Account Management Use Cases

All computer systems need ways to identity the people who use them, limit/control their use, and ensure that community rules and expectations are honored.

Identity management describes how people identify themselves to applications and systems. Group management describes how people organize and name groups of individuals. Finally, Allocation management describes how a community authorizes and/or limits the use of community services by specific individuals or groups.


Allocation Management:

The use cases in this area describe ways a community manages access to its resources, including: project solicitations, proposal submissions, proposal reviews, and allocating resources to specific projects.

Research computers are powerful, but the demand to use them is larger than the capacity they offer. Access to these resources must be based on community priorities. The allocation system described in these use cases is used by the XSEDE system but is available to others as well. A central allocation system--one that researchers can use to request access to many resources--is important to ensure the easiest access by researchers.

(10 use cases)
Use Case ID Title Use Case Description
P2-01 Establish an Allocations Process
P2-02 Establish allocation review panel
P2-03 Add resources to allocations process
P2-04 Establish an allocation Submission Opportunity
P2-05 Submission of Allocation Request
P2-06 Manage review of Submissions to an Allocations Opportunity
P2-07 Submission of a Review
P2-08 Award or reject allocation request
P2-09 Allocation data reporting and access
P2-10 Customize allocation request data fields


Group Management:

These use cases describe how individuals need to manage and use group definitions. In its simplest form, a group definition is a list of people that needs to be maintained and used for some ongoing purpose. Groups can be used to coordinate research teams (e.g., authorizing use of a resource), for communication (e.g., managing an email list), or for project management (e.g., task assignments).

(12 use cases)
Use Case ID Title Use Case Description
GRP-01 Researcher manages membership of a project group
GRP-02 Manually create a group
GRP-03 Manually view or manage the configuration or membership of a group
GRP-05 Invite members to a group
GRP-06 Request membership in a group
GRP-09 Synchronize an external group
GRP-10 Automate a group's configuration
GRP-12 Use groups to control access within a resource
GRP-14 Use a group to control access within an application
GRP-15 Use a group for task assignments within an application
GRP-16 Use a group for email distribution
GRP-17 Drive project membership with an email message


Identity Management:

These use cases describe how researchers, scientists, and other community members register themselves with computer systems, prove their identities when using applications, and manage their identity data (user profiles).

(15 use cases)
Use Case ID Title Use Case Description
IDM-01 Register with a community
IDM-02 Login to a community’s user portal with a community username and password
IDM-03 Change a community user profile
IDM-04 Login to a community’s user portal with an identity from another organization
IDM-05 Link or unlink an identity from another organization
IDM-06 Login to a web application or science gateway with a community identity
IDM-07 Login to a locally installed application with a community identity
IDM-08 Login to a locally installed application with an SSH/X.509 key
IDM-11 Use a community identity for InCommon authentication
IDM-12 Single sign-on across community OpenStack resources
IDM-13 Authenticate to a resource’s OpenStack API
IDM-14 SSH access using a community identity for education
IDM-15 Lookup affiliated institutions for a community identity
IDM-16 Obtain affiliated institutions when an individual logs in to a service
IDM-17 Obtain a high-assurance X.509 certificate