Contact IT Support

 

 

 

 

 

 

Secure DataWaha (SDataWaha)

Secure Research Data Storage at KAUST

For full step-by-step instructions with screenshots, you can also download the complete PDF guide:
View SDataWaha Guidelines & Operating Procedures (PDF)

Overview

SDataWaha is KAUST's secure data storage and archiving platform for sensitive research data, including human genome datasets. It ensures high levels of security, privacy, and compliance, supporting NIH guidelines, BEC, ISO 27001, KAUST security policies, and Dell EMC best practices.

  • Encryption at rest, in transit, and during backup
  • Authentication via KAUST Active Directory (AD)
  • Granular access controls based on user roles
  • Integrated with KAUST-managed systems (Windows, Mac, Linux)

Note: Users must meet specific technical and security requirements. See assumptions below.

Access Assumptions

  • Only authorized users may access SDataWaha via KAUST AD credentials
  • Service is hosted in the KAUST Data Center (Building 14)
  • Access is restricted to IT-managed Mac, Windows, or Linux devices
  • Linux access requires NFSv4 with Kerberos and Active Directory integration
  • Windows/Mac access requires SMB 3.x with encryption
  • Folder owners are responsible for managing access permissions

Storage Quotas

Each PI, Research Center, or Core Lab folder receives:

  • 20 TB of active storage (Tier 1)
  • 80 TB of archival storage (Tier 2)

Note: This quota includes both DataWaha and SDataWaha usage combined.

Requesting Storage

To request storage, submit a ticket through VITA and indicate:

  • SDataWaha Disk Storage
  • Whether encryption is required

Requesting Additional Capacity

  • Above 20 TB: A business justification is required
  • Above 100 TB: Funding approval is required
  • Cloud expansion is available (cost subject to discussion)

Data Archive Policy

  • Each folder must have a data management plan
  • Files older than 180 days are automatically migrated to Tier 2 (cold storage)
  • Data archive is seamless and transparent to users

Folder Structure

Each folder follows a unique path such as:

/sdatawaha/<PI Folder>
/sdatawaha/<RC>
/sdatawaha/CoreLab

Authentication & Access Protocols

  • Authentication: KAUST Active Directory (Portal ID)
  • Windows/Mac: SMB 3.x with encryption
  • Linux: NFSv4 with Kerberos (only for approved datacenter devices)

Limitations

  • SDataWaha is not intended for running compute jobs
  • No access from HPC compute nodes (e.g., Shaheen, IBEX)
  • Only accessible from KAUST-managed and approved devices

Remote Access

Accessing SDataWaha from outside the KAUST network requires an active KAUST VPN connection.

Access Instructions by Operating System

Linux

Linux devices must use NFSv4 with Kerberos. Contact IT Storage for assistance with automount configuration.

sdatawaha.kaust.edu.sa:/ifs/sdatawaha/<PI Folder> /sdatawaha/<PI Folder> nfs4 rw,proto=tcp,nfsvers=4.0,sec=krb5p,noatime,acl,intr 0 0

Windows

\\sdatawaha.kaust.edu.sa\<PI Folder>

Note: Only SMB 3.x with encryption is supported.

Mac

smb://sdatawaha.kaust.edu.sa/<PI Folder>

Note: Only SMB 3.x with encryption is supported.

Data Transfer

  • Windows/Mac: Use standard copy tools after mounting SDataWaha
  • Linux: Use rsync to/from dm.kaust.edu.sa
  • HPC login nodes: Use rsync from ilogin or Shaheen login nodes

Permissions & Access Control

  • Access is controlled by Active Directory group permissions
  • Folder owners can manage access by modifying AD group membership
  • Additional access control can be applied via Windows

Default Directory Permissions

  • PI AD Group: Full control
  • Users: Full access
  • Others: No access

DataWaha is KAUST’s scalable research storage solution designed to meet the high-capacity needs of Principal Investigators (PIs), research centers, and core labs. It offers both active and archive storage, with secure access and flexible data management options.

