The GISELA Science Gateway
|
|
- Ralf Cook
- 8 years ago
- Views:
Transcription
1 The GISELA Science Gateway Roberto Barbera University of Catania and INFN - Italy TICAL 2012 Lima, 3 July 2012
2 Introduction and driving considerations The Catania Science Gateway framework The GISELA Science Gateway The Science Gateway market place Summary and conclusions Outline 2
3 Path to technology uptake The Rogers bell-shape curve - Rogers, E. M. (1962), Diffusion of Innovations, Glencoe: Free Press. 3
4 IT acceptance model the Web Development of web browsers The World Wide Web Davis, F. D. (1989), "Perceived usefulness, perceived ease of use, and user acceptance of information technology", MIS Quarterly 13(3):
5 The evolution leap in web browsers evolution leap 5
6 The «strength» of the web: standards! 6
7 Some figures 7
8 The eresearch2020 report ( Some barriers in the adoption of Grids: Changes on Grids means changes on applications Time required to adapt usual workflows Lack of structure to support anonymous access Download and installation of applications Interface Slow to get to compared to other resources Difficult to use in the beginning Time spent to get the application compiled and running 8
9 Using Grids is not straightforward Users have to cope with complex security procedures, execution scripts, job description languages, command line based interfaces and lack of standards. This makes the learning curve very steep and keeps non IT-experts away.
10 Another consideration # of users VRCs There is a huge number of non IT-experts out there who do not belong to any constituted Virtual Research Community. How can we attract them? 10
11 Community-driven web portals have started to integrate Grid Tools and Applications A Science Gateway is a community-developed set of tools, applications, and data that is integrated via a portal or a suite of applications, usually in a graphical user interface, that is further customized to meet the needs of a specific community. Teragrid/XSEDE 11
12 IT acceptance model the Grid Development of Science Gateway Requirement for sustainability Davis, F. D. (1989), "Perceived usefulness, perceived ease of use, and user acceptance of information technology", MIS Quarterly 13(3):
13 EGI Portal & Traceability Policies (1/2) Science Gateways Portal Classes Portal Class Executable Parameters Input Simple oneclick provided by portal provided by portal provided by portal Parameter provided by portal chosen from enumerable and limited set chosen from repository vetted by the portal Data processing provided by portal chosen from enumerable and limited set provided by user Job management provided by user provided by user provided by user 13
14 EGI Portal & Traceability Policies (2/2) The Portal, the VO the Portal is associated to, and the Portal manager are all individually and collec;vely responsible and accountable for all interac;ons with the Grid The Portal must be capable of limi;ng the job submission rate The Portal must keep audit logs for all interac;ons with the Grid as defined in the Traceability and Logging Policy (minimum 90 days) The Portal manager and operators must assist in security incident inves;ga;ons Where relevant, private keys associated with (proxy) cer;ficates must not be transferred across a network, not even in encrypted form 14
15 Primary requirement: building Science Gateways should be like playing with Standards Simplicity Easiness of use Re-usability Sc. Gtwy A Sc. Gtwy B Sc. Gtwy C Sc. Gtwy D Sc. Gtwy E 15
16 Summary of standards adopted The framework for Science Gateways developed at Catania is fully web-based and adopts official worldwide standards and protocols, through their most common implementations These are: The JSR 168 and JSR 286 standards (also known as "portlet 1.0" and "portlet 2.0" standards) The OASIS Security Assertion Markup Language (SAML) standard and its Shibboleth and SimpleSAMLphp implementations The Lightweight Direct Access Protocol, and its OpenLDAP implementation The Cryptographic Token Interface Standard (PKCS#11) standard and its Cryptoki implementation The Open Grid Forum (OGF) Simple API for Grid Applications (SAGA) standard and its JSAGA implementation 16
17 Our reference model Embedded Applica-ons... App. 1 App. 2 App. N Standard-based (SAGA) middleware-independent Grid Engine Science Gateway Administrator Power User Basic User Users from different organisations having different roles and privileges 17
18 AuthN & AuthZ Schema Science Gateway 1. Register to a Service GrIDP ( catch-all ) 2. Sign in IDPCT ( catchall ) Social Networks Bridge IdP IDP_y LDAP... 18
19 The Grid IDentity Pool (GrIDP) (
20 edugain ( Catania Science Gateways are also registered as Service Providers of edugain 20
21 Science Gateway access workflow 1. register 3. sign in User 2. has to be member? 2.y account granted 2.n account denied 2.n Admin 2.y 2.y store credentials User Registry 21
22 User Registry Identity Provider 1. sign in 6. get the results User Science Gateway access workflow 3. create a proxy from an etoken server with robot certificates 4. execute action etoken server The Grid 5. get output Admin Compliant with the EGI.eu Portal and Traceability Policies 22
