doc updt

docs/WP/authentication_access_control.md

@@ -0,0 +1,27 @@
+# General architecture
+
+Each OpenCloud instance will provide an OpenId interface. This interface may be connected to an existing LDAP Server or a dedicated one.
+The main advanytage of this distributed solution is that each partner will manage it's own iusers and profiles. It simplifies access control management as each peer does not have to be aware of other peers users, but will only define access rules globally for the peers.
+
+# Users / roles / groups
+
+
+# User permissions definition 
+
+Each OpenCloud instance will manage it's users and their permissions :
+On a local instance :
+* a user has permission to start a distributed workflow in using remote peers 
+* a user has administrative rights and may change the service exchenge rates
+* a user is limited to view financial information on the instance
+* a user belongs to a group (that may represent a project, a department,...)
+
+# Authentication process
+
+Each OpenCloud peer will accept a company as a whole.
+Upon user connection, it will receive user rights form the origninating OpenId connect server and apply them. ex: specific pricing for a group (company agreement, project agreement, ...)
+A collaborative workspace
+
+
+# Resources don't have an url
+They will map to an internal url of the service
+Once a workflow is initialized and ready for launch temporary urls proxying to the real service will be provided to the wokflow at booking time

docs/WP/oc-accounting.md

@@ -0,0 +1,8 @@
+# Description
+
+The oc-acounting service will aggregate billing information for each peer in a daily(TBC) basis.
+Payment will b 
+
+# Requirements
+
+*

docs/WP/oc-currencies.md

@@ -0,0 +1,4 @@
+# Description
+
+The oc-currencies service is able to convert oc-coins current value to or from main currencies (€/$)
+It allow to display real currency total cost in all user interfaces, and to update product with a real currency fixes price to the fluctuating oc-coin value

docs/WP/oc-own_usage.md

@@ -0,0 +1,11 @@
+# Description
+
+The oc-own_usage service will monitor and store the consumption data for all the workflows initiated from our own OpenCloud instance.
+The collected data will be accessible both in real time and for past workflows for the user that sent them and the allowed profiles in the current OpenCloud instance
+Collected data will also be used to prevent abusive peers billing after a workflow execution.
+
+# Requirements
+
+* A user sending a workflow in a distributed environment shall be able to monitor it's resource consumption
+* The resource consumption shall be available in both techical data (Storage/time,RAM/time,CPU/time) and monetary (coins / currency)
+* The consumption information may filtered by peer, getting the full consumption data for each peer involved in the current workflow. This information may be use by the user to analyze/optimize its future workflows. it will aslo be used by the accounting system to check consistency between peers billing and monitored consumption.

docs/WP/oc-peer.md

@@ -0,0 +1,14 @@
+# Description
+
+This component holds a database of all known peers.
+It also performs the required operation when getting a new peer/group request :
+* Shows peer identity/certificates
+* Accept or reject a peer/group as partner
+* Define allowed service
+* Define visibility
+* Create a dedicated namespace if allowed to use our Compute and quotas
+* Define storage quotas
+* Generate access keys for the services
+* Returns the answer and interfacing data to the requester
+
+

docs/WP/oc-rates.md

@@ -0,0 +1,13 @@
+# Description
+
+The oc-rates service define the applicable rates for services in our own OpenCloud instance
+(data storage, RAM usage, CPU time, GPU time, HPC cluster execution, ...)
+A default rate shall be defined for all public peers. 
+Peers/groups (project) having a specific agreement may benefit of custom rates
+
+# Requirements
+
+* An authorized user (specific permission) will be able to define default rates and specific peers rates.
+* The default rates shall be accessible to every internal and external user.
+* The custom rates shall be only accessible to users belonging to the relevant peer
+* 

docs/WP/oc-resource-usage.md

@@ -0,0 +1,11 @@
+# Description
+
+The oc-peers_usage service will monitor and store the consumption data of all the peers workflows involving our own OpenCloud instance.
+The collected data will be accessible both in real time and for monitoring the current OpenCloud instance workflows in order to perform peers billing.
+
+# Requirements
+
+* The resource  consumption shall be available in both techical data (Storage/time,RAM/time,CPU/time) and monetary (coins / currency)
+* The resource consumption shall be available to the user that started a workflow/donwloaded data from our instance for the related items (related workflow(s) and data)
+* The complete resource consumtion for a peer/group(project) shall be available to users granted with a specific permission
+* 

docs/WP/oc-sync.md

@@ -0,0 +1 @@
+This service offers realtime shared data synchronization between OpenCloud instances.

docs/WP/rbac.md

@@ -0,0 +1,63 @@
+
+# Actions for people from my DC
+
+## Search 
+
+ - Allow internal
+ - Allow distributed
+
+## Workspace
+
+ - Allow share 
+
+## Workflow editor
+
+ - Allow edit
+ - Allow book
+ - Allow send
+ - Allow share
+
+# Resources
+
+ - Allow view/read/write
+
+# Peer
+
+ - Allow requesting partnership 
+ - Allow accepting unknown
+
+# User
+
+ - Allow adding
+ - Allow editing
+ - Allow editing myself
+
+# Actions for people from other DC
+
+## Search 
+
+ - Allow search
+
+## Workspace
+
+ - Allow share with me
+
+## Workflow 
+
+ - Allow book
+ - Allow send
+ - Allow share with me (implied by Workspace)
+
+# Resources
+
+ - Allow view
+ - Price depending on Peer/User/(project=>Collaborative Area) ?
+
+# Peer
+
+ - Allow requesting partnership 
+
+# User
+
+ - Allow checking credentials
+ - Allow getting profile