Getting Access

To request access to DataWaha, contact KAUST IT through one of the following support channels:

  • Chat with VITA — available 24/7
  • Call the IT Service Desk at 910 (on-campus) or 012-808-0910 (off-campus), available 8:00 a.m. to 5:00 p.m., Sunday–Thursday
  • Visit the IT Walk-In Support Desk in the IT Building (Building 14), open from 8:00 a.m. to 5:00 p.m., Sunday–Thursday (closed for lunch from 12:00 to 1:00 p.m.)
  • Submit a request via the IT Service Desk

Storage Quota

Each Principal Investigator (PI) is provisioned with:

  • 20 TB of Tier-1 (Active) Storage
  • 80 TB of Tier-2 (Archive) Storage

This total allocation of 100 TB covers both DataWaha and SDataWaha. Additional storage can be requested by submitting a business case. Expansion is available through PI-funded resources.

Data Archiving

All DataWaha users must implement a data management policy for their folders. Inactive or "cold" data should be moved to object storage for long-term, cost-effective archiving. KAUST IT can support you in setting this up.

Folder Structure

Each DataWaha directory is unique and typically follows this naming convention:

  • /datawaha/<PI_Name>
  • /datawaha/<Research_Center>
  • /datawaha/Corelab

Access and Authentication

DataWaha uses KAUST Active Directory credentials (your KAUST Portal ID) for authentication. You can access it using the following protocols:

  • CIFS/SMB — Available on any device within the KAUST network
  • NFS — Limited to data center environments such as dm, OpenStack VMs, and remote Linux workstations
  • HTTPS (OwnCloud) — For browser-based access

To access from outside the KAUST network, a VPN connection is required.

Limitations

  • DataWaha is intended for data storage only.
  • It cannot be used to run compute jobs.
  • It is not accessible from HPC compute nodes, including Shaheen and IBEX.

Connecting to DataWaha

You can access DataWaha from most platforms using the methods below.

Linux

DataWaha can be accessed on Linux using either a graphical interface or the command line.

Option 1: GUI (Recommended for most users)

  1. Open your file browser and navigate to File > Connect to Server.
  2. Enter the server address: smb://datawaha/<your_folder>
  3. Provide your KAUST Portal ID, KAUST domain, and password.
  4. Click Connect and choose “Remember password” if preferred.
  5. The folder will mount and appear in your file manager. Click the eject icon to disconnect when done.

Option 2: Command Line (For advanced users)

  1. Install required utilities (only once): 
    sudo apt-get install cifs-utils
  2. Create a mount point: 
    sudo mkdir /datawaha_<your_folder>
  3. Create a mount script: 
    vi ~/mount_datawaha

    Insert the following line (replace with your folder and Portal ID):

    mount //datawaha/<your_folder> /datawaha_<your_folder> -o vers=2.0,file_mode=0777,dir_mode=0777,username=<your_portal_id>,domain=KAUST
  4. Save and make the script executable: 
    chmod +x ~/mount_datawaha
  5. Run the script and enter your KAUST password: 
    ~/mount_datawaha
  6. Verify the mount: 
    df -h /datawaha_<your_folder>

📄 Need more help? View the full step-by-step guide with screenshots: How to Mount DataWaha on Linux (PDF)

Windows

  1. Open File Explorer.
  2. In the address bar, enter: 
    \\datawaha\<your_folder>
  3. When prompted, enter your KAUST Portal ID and password.
  4. You may choose to save your credentials and map the drive for easier future access.

macOS

  1. Open Finder and go to Go > Connect to Server (or press Command + K).
  2. Enter the following address: 
    smb://datawaha/<your_folder>
  3. Click Connect.
  4. Enter your KAUST Portal ID and password when prompted.
  5. The folder will mount and appear under Locations in Finder.

Transferring Data

You can transfer data to and from DataWaha using your preferred method:

  • Windows/macOS — Mount DataWaha and use standard file copy tools
  • Linux/Ubuntu — Use rsync for reliable, fast transfers: 
    rsync -av <local_folder> dm.kaust.edu.sa:/datawaha/<your_folder>
  • HPC (Shaheen) 
    ssh dm.hpc.kaust.edu.sa
rsync -av <folder> dm.kaust.edu.sa:/datawaha/<your_folder>
  • HPC (IBEX) 
    ssh mover.ibex.kaust.edu.sa
rsync -av <folder> dm.kaust.edu.sa:/datawaha/<your_folder>

Access Management

Access to DataWaha is managed through Active Directory (AD) groups. Each top-level folder is owned by a group. Access can be granted or revoked by modifying group membership.

If you need help managing permissions or configuring access, contact IT through VITA or the IT Support Portal.