23 Robot certificates «in a nutshell» Robot certificates have been introduced to allow users, who do not have/want personal certificates and do not belong to any Virtual Organisation, to use the Grid; They are usually issued on smartcards to be plugged on the machine where the service(s) is (are) executed. Basically, these certificates can be used to identify a person responsible for an unattended service or process acting as client and/or server for a Virtual Research Community. 23
24 The «lightweight» crypto-library Users Client Applica-ons Science Gateways 24
25 The etoken server working scenario (*) SSL encryption ask for a service list/create request (*) etokenserver get results retrieve serials/proxy (*) execute a service get the results back ask for VOMS AC attributes store long proxy VOMS Server MyProxy Server 25
26 The Authentication Procedure Identity Federations discovery service «catch-all» Identity Provider GISELA - Second Project Review - Brussels - 08/12/
27 The Social Networks Bridge Identity Provider ( Identity Federations discovery service 27
28 Catania Science Gateways in numbers Users from 139 Organisations in 34 Countries ~1/3 of registered people are users of the GISELA Science Gateway 28
29 Liferay Portlets The Catania Grid Engine Science GW 1 Science GW 2 Science GW 3 Grid Engine Science GW Interface etoken Server Data Engine Job Engine SAGA/JSAGA API Users Track & Monit. Users Tracking DB Grid MWs DONE 29 DONE DONE DONE DONE DONE
30 Multi-Infrastructures Grid Engine EUMEDGRID Infrastr. Info (BDII,VO, etc.) GISELA Infrastr. Info Other Infrastr. Info EUMEDGRID e-infrastructure Submit Multi-Infrastructure Science Gateway GISELA e-infrastructure User 30 Other e-infrastructure
31 Job Engine Interoperability Interoperability is a property referring to the ability of diverse systems and organizations to work together (interoperate). The term is often used in a technical systems engineering sense, or alternatively in a broad sense, taking into account social, political, and organizational factors that impact system to system performance; According to ISO/IEC (Information Technology Vocabulary, Fundamental Terms), interoperability is "The capability to communicate, execute programs, or transfer data among various functional units in a manner that requires the user to have little or no knowledge of the unique characteristics of those units". 31
32 Job Engine Interoperability glite-based e-infrastructures/projects EUAsiaGrid EUChinaGRID EU-IndiaGrid EUMEDGRID GISELA IGI (Italy) SAGrid (South Africa) 32
33 MyJobsMap (1/3) 33
34 MyJobsMap (2/3) 34
35 MyJobsMap (3/3) Both sequential and MPI-enabled jobs successfully executed The CHAIN project is preparing a demo of worldwide interoperability among glite, Globus, Unicore, OurGrid, GOS, and GARUDA to be presented both at the next EGI Technical Forum and Supercomputing
36 The GISELA Science Gateway ( 36
37 The GISELA Science Gateway in action 37
38 The GISELA Science Gateway in action 38
39 The GISELA Science Gateway in action 39
40 The GISELA Science Gateway in action 40
41 The GISELA Science Gateway in action 41
42 The GISELA Science Gateway in action 42
43 But big challenges are in front of us Now that many users can potentially access and use Science Gateways, a new «training» and «communication» strategy is needed as well as a portfolio of «appealing» applications to attract them 43
44 The Science Gateway market place Users/VRCs SG Dev Science Gateway 44
45 Survey for VRCs to propose applications ( 45
46 Training for Science Gateway developers ( Training Material) New training material: New training tools: New training events:
47 Training for Federated Identity Management services Two persons from CUDI/UNAM are going to visit us in Catania for one month to setup federated identity services for Mexico. Anybody else interested? 47
48 A success story: the Latin American Science Gateway task force We are working to create a Latin-American Task Force able to integrate new applications on the GISELA Science Gateway in a short time (less than a week) CLARA and the NRENs have already identified a group of skilled Java developers (but more are needed!) We organized a series of webinars to teach how to integrate scientific applications on the GISELA Science Gateway We are running dedicated grid schools in Latin America and we are inviting members of the Latin-American Task Force to come to Catania to learn more about the Science Gateway model and become tutors (in collaboration with the EPIKH project) 48
49 Summary and conclusions e-infrastructures can be very beneficial platforms, provided they are really «easy to use» The GISELA Science Gateway, with its support for Identity Federations and Social Networks, is changing the way Grid infrastructures are used in Latin America, hugely widening their potential user base (especially non-it experts and the citizen scientist ), yet keeping the required level of security The adoption of standards (JSR 286, SAGA, SAML, etc.) represents a concrete investment towards sustainability If you want to join the Science Gateway market place and/or the Latin American Science Gateway task force, please contact me at sg-licence@ct.infn.it 49
50 Thank you! 50
Widening the number of e- Infrastructure users with Science Gateways and Identity Federations (access for success)
Consorzio COMETA UNIONE EUROPEA Widening the number of e- Infrastructure users with Science Gateways and Identity Federations (access for success) Prof. Roberto Barbera (roberto.barbera@ct.infn.it) Univ.
