EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Data Management Interface: CDMI for CMF Ilja Livenson PDC KTH.

Slides:



Advertisements
Similar presentations
Contrail and Federated Identity Management
Advertisements

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI GGUS user authentication Tiziana Ferrari/EGI.eu Peter Solagna/EGI.eu
27. to 28. March 2007 | Geneva, Switzerland. Fabrice Romelard ilem SA Level 200.
OmStore Cloud API Harshit Agarwal Sohil Habib. About Us ●We are graduate students at CMU ●Currently at CMU Silicon Valley campus ●Working part time with.
Alcatel Identity Server Alcatel SEL AG. Alcatel Identity Server — 2 All rights reserved © 2004, Alcatel What is an Identity Provider?  
Securing Squid (Proxy) Using Digest Authentication.
FIM-related activities and issues being discussed in Japan 1.GEO Grid Yoshio Tanaka (AIST) 2.HPCI, GakuNin Eisaku Sakane, Kento Aida (NII)
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Pakiti.
The Data Bridge Laurence Field IT/SDC 6 March 2015.
European Grid Initiative Federated Cloud update Peter solagna Pre-GDB Workshop 10/11/
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Federated Cloud F2F Security Issues in the cloud Introduction Linda Cornwall,
EXperimental Infrastructures for the Future Internet Training Session “Service Integration” Álvaro Alonso Joaquín Salvachúa UPM-DIT.
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Security Token Service Valéry Tschopp - SWITCH.
SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.
COWS CEDA OGC Web Services Framework Stephen Pascoe.
CD Collection Hector Urtubia Fall Summary Motivation and Objective Technologies Used Project Design Database Design and Integration Demo.
Authorisation Jens Jensen, Phil Kershaw (STFC) et al. contrail is co-funded by the EC 7th Framework Programme under Grant Agreement nr contrail-project.eu.
WebFTS File Transfer Web Interface for FTS3 Andrea Manzi On behalf of the FTS team Workshop on Cloud Services for File Synchronisation and Sharing.
Mirek Sztajno SQL Server Security PM
Web Technologies Lecture 6 State preservation. Motivation How to keep user data while navigating on a website? – Authenticate only once – Store wish list.
EGI-InSPIRE RI EGI-InSPIRE RI A new “lightweight” Crypto Library for supporting an Advanced Grid Authentication Process.
EGI-InSPIRE RI EGI-InSPIRE RI User Support in IGI: Related Tools and Services in Italy EGI Technical Forum
European Grid Initiative Data Services and Solutions Part 2: Data in the cloud Enol Fernández Data Services.
Bringing cloud technology to distributed data infrastructures EGI CF 2013 Martin Hellmich (presenter) Jedrzej Rybicki Maciej Brzeźniak Date :
StratusLab is co-funded by the European Community’s Seventh Framework Programme (Capacities) Grant Agreement INFSO-RI StratusLab Collaborations.
EMI is partially funded by the European Commission under Grant Agreement RI Federated Grid Access Using EMI STS Henri Mikkonen Helsinki Institute.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI VM Management Chair: Alexander Papaspyrou 2/25/
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.
Storing digital assets on Grid/EGI FedCloud with gLibrary Giuseppe La Rocca, INFN DARIAH ERIC.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Accounting Requirements Stuart Pullinger STFC 09/04/2013 EGI CF – Accounting.
EGI Technical Forum Madrid COMPSs in the EGI Federated Cloud Daniele Lezzi – BSC EGI Technical Forum Madrid.
EGI-InSPIRE RI EGI Webinar EGI-InSPIRE RI Porting your application to the EGI Federated Cloud 17 Feb
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI FedCloud Task Force State of the art and Future Plans EGI Technical.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Improved X.509 Management Using PKCS11 Daniel Kouřil, Michal Procházka CESNET.
EMI is partially funded by the European Commission under Grant Agreement RI Security Token Service (STS) Simplified Credential Management Henri.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI UMD Roadmap Steven Newhouse 14/09/2010.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI OpenSource GeoSpatial Catalogue Platform-as-a-Service Salvatore Pinto Cloud.
Technical Security Issues in Cloud Computing By: Meiko Jensen, Jorg Schwenk, Nils Gruschka, Luigi Lo Lacono Presentation by: Winston Tong 2009 IEEE.
Storing digital assets on Grid/EGI FedCloud with gLibrary Giuseppe La Rocca, INFN DARIAH ERIC.
Virtual multidisciplinary EnviroNments USing Cloud infrastructures Data Management at VENUS-C Ilja Livenson KTH
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Enabling SSO capabilities in the EGI Cloud services Peter Solagna – EGI.eu.
INDIGO DATACLOUD MEETING AMSTERDAM 4-5 th APRIL 2016 Lukasz Dutka RIA INDIGO-DataCloud is co-founded by the Horizon 2020Framework Programme AMSTERDAM.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI /09/14 1 Appliance lifecycle services Marios Chatziangelou, et al.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Services for Distributed e-Infrastructure Access Tiziana Ferrari on behalf.
The eCSG Mobile App Mario Torrisi INFN – Division of Catania 24 June 2013 Webinar on the eCSG 1.
EGI-InSPIRE RI Pakiti Michal Prochazka, (Daniel Kouril)
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI A pan-European Research Infrastructure supporting the digital European Research.
Web and mobile access to digital repositories Mario Torrisi National Institute of Nuclear Physics – Division of
The LGI Pilot job portal EGI Technical Forum 20 September 2011 Jan Just Keijser Willem van Engen Mark Somers.
1 EGI Federated Cloud Architecture Matteo Turilli Senior Research Associate, OeRC, University of Oxford Chair – EGI Federated Clouds Task Force
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Globus Integration Task Force Meeting Gert Svensson, PDC, KTH 10/2/2016 Lyon,
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI solution for high throughput data analysis Peter Solagna EGI.eu Operations.
PaaS services for Computing and Storage
Onedata Eventually Consistent Virtual Filesystem for Multi-Cloud Infrastructures Michał Orzechowski (CYFRONET AGH)
Operations Management Board 19th Dec. 2013
SFS-HTTP: Securing the Web with Self-Certifying URLs
Giuseppe LA ROCCA INFN - Catania, Italy
Federation made simple
StratusLab Roadmap C. Loomis (CNRS/LAL) EGI TCB (Amsterdam)
FedCloud Blueprint Update
EMI Interoperability Activities
Study course: “Computing clusters, grids and clouds” Andrey Y. Shevel
Introduction How to combine and use services in different security domains? How to take into account privacy aspects? How to enable single sign on (SSO)
GDP and SOTA Arthur Taylor May 10th, 2017 | Status and Next Steps
Dynamic DNS support for EGI Federated cloud
Public Key Infrastructure from the Most Trusted Name in e-Security
a middleware implementation
Check-in Identity and Access Management solution that makes it easy to secure access to services and resources.
Open Infrastructure: Integrating OpenStack and Kubernetes
LifeWatch AARC Pilot Fernando Aguilar 13th FIM4R Workshop
Presentation transcript:

