The D4Science e-infrastructure will be the core platform of the Blue-Cloud VRE.D4Science holds a generic VRE with many core services for building and running multiple Virtual Labs, dedicated to specific research targets. The D4Science e-infrastructure benefits from proven solutions for connecting to external computing platforms and means for orchestrating distributed services, which will be instrumental for smart connections to the other e-infrastructures in Blue-Cloud, namely EUDAT and DIAS (WekEO).
D4Science.org provides access to services and data via Virtual Environments, called Virtual Laboratories in Blue-Cloud. Each VLab enables services and data exploitation to the authorized users of the VRE.
Type & number of data sets
D4Science serves different domains in 50+ countries worldwide.D4Science hosts +150 Virtual Research Environments (VREs) to serve the biological, ecological, environmental, social mining, culture heritage, and statistical communities world-wide.
The D4Science Security
D4Science.org provides access to a set of services hosted by different organisations in the EU. The connection between the sites is secured through Transport Level Security (TLS), which provides communication security over the computer network.
D4Science.org ensures privacy and data integrity between two communicating computer applications. In particular, any connection between a client (e.g., a web browser) and a D4Science.org server has the following properties:
- Private (or secure) connection through the adoption of symmetric cryptography, which encrypts the data transmitted. The keys for this symmetric encryption are uniquely generated for each connection and are based on a shared secret (negotiated at the start of the session). The server and client negotiate the details about which encryption algorithm and cryptographic keys shall be used before data are transmitted. The negotiation of a shared secret is both secure, as it is unavailable to eavesdroppers (and even not to attackers who place themselves in the middle of the connection). For this reason, D4Science is reliable, as no attacker can modify the communications during the negotiation without being detected.
- Authentication of communicating parties happens by using public-key cryptography. This authentication can be made optional on the client’s side, however it is ensured on the server’s side.
- Integrity of the connection is ensured as each information transmitted is linked to a message authentication code to prevent undetected loss or alteration of the data during the transmission.
- Forward secrecy ensures that a future disclosure of encryption keys cannot be applied to decrypt any TLS communications recorded in the past.