More informationGrid Engine. The EPIKH Project (Exchange Programme to advance e-infrastructure Know-How)
The EPIKH Project (Exchange Programme to advance e-infrastructure Know-How) Grid Engine Riccardo Rotondo (riccardo.rotondo@garr.it) Consortium GARR Joint CHAIN/EPIKH School for Application Porting to Science
More informationIGI Portal architecture and interaction with a CA- online
IGI Portal architecture and interaction with a CA- online Abstract In the framework of the Italian Grid Infrastructure, we are designing a web portal for the grid and cloud services provisioning. In following
More informationTest of cloud federation in CHAIN-REDS project
Test of cloud federation in CHAIN-REDS project Italian National Institute of Nuclear Physics, Division of Catania - Italy E-mail: giuseppe.andronico@ct.infn.it Roberto Barbera Department of Physics and
More informationIdentity Federation For Authenticating and Authorizing Researchers
Identity Federation For Authenticating and Authorizing Researchers Cletus Okolie NOC Manager Eko-Konnect Research and Education Initiative Outline What are IdFs? IdF components Software Packages for IdF
More informationGlobus Toolkit: Authentication and Credential Translation
Globus Toolkit: Authentication and Credential Translation JET Workshop, April 14, 2004 Frank Siebenlist franks@mcs.anl.gov http://www.globus.org/ Copyright (c) 2002 University of Chicago and The University
More informationAgenda. How to configure
dlaw@esri.com Agenda Strongly Recommend: Knowledge of ArcGIS Server and Portal for ArcGIS Security in the context of ArcGIS Server/Portal for ArcGIS Access Authentication Authorization: securing web services
More informationIntroduction to the EPIKH/CHAIN projects
The EPIKH Project (Exchange Programme to advance e-infrastructure Know-How) Introduction to the EPIKH/CHAIN projects Riccardo Rotondo (riccardo.rotondo@garr.it) Consortium GARR Joint CHAIN/EPIKH School
More informationA Web-based Portal to Access and Manage WNoDeS Virtualized Cloud Resources
A Web-based Portal to Access and Manage WNoDeS Virtualized Cloud Resources Davide Salomoni 1, Daniele Andreotti 1, Luca Cestari 2, Guido Potena 2, Peter Solagna 3 1 INFN-CNAF, Bologna, Italy 2 University
More informationIdentity Management in Liferay Overview and Best Practices. Liferay Portal 6.0 EE
Identity Management in Liferay Overview and Best Practices Liferay Portal 6.0 EE Table of Contents Introduction... 1 IDENTITY MANAGEMENT HYGIENE... 1 Where Liferay Fits In... 2 How Liferay Authentication
More informationBiometric Single Sign-on using SAML
Biometric Single Sign-on using SAML Architecture & Design Strategies Ramesh Nagappan CISSP Ramesh.Nagappan@sun.com 1 Setting Expectations What you can take away! Understand the importance of Single Sign-On
More informationLicia Florio Project Development Officer licia@terena.org www.terena.org Identity Federations in Europe
APAN Conference Honolulu, Hawaii 24 January 2008 Licia Florio Project Development Officer licia@terena.org www.terena.org Identity Federations in Europe Outline Networking Organisations in Europe Requirements
More informationAAA for IMOS: Australian Access Federation & related components
AAA for IMOS: Australian Access Federation & related components James Dalziel Professor of Learning Technology, and Director, Macquarie E-Learning Centre Of Excellence (MELCOE) Macquarie University james@melcoe.mq.edu.au
More informationGRID COMPUTING Techniques and Applications BARRY WILKINSON
GRID COMPUTING Techniques and Applications BARRY WILKINSON Contents Preface About the Author CHAPTER 1 INTRODUCTION TO GRID COMPUTING 1 1.1 Grid Computing Concept 1 1.2 History of Distributed Computing
More informationEvaluation of different Open Source Identity management Systems
Evaluation of different Open Source Identity management Systems Ghasan Bhatti, Syed Yasir Imtiaz Linkoping s universitetet, Sweden [ghabh683, syeim642]@student.liu.se 1. Abstract Identity management systems
More informationServer based signature service. Overview
1(11) Server based signature service Overview Based on federated identity Swedish e-identification infrastructure 2(11) Table of contents 1 INTRODUCTION... 3 2 FUNCTIONAL... 4 3 SIGN SUPPORT SERVICE...
