Our booth number is 4610

National Institute of Informatics

The National Institute of Informatics (NII) seeks to advance integrated research and development activities in information-related fields, including networking, software, and content. NII also promotes an authentication and authorization infrastructure for HPCI (High Performance Computing Infrastructure).

High Performance Computing Infrastructure (HPCI) creates a revolutionary shared computing infrastructure that meets the diverse needs of a wide range of users, including the industrial sector. The authentication and authorization infrastructure (AAI) provides HPCI users with a single sign-on environment that enables seamless access to HPCI supercomputers and storage resources by utilizing access tokens (OAuth 2.0) along with SAML. However, the HPCI AAI is currently closed and does not cooperate with IdPs operated by home organizations to which users belong. Therefore, we are going to develop an integration model of home IdPs with HPCI AAI.

Ceph is a multi-tenant, high-throughput, distributed storage system widely used in HPC environments. It provides logical isolation through identity-based authentication and authorization. However, all client and server nodes still share a single public Storage Area Network (SAN). To achieve defense-in-depth, we developed Secure Ceph, which locks down RADOS connections by partitioning the Layer-3 public network among tenants using VLANs. This network-level isolation also strengthens authentication by validating requests against their VLAN origin. Secure Ceph thereby enables confidentiality-sensitive workloads in secure HPC environments.

This project aims to realize secure Internet of Things (IoT) systems through the concept of zero trust by the fusion of formal verification and system software technologies. In formal verification research, we propose the “rabbit” formal verification language for system software researchers. In system software research, we have developed software certification and software update frameworks, and a monitoring & policy enforcement scheme for IoT systems.

The project web page is https://zt-iot.nii.ac.jp/ .

Big data generated by numerous indoor and outdoor IoT devices must be securely analyzed in real time to create various innovative services. SINETStream is a software library that enables the easy development of secure and efficient IoT applications over the environment.

NII provides computational services that cooperate with our research data platform called NII Research Data Cloud (RDC) to promote open science and support the reproducibility of data-driven science. We introduce (1) SINETStream, a pub/sub messaging library and brokering service, (2) GakuNin RDM Data Analysis Function, a JupyterHub service integrated with our research data management service, and (3) a Reproducible Package Function that supports the reuse of research software and its runtime environment.

The National Astronomical Observatory of Japan (NAOJ) is considering a hybrid cloud architecture comprising its on-premises system and additional public cloud services. Adopting public cloud services will reduce the total cost of ownership, allow the use of state-of-the-art technologies, and establish BCP. However, no methodology exists for designing an optimal architecture to realize these advantages. We have been conducting case studies on storing and analyzing ALMA radio telescope data in public cloud services, in collaboration with NAOJ, to demonstrate best practices and discuss the design of a suitable architecture.

In higher education, there is an increasing demand for reproducible environments to support HPC and data science exercises. While JupyterHub enables the provision of a unified environment, challenges remain in managing multiple concurrent exercises and maintaining the infrastructure itself. To address these issues, we propose MCJ-CloudHub. It supports the management of multiple courses through Moodle integration and enables GPU-based exercises. Furthermore, by utilizing VCP (Virtual Cloud Provider), it can be flexibly deployed across both on-premises and cloud environments.