFcumulus as well as on-campus OpenStack solutions will be added to the available options in Research Cloud. This allows you to always choose or combine the best compute and storage infrastructures for your research.
Work together securely
Researchers increasingly work together in multidisciplinary teams and across the borders of institutes and countries. So how can you provide fellow researchers with secure access to the research workspace? With SURF Research Cloud authentication is easy. SURF Research Cloud is integrated with SURF Research Access Management. This provides an Authentication & Authorisation Infrastructure-as-a-Service which is based on the AARC blueprint architecture.
The European AARC-project identified all the access challenges researchers face and created the blueprint architecture based on these findings. This allows you to fully manage the access of researchers within your research group.
SURF Research Cloud is a NWO funded innovation project with a primary focus on delivering Platform as a Service functionality on top of already existing HPC Cloud and SURF storage services. Via SURFcumulus, SURF Research Cloud also offers the possibility to integrate public cloud services within your research environment. The usage of SURF Research Cloud is free of charge in 2020. However, there is a charge for using the underlying compute and storage infrastructure. Find out how you can apply for grants on the page Apply for access to compute services.
Security is important for researchers. You need to be sure that your research data is safe. SURF Research Cloud is developed according to high requirements and standards for research applications. SURFsara is ISO 27001 certified. Based on our security policies, SURF Research Cloud is tested for vulnerabilities with yearly pentests.
These certifications and tests apply to the SURF Research Cloud service only and not to the workspaces that are controlled by the user. Within SURF Research Cloud, you are allowed full control of the workspace. So changes can be made by the researcher, in close cooperation with the research supporter, to decrease or increase security settings of a workspace. This will always be the responsibility of the user and will only apply to the workspaces owned by the researcher. If for some reason the auditing or certification of a workspace is required, it might be an option to involve our SURFaudit service.
SURF Research Cloud is GDPR compliant. For accessing the service, you need to sign an Acceptable Use Policy. In case personal data is processed, a separate Data Processing Agreement needs to be agreed on. In case you intend to process sensitive data (such as special categories of personal data), you are responsible for taking the necessary measures within you workspaces to adequately secure this data.
SURF Research Cloud is a federated environment built for open science. This means the design is very flexible and can accommodate connections to other services. Those services can be existing or new SURF services, external services and on-campus services. Possible options to integrate with SURF Research Cloud are:
- Connect on-campus identity provider through SURF Research Access Management
- Add on-campus compute resources (OpenStack) as a resource provider to SURF Research Cloud
- Add additional (on-campus) storage options via for example iRODS
- Connect with branded versions of SURF Research Drive.
At this time the above mentioned options are piloted or still under development.