More informationGEC4. Miami, Florida
GENI Security Architecture GEC4 Stephen Schwab, Alefiya Hussain Miami, Florida 1 Outline Overview of Security Architecture Draft Work in progress Observations About Candidate Technologies Considerations
More informationSCI-BUS gateways for grid and cloud infrastructures
SCI-BUS gateways for grid and cloud infrastructures Tamas Kiss University of Westminster Peter Kacsuk, Zoltan Farkas MTA SZTAKI VERCE project meeting 1 st February 2013, Edinburgh SCI-BUS is supported
More informationFederations 101. An Introduction to Federated Identity Management. Peter Gietz, Martin Haase
Authentication and Authorisation for Research and Collaboration Federations 101 An Introduction to Federated Identity Management Peter Gietz, Martin Haase AARC NA2 Task 2 - Outreach and Dissemination DAASI
More informationShibboleth N-Tier Support. Chad La Joie chad.lajoie@switch.ch
Shibboleth N-Tier Support Chad La Joie chad.lajoie@switch.ch Agenda Use Case Terminology Shibboleth Solution Future Effort Resources 2 Use Case Current use case comes from University of Chicago University
More informationThe EDGeS project receives Community research funding
Desktop Grids EDGeS project Delegation for access to trusted resources The EDGeS project receives Community research funding 1 DG = Desktop Grid = Loose grid scavenging idle resources Unit of Work = Application
More informationInter-regional e-infrastructures coordination - The CHAIN project
Co-ordination & Harmonisation of Advanced e-infrastructures Inter-regional e-infrastructures coordination - The CHAIN project Federico Ruggieri, INFN Project Director GISELA-CHAIN Joint Conference Mexico
More informationInterwise Connect. Working with Reverse Proxy Version 7.x
Working with Reverse Proxy Version 7.x Table of Contents BACKGROUND...3 Single Sign On (SSO)... 3 Interwise Connect... 3 INTERWISE CONNECT WORKING WITH REVERSE PROXY...4 Architecture... 4 Interwise Web
More informationBuilding Secure Applications. James Tedrick
Building Secure Applications James Tedrick What We re Covering Today: Accessing ArcGIS Resources ArcGIS Web App Topics covered: Using Token endpoints Using OAuth/SAML User login App login Portal ArcGIS
More informationAuthentication and Single Sign On
Contents 1. Introduction 2. Fronter Authentication 2.1 Passwords in Fronter 2.2 Secure Sockets Layer 2.3 Fronter remote authentication 3. External authentication through remote LDAP 3.1 Regular LDAP authentication
More informationSD Departmental Meeting November 28 th, 2006. Ale de Vries Product Manager ScienceDirect Elsevier
ש בולת SD Departmental Meeting November 28 th, 2006 Ale de Vries Product Manager ScienceDirect Elsevier Shi... whát? : Shibboleth ש בולת [...] "stream, torrent". It derives from a story in the Hebrew Bible,
More informationDirect Issuance of Proxy Certificate on P-GRADE Grid Portal Without Using MyProxy
Direct Issuance of Proxy Certificate on P-GRADE Grid Portal Without Using MyProxy by Ng Kang Siong (ksng@mimos.my) Galoh Rashidah Haron (rashidah@mimos.my) MIMOS Berhad, Malaysia www.eu-egee.org EGEE and
More informationBiometric Single Sign-on using SAML Architecture & Design Strategies
Biometric Single Sign-on using SAML Architecture & Design Strategies Ramesh Nagappan Java Technology Architect Sun Microsystems Ramesh.Nagappan@sun.com 1 Setting Expectations What you can take away! Understand
More informationFlexible Identity Federation
Flexible Identity Federation Quick start guide version 1.0.1 Publication history Date Description Revision 2015.09.23 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services
More informationFederated Identity & Access Mgmt for Higher Education
Federated Identity & Access Mgmt for Higher Education Dr. Erik Vullings Program Manager Macquarie University s s E-Learning E Centre of Excellence (MELCOE) Erik.Vullings@melcoe.mq.edu.au 1/23/2006 1 Backing
More informationQlik Sense Enabling the New Enterprise
Technical Brief Qlik Sense Enabling the New Enterprise Generations of Business Intelligence The evolution of the BI market can be described as a series of disruptions. Each change occurred when a technology
More informationEsqu Science Experiments For Computer Network
Vangelis Floros, GRNET S.A. 3 rd Open Source Software Conference March 22, 2008 NTUA, Athens Greece Introduction What is a Grid? What is escience? Large Scientific Grids The example of EGEE Building Grid
More informationMasdar Institute Single Sign-On: Standards-based Identity Federation. John Mikhael ICT Department jmikhael@masdar.ac.ae
Masdar Institute Single Sign-On: Standards-based Identity Federation John Mikhael ICT Department jmikhael@masdar.ac.ae Agenda The case for Single Sign-On (SSO) Types of SSO Standards-based Identity Federation
More informationABFAB and OpenStack(in the Cloud)
ABFAB and OpenStack(in the Cloud) David W Chadwick University of Kent 1 Authentication in OpenStack Keystone User Trust Relationship Swift/Glance etc. 2 Federated Authnwith External IdPs External IdP User
