research-article

An OAuth service for issuing certificates to science gateways for TeraGrid users

Authors:

Jeff GaynorAuthors Info & Claims

TG '11: Proceedings of the 2011 TeraGrid Conference: Extreme Digital Discovery

Article No.: 32, Pages 1 - 6

https://doi.org/10.1145/2016741.2016776

Published: 18 July 2011 Publication History

Abstract

In this paper, we present a TeraGrid OAuth service, integrated with the TeraGrid User Portal and TeraGrid MyProxy service, that provides certificates to science gateways. The OAuth service eliminates the need for TeraGrid users to disclose their TeraGrid passwords to science gateways when accessing their individual TeraGrid accounts via gateway interfaces. Instead, TeraGrid users authenticate at the TeraGrid User Portal to approve issuance of a certificate by MyProxy to the science gateway they are using. We present the design and implementation of the TeraGrid OAuth service, describe the underlying network protocol, and discuss design decisions and security considerations we made while developing the service in consultation with TeraGrid working groups and staff.

References

[1]

E. Hammer-Lahav (ed.). The OAuth 1.0 Protocol. IETF RFC 5849 (Informational), April 2010. http://tools.ietf.org/html/rfc5849

[2]

E. Rescorla (ed.). HTTP Over TLS. IETF RFC 2818 (Informational), May 2000. http://tools.ietf.org/html/rfc2818

Digital Library

[3]

Jim Basney, Marty Humphrey, and Von Welch. The MyProxy Online Credential Repository. Software: Practice and Experience, Volume 35, Issue 9, July 2005, pages 801-816. http://dx.doi.org/10.1002/spe.688

Digital Library

[4]

Jim Basney, Terry Fleury, and Von Welch. Federated Login to TeraGrid. 9th Symposium on Identity and Trust on the Internet (IDtrust), Gaithersburg, MD, April 2010. http://dx.doi.org/10.1145/1750389.1750391

Digital Library

[5]

Jim Basney, Von Welch, and Nancy Wilkins-Diehr. TeraGrid Science Gateway AAAA Model: Implementation and Lessons Learned. TeraGrid Conference, August 2010. http://dx.doi.org/10.1145/1838574.1838576

Digital Library

[6]

Joseph A. Insley, Ti Leggett, and Michael E. Papka. Using Dynamic Accounts to Enable Access to Advanced Resources through Science Gateways. Grid Computing Environments Workshop, 2009. http://dx.doi.org/10.1145/1658260.1658279

Digital Library

[7]

Marlon Pierce, Suresh Marru, Wenjun Wu, Gopi Kandaswami, Gregor von Laszewski, Rion Dooley, Maytal Dahan, Nancy Wilkins-Diehr, and Mary Thomas. Open Grid Computing Environments. TeraGrid Conference, June 2009.

[8]

Marlon Pierce, Xiaoming Gao, Sangmi Pallickara, Zhenhua Guo, Geoffrey Fox. The QuakeSim Portal and Services: New Approaches to Science Gateway Development Techniques. Concurrency and Computation: Practice and Experience, 22: 1732--1749. http://dx.doi.org/10.1002/cpe.1528

Digital Library

[9]

Nancy Wilkins-Diehr, Dennis Gannon, Gerhard Klimeck, Scott Oster, and Sudhakar Pamidighantam. TeraGrid Science Gateways and Their Impact on Science. IEEE Computer 41(11): 32--41 (2008). http://dx.doi.org/10.1109/MC.2008.470

Digital Library

[10]

Nancy Wilkins-Diehr (ed.). Science Gateways: Common Community Interfaces to Grid Resources. Concurrency and Computation: Practice and Experience, 19(6): 743--749 (2007). http://dx.doi.org/10.1002/cpe.1098

Digital Library

[11]

Nancy Wilkins-Diehr and Thomas Soddemann. Science Gateway, Portal and Other Community Interfaces to High End Resources. ACM/IEEE Conference on Supercomputing (SC '06), 2006. http://dx.doi.org/10.1145/1188455.1188472

