User Roles

A user roles is based on a person type, a category of persons defined by the role or roles they share that are relevant to the architecture. User roles are contextual, typically limited to the scope of resources. For example, an owner would have elevated privileges only for the resources they own; they would be considered a regular user in the context of any resource they do not own. Table 16 defines the person types in the INTERSECT architecture.

Table 16 Person type roles and descriptions.

Person Type

Description

Example

User

Using the system (not responsible for administration)

A User leverages the SDK on multiple Resources to compose and run a scientific campaign.

Maintainer/Operator

Maintains one or more resources; different view of system (i.e., in contrast to User)

An Operator installs and configures the SDK on one or more Resources in addition to setting up (e.g. - loading chemicals into vials) and tearing down (e.g. purging tubes of all chemicals) the setup for each campaign

Administrator

Maintains one or more systems; complete view of “their” system (their jurisdiction /domain/realm/area). Limited to a given jurisdiction (i.e., their administrative domain)

An Administrator grants/approves new Resources, where the SDK is installed, to be added to the INTERSECT ecosystem

Owner

Individual fiscally responsible for a resource; Vested interest; Possibly approver for a resource

An Owner purchases Resource(s) and delegates maintenance and operations to Operators. Owners could be Group Leaders to an Associate Lab Director

Provider

Manufacturer of a Logical (e.g. INTERSECT services) or Physical Resource (Computing, Observational, Data, Networking). Provider creates the Resource that the Operator maintains.

Examples include manufacturer of a scientific instrument, NVIDIA for an edge compute Resource, INTERSECT SecDevOps is provider of core INTERSECT SDK

Minimum requrement

At minimum, the defined user roles are reflected and enforced in all parts of the INTERSECT federated ecosystem through the User Management System.

Optional requrement

Optionally, user roles of external resources and services are reflected and enforced through the use of Adapters for External Resources and Services in the User Management System