More informationGRIDSEED: A Virtual Training Grid Infrastructure
GRIDSEED: A Virtual Training Grid Infrastructure Iztok Gregori CNR-IOM DEMOCRITOS Trieste, Italy iztok@democritos.it Stefano Cozzini CNR-IOM DEMOCRITOS Trieste, Italy cozzini@democritos.it Tyanko Aleksiev
More informationA Federated Authorization and Authentication Infrastructure for Unified Single Sign On
A Federated Authorization and Authentication Infrastructure for Unified Single Sign On Sascha Neinert Computing Centre University of Stuttgart Allmandring 30a 70550 Stuttgart sascha.neinert@rus.uni-stuttgart.de
More informationIntegration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Drupal
SafeNet Authentication Service Integration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information
More informationCA Performance Center
CA Performance Center Single Sign-On User Guide 2.4 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is
More informationPerceptive Experience Single Sign-On Solutions
Perceptive Experience Single Sign-On Solutions Technical Guide Version: 2.x Written by: Product Knowledge, R&D Date: January 2016 2016 Lexmark International Technology, S.A. All rights reserved. Lexmark
More informationBringing Federated Identity to Grid Computing. Dave Dykstra dwd@fnal.gov CISRC16 April 6, 2016
Bringing Federated Identity to Grid Computing Dave Dykstra dwd@fnal.gov CISRC16 April 6, 2016 Outline Introduction & motivation Background Grid security & job management InCommon, CILogon, and SAML ECP
More informationESA EO Identify Management
ESA EO Identify Management The ESA EO IM Infrastructure & Services A. Baldi ESA: Andrea.Baldi@esa.int M. Leonardi ESA: m.leonardi@rheagroup.com 1 Issues @ ESA with legacy user management Users had multiple
More informationCloud federation. Prelude to Hybrid Clouds. CHEP 2015 Okinawa, Japan. Marek Denis CERN Geneva, Switzerland
Cloud federation CHEP 2015 Okinawa, Japan Prelude to Hybrid Clouds Marek Denis CERN Geneva, Switzerland Basic definitions OpenStack: An Open Source Cloud Managing System which allows implementors to: --
More informationOn Enabling Hydrodynamics Data Analysis of Analytical Ultracentrifugation Experiments
On Enabling Hydrodynamics Data Analysis of Analytical Ultracentrifugation Experiments 18. June 2013 Morris Reidel, Shahbaz Memon, et al. Outline Background Ultrascan Application Ultrascan Software Components
More informationIVOA Single-Sign-On Profile: Authentication Mechanisms Version 2.0
International Virtual Observatory Alliance IVOA Single-Sign-On Profile: Authentication Mechanisms Version 2.0 IVOA Proposed Recommendation 20151029 Working group http://www.ivoa.net/twiki/bin/view/ivoa/ivoagridandwebservices
More informationSecure Federated Light-weight Web Portals for FusionGrid
Secure Federated Light-weight Web Portals for FusionGrid By: D. Aswath, M. Thompson, M. Goode, X. Lee, N. Y. Kim Presented by: Dipti Aswath GCE Workshop 2006 Second International Workshop on Grid Computing
More informationSAML 2.0 SSO Deployment with Okta
SAML 2.0 SSO Deployment with Okta Simplify Network Authentication by Using Thunder ADC as an Authentication Proxy DEPLOYMENT GUIDE Table of Contents Overview...3 The A10 Networks SAML 2.0 SSO Deployment
More informationFederated Identity Management. Willem Elbers (MPI-TLA) EUDAT training
Federated Identity Management Willem Elbers (MPI-TLA) EUDAT training Date: 26 June 2012 Outline FIM and introduction to components Federation and metadata National Identity federations and inter federations
More informationseamless simplicity to simple identity management in education.
seamless simplicity to simple identity management in education. we ve had a lot of feedback but sums it up nicely. the YouID family There are currently two products in the YouID portfolio, both developed
More informationS P I E Information Environments Shibboleth and Its Integration into Security Architectures. EDUCAUSE & Internet 2 Security Professionals Conference
Shibboleth and Its Integration into Security Architectures Christian Fernau, Francisco Pinto University of Oxford EDUCAUSE & Internet 2 Security Professionals Conference Denver, CO 10-12 April 2006 16:47:29
More informationRun-time Service Oriented Architecture (SOA) V 0.1
Run-time Service Oriented Architecture (SOA) V 0.1 July 2005 Table of Contents 1.0 INTRODUCTION... 1 2.0 PRINCIPLES... 1 3.0 FERA REFERENCE ARCHITECTURE... 2 4.0 SOA RUN-TIME ARCHITECTURE...4 4.1 FEDERATES...
More informationSingle Sign On for UNICORE command line clients
Single Sign On for UNICORE command line clients Krzysztof Benedyczak ICM, Warsaw University Current status of UNICORE access Legacy certificates still fully supported nice on home workstation, especially
More informationnexus Hybrid Access Gateway
Product Sheet nexus Hybrid Access Gateway nexus Hybrid Access Gateway nexus Hybrid Access Gateway uses the inherent simplicity of virtual appliances to create matchless security, even beyond the boundaries
More informationGet Success in Passing Your Certification Exam at first attempt!