Digital Library

[12]

T. Dierks and E. Rescorla (eds.). The Transport Layer Security (TLS) Protocol. IETF RFC 5246 (Standards Track), August 2008. http://tools.ietf.org/html/rfc5246

[13]

Von Welch, Jim Barlow, James Basney, Doru Marcusiu and Nancy Wilkins-Diehr. A AAAA Model to Support Science Gateways with Community Accounts. Concurrency and Computation: Practice and Experience, 2006. http://dx.doi.org/10.1002/cpe.1081

Digital Library

[14]

Wenjun Wu, M. E. Papka, R. Stevens. Toward an OpenSocial Life Science Gateway. Grid Computing Environments Workshop, November 2008. http://dx.doi.org/10.1109/GCE.2008.4738450

[15]

Wenjun Wu, Thomas Uram, Michael Wilde, Mark Hereld, and Michael E. Papka. Accelerating Science Gateway Development with Web 2.0 and Swift. TeraGrid Conference, August 2010. http://dx.doi.org/10.1145/1838574.1838597

Digital Library

[16]

Zhenhua Guo, Raminderjeet Singh, and Marlon Pierce. Building the PolarGrid Portal Using Web 2.0 and OpenSocial. Grid Computing Environments Workshop, 2009. http://dx.doi.org/10.1145/1658260.1658267

Digital Library

Cited By

Withers ABockelman BWeitzel DBrown DGaynor JBasney JTannenbaum TMiller ZSanielevici S(2018)SciTokensProceedings of the Practice and Experience on Advanced Research Computing: Seamless Creativity10.1145/3219104.3219135(1-8)Online publication date: 22-Jul-2018
https://dl.acm.org/doi/10.1145/3219104.3219135
Benedyczak KSchuller BPetrova-El Sayed MRybicki JGrunzke R(2016)UNICORE 7 — Middleware services for distributed and federated computing2016 International Conference on High Performance Computing & Simulation (HPCS)10.1109/HPCSim.2016.7568392(613-620)Online publication date: Jul-2016
https://doi.org/10.1109/HPCSim.2016.7568392
Basney JGaynor JMarru SPierce MKanewala TDooley RStubbs JLathrop SAlameda J(2014)Integrating Science Gateways with XSEDE SecurityProceedings of the 2014 Annual Conference on Extreme Science and Engineering Discovery Environment10.1145/2616498.2616559(1-2)Online publication date: 13-Jul-2014
https://dl.acm.org/doi/10.1145/2616498.2616559
Show More Cited By

Index Terms

An OAuth service for issuing certificates to science gateways for TeraGrid users
1. Security and privacy
  1. Security services
    1. Authentication

Recommendations

Federated login to TeraGrid
IDTRUST '10: Proceedings of the 9th Symposium on Identity and Trust on the Internet

We present a new federated login capability for the TeraGrid, currently the world's largest and most comprehensive distributed cyberinfrastructure for open scientific research. Federated login enables TeraGrid users to authenticate using their home ...
Distributed web security for science gateways
GCE '11: Proceedings of the 2011 ACM workshop on Gateway computing environments

Science gateways broaden and simplify access to cyberinfrastructure (CI) by providing advanced interfaces to collaboration, analysis, data management, and other tools for students and researchers. As these science gateway interfaces to ...
The LEAD Portal: a TeraGrid gateway and application service architecture: Research Articles
Science Gateways—Common Community Interfaces to Grid Resources

The Linked Environments for Atmospheric Discovery (LEAD) Portal is a science application portal designed to enable effective use of Grid resources in exploring mesoscale meteorological phenomena. The aim of the LEAD Portal is to provide a more ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

TG '11: Proceedings of the 2011 TeraGrid Conference: Extreme Digital Discovery

July 2011

256 pages

ISBN:9781450308885

DOI:10.1145/2016741

General Chair:
John Towns
NCSA-Illinois
,
Program Chairs:
Shawn Brown
PSC
,
Daniel S. Katz
UC/ANL