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Data Management Interface: CDMI for CMF Ilja Livenson PDC KTH

EGI-InSPIRE RI Background & motivation Based on the CDMI-Proxy server developed in FP7 VENUS-C Developing ‘v2’ as part of the EGI mini- project “From scratch” New name – Stoxy (STOrage proXY) Target use case – AWS S3-like storage

EGI-InSPIRE RI Technology Python + Twisted + ZODB + ZCA Buildout packaging Installs with a script Multiplatform 3

EGI-InSPIRE RI Stoxy architecture OMS management framework Stoxy plugin SSH endpoint CDMI endpoint Zope DB (VOMS- enabled) OpenStack Keystone 1. Get CMS token 2. Add it as a HTTP header

EGI-InSPIRE RI Data vs Metadata Sizes are not clear any more But use cases are still there Stoxy’s target is on a smarter server-side processing E.g. filtering or post-processing of the data based, metadata enrichment Depends on the scenarios 5

EGI-InSPIRE RI CDMI Security Different credentials are used for those cases (in the setting of the academic infrastructure) Username/passwords CMS token-based (OpenStack Keystone) CDMI unfortunately is not Keystone token compliant (yet) Abusing standard to get it working

EGI-InSPIRE RI Stoxy authentication HTTP Basic/Digest X509 client certificate based Via Apache HTTPD Keystone authentication Only CMS (crypto) tokens Token = signed blob of information from Keystone

EGI-InSPIRE RI Keystone token example 8 { "access": { "metadata": {....metadata goes here.... }, "serviceCatalog": [....endpoints goes here.... ], "token": { "expires": " T08:52:53Z", "id": "placeholder", "issued_at": " T18:59: ", "tenant": { "description": null, "enabled": true, "id": "925c23eafe1b e08a4c4143f08", "name": "user" } }, "user": {....userdata goes here.... } Generated token

EGI-InSPIRE RI Explorative browsing with SSH Stoxy-specific functionality Comes with OMS framework Not CDMI interface Use putty for operating on the Stoxy objects/containers Useful for debugging/browsing

EGI-InSPIRE RI Supported CDMI feature set Blob CRUD JSON-encoded Streaming Container CRUD ACL – planned to be full At the moment requires admin privileges

EGI-InSPIRE RI Plans Finding scenarios We are happy to provide extensive help with integration Finishing documentation/example cases Integration into Fedcloud’s infrastructure Requires enabling of the PKI tokens in Keystone installations Implementation of the lightweight browser on top

EGI-InSPIRE RI Summary Open Source CDMI server (Apache2 license) Includes python client sdk/cli Accent on metadata manipulation Currently in active development, first production release is planned in Dec 2014 Feedback/contributions are very welcome!

EGI-InSPIRE RI And many thanks to EGI Federated Cloud TF group Andrei Sosnin, OpenNode PDC KTH 13 Thank you for listening!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.