Get Success in Passing Your Certification Exam at first attempt! Exam : 000-003 Title : Fundamentals of Applying Tivoli Security and Compliance Management Solutions V2 Version : Demo 1.What is another
More informationIntroduction. Connection security
SECURITY AND AUDITABILITY WITH SAGE ERP X3 Introduction An ERP contains usually a huge set of data concerning all the activities of a company or a group a company. As some of them are sensitive information
More informationAbout Me. #ccceu. @shapeblue. Software Architect with ShapeBlue Specialise in. 3 rd party integrations and features in CloudStack
Software Architect with ShapeBlue Specialise in. 3 rd party integrations and features in CloudStack About Me KVM, API, DB, Upgrades, SystemVM, Build system, various subsystems Contributor and Committer
More information<Insert Picture Here> Oracle Security Developer Tools (OSDT) August 2008
Oracle Security Developer Tools (OSDT) August 2008 Items Introduction OSDT 10g Architecture Business Benefits Oracle Products Currently Using OSDT 10g OSDT 10g APIs Description OSDT
More informationHow To Enable A Websphere To Communicate With Ssl On An Ipad From Aaya One X Portal 1.1.3 On A Pc Or Macbook Or Ipad (For Acedo) On A Network With A Password Protected (
Avaya one X Portal 1.1.3 Lightweight Directory Access Protocol (LDAP) over Secure Socket Layer (SSL) Configuration This document provides configuration steps for Avaya one X Portal s 1.1.3 communication
More informationWeb Application Entity Session Management using the eid Card Frank Cornelis 03/03/2010. Fedict 2010. All rights reserved
Web Application Entity Session Management using the eid Card Frank Cornelis 03/03/2010 Fedict 2010. All rights reserved What is Entity Authentication? Entity authentication is the process whereby one party
More informationDAMe Deploying Authorization Mechanisms for Federated Services in the eduroam Architecture
DAMe Deploying Authorization Mechanisms for Federated Services in the eduroam Architecture Sascha Neinert Marseille, 06.02.2008, Sascha Neinert, 06.02.2008 Seite 1 Overview Project Goals Partners Network
More informationFederated Access Control in Heterogeneous Intercloud Environment: Basic Models and Architecture Patterns
Federated Access Control in Heterogeneous Intercloud Environment: Basic Models and Architecture Patterns Craig Lee, The Aerospace Corporation On behalf of Yuri Demchenko, Craig Lee, Canh Ngo, Cees de Laat
More informationIntegration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Tableau Server
SafeNet Authentication Service Integration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information
More informationSecuring ArcGIS Server Services: First Steps
Federal GIS Conference February 9 10, 2015 Washington, DC Securing ArcGIS Server Services: First Steps Michael Sarhan Esri msarhan@esri.com Agenda Review Basic Security Workflow ArcGIS Server Roles and
More informationperfsonar AAI for network-oriented services Cándido Rodríguez candido.rodriguez@rediris.es
perfsonar AAI for network-oriented services Cándido Rodríguez candido.rodriguez@rediris.es 10 th TF-EMC2 Meeting - Marseille, 4 th -5 th February 08 1.16 Agenda 1.Scenario of perfsonar 2. Using edugain
More informationIdentity and Access Management for Federated Resource Sharing: Shibboleth Stories
Identity and Access Management for Federated Resource Sharing: Shibboleth Stories http://arch.doit.wisc.edu/keith/apan/ apanshib-060122-01.ppt Keith Hazelton (hazelton@doit.wisc.edu) Sr. IT Architect,
More informationConfiguring the Cisco ISA500 for Active Directory/LDAP and RADIUS Authentication
Configuring the Cisco ISA500 for Active Directory/LDAP and RADIUS Authentication This application note describes how to authenticate users on a Cisco ISA500 Series security appliance. It includes these
More informationThe ENEA gateway approach providing EGEE/gLite access to unsupported platforms and operating systems
EU-IndiaGrid Workshop Taipei, November 2nd 2007 The ENEA gateway approach providing EGEE/gLite access to unsupported platforms and operating systems G. Bracco, S.Migliori, A. Quintiliani, A. Santoro, C.
More informationSophos Mobile Control Installation guide
Sophos Mobile Control Installation guide Product version: 2.5 Document date: July 2012 Contents 1 Introduction... 3 2 The Sophos Mobile Control server... 4 3 Set up Sophos Mobile Control... 13 4 Running
More informationSAML:The Cross-Domain SSO Use Case
SAML:The Cross-Domain SSO Use Case Chris Ceppi Oblix Corporate Engineer Ed Kaminski OBLIX Federal Business Manager 410-349-1828 ekaminski@oblix.com Mike Blackin Principal Systems Engineer Oblix, Inc. 202-588-7397
More informationVERALAB LDAP Configuration Guide
VERALAB LDAP Configuration Guide VeraLab Suite is a client-server application and has two main components: a web-based application and a client software agent. Web-based application provides access to
More informationShibboleth Identity Provider (IdP) Sebastian Rieger sebastian.rieger@gwdg.de
Shibboleth Identity Provider (IdP) Sebastian Rieger sebastian.rieger@gwdg.de Gesellschaft für wissenschaftliche Datenverarbeitung mbh Göttingen, Germany CLARIN AAI Hands On Workshop, 25.02.2009, Oxford
More informationDocuSign Single Sign On Implementation Guide Published: March 17, 2016
DocuSign Single Sign On Implementation Guide Published: March 17, 2016 Copyright Copyright 2003-2016 DocuSign, Inc. All rights reserved. For information about DocuSign trademarks, copyrights and patents
More informationTenrox. Single Sign-On (SSO) Setup Guide. January, 2012. 2012 Tenrox. All rights reserved.
Tenrox Single Sign-On (SSO) Setup Guide January, 2012 2012 Tenrox. All rights reserved. About this Guide This guide provides a high-level technical overview of the Tenrox Single Sign-On (SSO) architecture,
More informationAdding Federated Identity Management to Openstack
Adding Federated Identity Management to Openstack David Chadwick d.w.chadwick@kent.ac.uk 5 April 2014 Cloud Computing Security and Identity Workshop, NMOC 1 OpenStack Large open source project to develop
More informationTRUST RELATIONSHIPS AND SINGLE SIGN-ON IN GRID BASED DATA WAREHOUSES
TRUST RELATIONSHIPS AND SINGLE SIGN-ON IN GRID BASED DATA WAREHOUSES Xiaoyu Li a and Maree Pather b a Department of Information Technology, Nelson Mandela Metropolitan University b Department of Applied
More informationPolicy on ARCS eresearch Services Firewall Configuration Requests
Policy on ARCS eresearch Services Firewall Configuration Requests (Endorsed by CAUDIT Executive 29 July 2009) Introduction ARCS and CAUDIT have together sought to arrive at an agreed set of firewall configurations
More informationThe AAF and Shibboleth. eresearch Australasia 2007. Prof. James Dalziel james@melcoe.mq.edu.au. Neil Witheridge nwitheridge@melcoe.mq.edu.
The AAF and Shibboleth Prof. James Dalziel james@melcoe.mq.edu.au Neil Witheridge nwitheridge@melcoe.mq.edu.au Dr. Aizhong Lin alin@melcoe.mq.edu.au Macquarie E-Learning E Centre of Excellence (MELCOE)
More informationManaging Credentials with
Managing Credentials with MyProxy Jim Basney National Center for Supercomputing Applications University of Illinois jbasney@ncsa.uiuc.edu http://myproxy.ncsa.uiuc.edu/ What is MyProxy? A service for managing
More informationEnabling Federation and Web-Single Sign-On in Heterogeneous Landscapes with the Identity Provider and Security Token Service Supplied by SAP NetWeaver
Enabling Federation and Web-Single Sign-On in Heterogeneous Landscapes with the Identity Provider and Security Token Service Supplied by SAP NetWeaver SAP Product Management, SAP NetWeaver Identity Management
More informationDeliverable D9.2 Market Analysis for Virtual Organisation Platform as a Service (VOPaaS)
19-11-2015 Contractual Date: 30-09-2015 Actual Date: 19-11-2015 Grant Agreement No.: 691567 Activity: SA5 Task Item: 4 Nature of Deliverable: R (Report) Dissemination Level: PU (Public) Lead Partner: AMRES
More informationCertificates in a Nutshell. Jens Jensen, STFC Leader of EUDAT AAI TF
Certificates in a Nutshell Jens Jensen, STFC Leader of EUDAT AAI TF In a nutshell... Mature, Robust, Ubiquitous Have been around for decades Interoperable supported by every OS, every language Used everywhere
More informationSophos Mobile Control Technical guide
Sophos Mobile Control Technical guide Product version: 2 Document date: December 2011 Contents 1. About Sophos Mobile Control... 3 2. Integration... 4 3. Architecture... 6 4. Workflow... 12 5. Directory
More informationHP Software as a Service. Federated SSO Guide
HP Software as a Service Federated SSO Guide Document Release Date: July 2014 Legal Notices Warranty The only warranties for HP products and services are set forth in the express warranty statements accompanying
More informationTHE CCLRC DATA PORTAL
THE CCLRC DATA PORTAL Glen Drinkwater, Shoaib Sufi CCLRC Daresbury Laboratory, Daresbury, Warrington, Cheshire, WA4 4AD, UK. E-mail: g.j.drinkwater@dl.ac.uk, s.a.sufi@dl.ac.uk Abstract: The project aims
More informationTitle: A Client Middleware for Token-Based Unified Single Sign On to edugain
Title: A Client Middleware for Token-Based Unified Single Sign On to edugain Sascha Neinert Computing Centre University of Stuttgart, Allmandring 30a, 70550 Stuttgart, Germany e-mail: sascha.neinert@rus.uni-stuttgart.de
More informationVMware Identity Manager Administration
VMware Identity Manager Administration VMware Identity Manager 2.6 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new
More informationProcessing big data by WS- PGRADE/gUSE and Data Avenue
Processing big data by WS- PGRADE/gUSE and Data Avenue http://www.sci-bus.eu Peter Kacsuk, Zoltan Farkas, Krisztian Karoczkai, Istvan Marton, Akos Hajnal, Tamas Pinter MTA SZTAKI SCI-BUS is supported by
More informationThales ncipher modules. Version: 1.2. Date: 22 December 2009. Copyright 2009 ncipher Corporation Ltd. All rights reserved.
ncipher modules Integration Guide for IBM Tivoli Access Manager for e-business 6.1 Windows Server 2003 32-bit and 64-bit Windows Server 2008 32-bit and 64-bit Version: 1.2 Date: 22 December 2009 Copyright
More informationCluster, Grid, Cloud Concepts
Cluster, Grid, Cloud Concepts Kalaiselvan.K Contents Section 1: Cluster Section 2: Grid Section 3: Cloud Cluster An Overview Need for a Cluster Cluster categorizations A computer cluster is a group of
More informationmanaging SSO with shared credentials
managing SSO with shared credentials Introduction to Single Sign On (SSO) All organizations, small and big alike, today have a bunch of applications that must be accessed by different employees throughout
More informationJumpCloud is your Directory-as-a-Service. A fully managed directory to rule your infrastructure whether on-premise or in the cloud.
JumpCloud is your Directory-as-a-Service A fully managed directory to rule your infrastructure whether on-premise or in the cloud. Authenticate Ensure your users are who they say they are. JumpCloud authenticates
More informationInteroperable Provisioning in a Distributed World
Interoperable Provisioning in a Distributed World Mark Diodati, Burton Group Ramesh Nagappan, Sun Microsystems Sampo Kellomaki, SymLabs 02/08/07 IAM 302 Contacts Mark Diodati (mdiodati@burtongroup.com)
More informationMIGRATING DESKTOP AND ROAMING ACCESS. Migrating Desktop and Roaming Access Whitepaper
Migrating Desktop and Roaming Access Whitepaper Poznan Supercomputing and Networking Center Noskowskiego 12/14 61-704 Poznan, POLAND 2004, April white-paper-md-ras.doc 1/11 1 Product overview In this whitepaper
More informationFederated Identity for Cloud Computing and Cross-organization Collaboration
Federated Identity for Cloud Computing and Cross-organization Collaboration Steve Moitozo Strategy and Architecture SIL International 20110616.2 (ICCM) Follow me @SteveMoitozo2 2 Huge Claims You want federated
More informationThree Case Studies in Access Management
Three Case Studies in Access Management IAM Online June 10, 2015-2 pm EDT Andy Morgan, Oregon State University Mandeep Saini, GÉANT Albert Wu, UCLA Moderator: Tom Barton, University of Chicago Fit for
More informationPASS4TEST 専 門 IT 認 証 試 験 問 題 集 提 供 者
PASS4TEST 専 門 IT 認 証 試 験 問 題 集 提 供 者 http://www.pass4test.jp 1 年 で 無 料 進 級 することに 提 供 する Exam : 000-003 Title : Fundamentals of Applying Tivoli Security and Compliance Management Solutions V2 Vendors :
More informationTRUST AND IDENTITY EXCHANGE TALK
TRUST AND IDENTITY EXCHANGE TALK Ken Klingenstein, Internet2 2015 Internet2 Trust and Identity Why It Matters An Identity Layer for the Internet Benefits for the Rest of the Stack What It Is Technologies
More informationThe GENIUS Grid Portal
The GENIUS Grid Portal (*) work in collaboration with A. Falzone and A. Rodolico EGEE NA4 Workshop, Paris, 18.12.2003 CHEP 2000, 10.02.2000 Outline Introduction Grid portal architecture and requirements
More informationSoftware Requirement Specification Web Services Security
Software Requirement Specification Web Services Security Federation Manager 7.5 Version 0.3 (Draft) Please send comments to: dev@opensso.dev.java.net This document is subject to the following license:
More informationPROGRESS Portal Access Whitepaper
PROGRESS Portal Access Whitepaper Maciej Bogdanski, Michał Kosiedowski, Cezary Mazurek, Marzena Rabiega, Malgorzata Wolniewicz Poznan Supercomputing and Networking Center April 15, 2004 1 Introduction
More informationIMPLEMENTING SINGLE SIGN- ON USING SAML 2.0 ON JUNIPER NETWORKS MAG SERIES JUNOS PULSE GATEWAYS
APPLICATION NOTE IMPLEMENTING SINGLE SIGN- ON USING SAML 2.0 ON JUNIPER NETWORKS MAG SERIES JUNOS PULSE GATEWAYS SAML 2.0 combines encryption and digital signature verification across resources for a more
More information