Grid accounting system

Slides:



Advertisements
Similar presentations
GridWorld 2006 Use of MyProxy for the FusionGrid Mary Thompson Monte Goode GridWorld 2006.
Advertisements

MyProxy Jim Basney Senior Research Scientist NCSA
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Policy Based Dynamic Negotiation for Grid Services Authorization Infolunch, L3S Research Center Hannover, 29 th Jun Ionut Constandache Daniel Olmedilla.
Contrail and Federated Identity Management
Role Based VO Authorization Services Ian Fisk Gabriele Carcassi July 20, 2005.
The VOMS Attribute Authority and its relation with Shibboleth Presenter: Vincenzo Ciaschini 8 th TF-EMC2 Meeting Firenze, March 2007.
Riccardo Bruno, INFN.CT Sevilla, 10-14/09/2007 GENIUS Exercises.
Haga clic para cambiar el estilo de título Haga clic para modificar el estilo de subtítulo del patrón DIRAC Framework A.Casajus and R.Graciani (Universitat.
WSO2 Identity Server Road Map
National Center for Supercomputing Applications Integrating MyProxy with Site Authentication Jim Basney Senior Research Scientist National Center for Supercomputing.
EDINA 20 th March 2008 EDINA Geo/Grid - Security Prof. Richard O. Sinnott Technical Director, National e-Science Centre University of Glasgow, Scotland.
WebFTS as a first WLCG/HEP FIM pilot
Esri UC2013. Technical Workshop. Technical Workshop 2013 Esri International User Conference July 8–12, 2013 | San Diego, California Building Secure Applications.
Catania Science Gateway Framework Motivations, architecture, features Catania, 09/06/2014Riccardo Rotondo
SAML-based Delegation in Shibboleth Scott Cantor Internet2/The Ohio State University.
Federated A(A(A))I Jens Jensen hepsysman, RAL,
Riccardo Bruno INFN.CT Sevilla, Sep 2007 The GENIUS Grid portal.
The EPIKH Project (Exchange Programme to advance e-Infrastructure Know-How) Grid Engine Riccardo Rotondo
1.The portal sends, under the user approval, user’s attribute retrieved from IDP to CA bridge 2.CA bridge module requests to a CA-online a certificate.
GILDA testbed GILDA Certification Authority GILDA Certification Authority User Support and Training Services in IGI IGI Site Administrators IGI Users IGI.
National Computational Science National Center for Supercomputing Applications National Computational Science NCSA-IPG Collaboration Projects Overview.
ShibGrid: Shibboleth access to the UK National Grid Service University of Oxford and STFC.
Simplify TeleHealth - Copyright 2012 Emerge.MD inc - Confidential Single Sign On via Active Directory Federation Services 4.6 Release (March 2014) Updates.
WNoDeS – Worker Nodes on Demand Service on EMI2 WNoDeS – Worker Nodes on Demand Service on EMI2 Local batch jobs can be run on both real and virtual execution.
AAI WG EMI Christoph Witzig on behalf of EMI AAI WG.
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks VOMS Vincenzo Ciaschini EGEE/OSG Workshop.
WebFTS File Transfer Web Interface for FTS3 Andrea Manzi On behalf of the FTS team Workshop on Cloud Services for File Synchronisation and Sharing.
VO management: Progress since Chicago Workshop Vincenzo Ciaschini 23/5/2002 CNAF – Bologna.
Glite. Architecture Applications have access both to Higher-level Grid Services and to Foundation Grid Middleware Higher-Level Grid Services are supposed.
Authentication and Authorisation for Research and Collaboration Peter Solagna Milano, AARC General meeting Current status and plans.
Shibboleth & Grid Integration STFC and University of Oxford (and University of Manchester)
1 AHM, 2–4 Sept 2003 e-Science Centre GRID Authorization Framework for CCLRC Data Portal Ananta Manandhar.
EGI-InSPIRE RI EGI-InSPIRE RI User Support in IGI: Related Tools and Services in Italy EGI Technical Forum
EMI is partially funded by the European Commission under Grant Agreement RI Federated Grid Access Using EMI STS Henri Mikkonen Helsinki Institute.
Tutorial on Science Gateways, Roma, Riccardo Rotondo Introduction on Science Gateway Understanding access and functionalities.
European Grid Initiative AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Enabling Grids for E-sciencE gLite security pratical tutorial Dario Russo INFN Catania Catania,
Kipper – a Grid bridge to Identity Federation Andrey Kiryanov.
INFN/IGI contributions Federated Clouds Task Force F2F meeting November 24, 2011, Amsterdam.
CERN IT Department CH-1211 Geneva 23 Switzerland t OIS Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland.
Antonio Fuentes RedIRIS Barcelona, 15 Abril 2008 The GENIUS Grid portal.
A. Costa, P. Massimino, C. Vuerli, U. Becciani INAF CTA Gateway Prototype Based on gUSE/WS-PGRADE and Single-Sign-On (SSO)
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI solution for high throughput data analysis Peter Solagna EGI.eu Operations.
Access Policy - Federation March 23, 2016
Using Your Own Authentication System with ArcGIS Online
WLCG Update Hannah Short, CERN Computer Security.
Authentication, Authorisation and Security
Grid Security.
Identity Federations - Overview
EMI Interoperability Activities
Tweaking the Certificate Lifecycle for the UK eScience CA
Grid Security Jinny Chien Academia Sinica Grid Computing.
Q&A about Science Gateways
Viet Tran Institute of Informatics Slovakia
Update on EDG Security (VOMS)
Cloud Connect Seamlessly
ESA Single Sign On (SSO) and Federated Identity Management
The New Virtual Organization Membership Service (VOMS)
Grid Security M. Jouvin / C. Loomis (LAL-Orsay)
Elisa Ingrà – Consortium GARR
DARIAH Competence Centre: architecture and activity summary
SharePoint Online Authentication Patterns
Community AAI with Check-In
Grid Engine Riccardo Rotondo
Use of MyProxy for the FusionGrid
Grid Engine Diego Scardaci (INFN – Catania)
a middleware implementation
Building Security into Your System
Check-in Identity and Access Management solution that makes it easy to secure access to services and resources.
Presentation transcript:

Grid accounting system EGI-InSPIRE A portal for an easy access to the IGI grid infrastructure Goals Grid job submission via web. Provisioning of a Cloud environment via web . Making easier the request and management of X.509 certificates and the request for a VO membership. Minimizing the job failure rate Features Implementations Federated identity system for user authentication Interaction with ON-line CA to transparently request X.509 certificates on behalf of the user Personal certificates upload for users who already have one Possibility to select a VO membership or request new VO membership on behalf of user Community related portal views and JDL customization for job submission Implementation of workflow submission Web portal based on Liferay framework Services implemented by ad hoc portlets (JSR 168 – 286) Secure communications with external services using shibboleth and encrypted protocols SAML delegation mechanism for X.509 certificate request Integration with existing monitoring and accounting system EGI-InSPIRE RI-261323 FEDERATION WAYF VOMS Web Portal Cloud Bridge voms-proxy-init Authentication Cloud 4 My-proxy server myproxy-init Job Submission First access 2 GRID Data Management 1 Configurations 3 Accounting Grid accounting system CA online bridge CA online MICS Marco Bencivenni, Paolo Veronesi, Andrea Ceccanti, Giuseppe Misurelli, Francesco Giacomini, Marco Cecchi, Vincenzo Ciaschini, Daniele Andreotti, Davide Salomoni (INFN CNAF) Luciano Gaido, Riccardo Brunetti (INFN Torino) - Diego Michelotto (INFN Ferrara - INFN CNAF) 1 - First Access 2 - Authentication 3 - Configurations 4 - Grid / Cloud Access The portal receive a delegation token CA bridge module requests to a CA-online a certificate on behalf of the user The user digit a passphrase for private key encryption The certificate is used to store a long-term proxy on a my-proxy server (the private key encrypted will be stored on my proxy server and the passphrase will be not saved) The portal redirects user to the his IdP login page. Once the proper IDP has authenticated the user he will be automatically logged into the portal The portal will ask him the passphrase in order to retrieve the proxy from myproxy server. At the same time contact the VOMS server in order to sign the proxy with VO extension. The user once registred can set his options Upload a new certificate (one is a default) Add new VO memberships (one is a default) Request for a new VO membership For each VO specify the FQAN At the moment for job submission and data management the portal uses WS-Pgrade (SZTAKI) Other solution under investigation is JSAGA (IN2P3) For cloud resources provisioning the portal is interfaced with WNoDeS (INFN-CNAF) The accounting portlet provides information for both environments  Contact: igi-noc@lists.infn.it

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.