Copyright © 2011 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

University of Illinois: University of Illinois

In-Cooperation

SIGAPP: ACM Special Interest Group on Applied Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 July 2011

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

National Science Foundation

Conference

TG'11

Sponsor:

University of Illinois

TG'11: TeraGrid 2011

July 18 - 21, 2011

Utah, Salt Lake City

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

13
Total Citations
View Citations
235
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 08 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Withers ABockelman BWeitzel DBrown DGaynor JBasney JTannenbaum TMiller ZSanielevici S(2018)SciTokensProceedings of the Practice and Experience on Advanced Research Computing: Seamless Creativity10.1145/3219104.3219135(1-8)Online publication date: 22-Jul-2018
https://dl.acm.org/doi/10.1145/3219104.3219135
Benedyczak KSchuller BPetrova-El Sayed MRybicki JGrunzke R(2016)UNICORE 7 — Middleware services for distributed and federated computing2016 International Conference on High Performance Computing & Simulation (HPCS)10.1109/HPCSim.2016.7568392(613-620)Online publication date: Jul-2016
https://doi.org/10.1109/HPCSim.2016.7568392
Basney JGaynor JMarru SPierce MKanewala TDooley RStubbs JLathrop SAlameda J(2014)Integrating Science Gateways with XSEDE SecurityProceedings of the 2014 Annual Conference on Extreme Science and Engineering Discovery Environment10.1145/2616498.2616559(1-2)Online publication date: 13-Jul-2014
https://dl.acm.org/doi/10.1145/2616498.2616559
Dooley RStubbs JBasney J(2014)The MyProxy GatewayProceedings of the 2014 6th International Workshop on Science Gateways10.1109/IWSG.2014.8(6-11)Online publication date: 3-Jun-2014
https://dl.acm.org/doi/10.1109/IWSG.2014.8
Kanewala TMarru SBasney JPierce MReed DSun XFoster I(2014)A credential store for multi-tenant science gatewaysProceedings of the 14th IEEE/ACM International Symposium on Cluster, Cloud, and Grid Computing10.1109/CCGrid.2014.95(445-454)Online publication date: 26-May-2014
https://dl.acm.org/doi/10.1109/CCGrid.2014.95
Yang XWallom DWaddington SWang JShaon AMatthews BWilson MGuo YGuo LBlower JVasilakos ALiu KKershaw P(2014)Cloud computing in e-ScienceThe Journal of Supercomputing10.1007/s11227-014-1251-570:1(408-464)Online publication date: 1-Oct-2014
https://dl.acm.org/doi/10.1007/s11227-014-1251-5
Basney JFleury TGaynor J(2014)CILogonConcurrency and Computation: Practice & Experience10.1002/cpe.326526:13(2225-2239)Online publication date: 10-Sep-2014
https://dl.acm.org/doi/10.1002/cpe.3265
Basney JFleury TGaynor JWilkins-Diehr N(2013)CILogonProceedings of the Conference on Extreme Science and Engineering Discovery Environment: Gateway to Discovery10.1145/2484762.2484791(1-7)Online publication date: 22-Jul-2013
https://dl.acm.org/doi/10.1145/2484762.2484791
Basney JWelch V(2013)Science gateway security recommendations2013 IEEE International Conference on Cluster Computing (CLUSTER)10.1109/CLUSTER.2013.6702697(1-3)Online publication date: Sep-2013
https://doi.org/10.1109/CLUSTER.2013.6702697
Li ZZhang HWu W(2012)Open Social based group access control framework for e-Science data infrastructureProceedings of the 2012 IEEE 8th International Conference on E-Science (e-Science)10.1109/eScience.2012.6404488(1-8)Online publication date: 8-Oct-2012
https://dl.acm.org/doi/10.1109/eScience.2012.6404488
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten