Gateway Node Security Block Diagram ESG Gateway Node Confluence Server OpenID Filter Authz Service Callout Authorization Service (SSL) F-TDS OpenID Filter.

Slides:



Advertisements
Similar presentations
James Gallagher OPeNDAP 1/10/14
Advertisements

1 CGICGI Common Gateway Interface Server-side Programming Lecture.
Authz work in GGF David Chadwick
CGIWrap CGIWrap is a gateway program that allows general users to use CGI scripts and HTML forms without compromising the security of the http server.
Firewalls Presented By Hareesh Pattipati. Outline Introduction Firewall Environments Type of Firewalls Future of Firewalls Conclusion.
Authorization architecture sketches draft-selander-core-access-control-02 draft-gerdes-core-dcaf-authorize-02 draft-seitz-ace-design-considerations-00.
OPeNDAP Hyrax Back-End Server (BES) Authentication and Authorization Patrick West
A Super-Regional Modeling Testbed for Improving Forecasts of Environmental Processes for the U.S. Atlantic and Gulf of Mexico Coasts Cyberinfrastructure.
Cloud based storage. Cloud Storage Storage accessed by a web service API It is a block storage, it exposes its storage to clients as Raw storage that.
1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.
Bringing it All Together: NODC’s Geoportal Server as an Integration Tool for Interoperable Data Services Kenneth S. Casey, Ph.D. YuanJie Li NOAA National.
November 13, 2008 Ohio Information Security Forum Attack Surface of Web Applications James Walden Northern Kentucky University
CORE 2: Information systems and Databases CENTRALISED AND DISTRIBUTED DATABASES.
Weathertop Consulting, LLC Wednesday, January 14, 2009 IIPS 11A.2 1 A General Purpose System for Server-side Analysis of Earth Science Data Roland Schweitzer.
International Telecommunication Union Geneva, 9(pm)-10 February 2009 ITU-T Security Standardization on Mobile Web Services Lee, Jae Seung Special Fellow,
WWW Forms and Search. Forms URL - always fetch a particular page What if the information we want varies from time to time and from user to user?
1 AJAX and Dapper: The Good, the Bad, and the Ugly Joe Sirott PMEL/NOAA.
AR5 Data and Product Access Architecture Concepts for Discussion Steve Hankin (NOAA/PMEL) (Not including metadata architecture or security)
OWASP Top 10 from a developer’s perspective John Wilander, OWASP/Omegapoint, IBWAS’10.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
A Flexible Component based Access Control Architecture for OPeNDAP Services Philip Kershaw STFC Rutherford Appleton Laboratory.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
ClearTunnel Close the SSL Hole! Copyright ©2008 Collective Software, LLC.
Leveraging Globus Services to Support Climate Model Data Access Through the Earth System Grid Federation (ESGF) Brian Knosp 1, Luca Cinquini 1, Lukasz.
The Intranet.
J. Access Control to Video Resources TF-VVC.
A Data Access Framework for ESMF Model Outputs Roland Schweitzer Steve Hankin Jonathan Callahan Kevin O’Brien Ansley Manke.
Accessing Evitech network via FTP by Susan Jansson.
Deconstructing API Security
Web2.0 Secure Development Practice Bruce Xia
 Previous lessons have focused on client-side scripts  Programs embedded in the page’s HTML code  Can also execute scripts on the server  Server-side.
1 Earth System Grid Center for Enabling Technologies ESG-CET Security January 7, 2016 Frank Siebenlist Rachana Ananthakrishnan Neill Miller ESG-CET All-Hands.
1 Use of SRM File Streaming by Gateway Alex Sim Arie Shoshani May 2008.
Securing Angular Apps Brian Noyes
Windows 7 WampServer 2.1 MySQL PHP 5.3 Script Apache Server User Record or Select Media Upload to Internet Return URL Forward URL Create.
Product-Generation in ESG: some explorations of the user experience and discussion of implications for the design of ESG Steve Hankin & Roland Schweitzer.
1 Gateways. 2 The Role of Gateways  Generally associated with primary sites in ESG-CET  Provides a community-facing web presence  Can be branded as.
April 2008ESG All-Hands meeting ESG Product Services Overview of components Issues in need of discussion Steve Hankin, NOAA/PMEL Roland Schweitzer, Weathertop.
Weathertop Consulting, LLC Server-side OPeNDAP Analysis – Concrete steps toward a generalized framework via a reference implementation using F-TDS Roland.
ESG-CET Meeting, Boulder, CO, April 2008 Gateway Implementation 4/30/2008.
Grid Security and Identity Management Mine Altunay Security Officer, Open Science Grid, Fermilab.
AJAX and REST. Slide 2 What is AJAX? It’s an acronym for Asynchronous JavaScript and XML Although requests need not be asynchronous It’s not really a.
Astaro Security Gateway V7.5 Screenshots. Astaro Overview – Page 2 © Astaro 2009 Dashboard.
Display Page (HTML/CSS)
Climate-SDM (1) Climate analysis use case –Described by: Marcia Branstetter Use case description –Data obtained from ESG –Using a sequence steps in analysis,
1 Earth System Grid Center for Enabling Technologies OPeNDAP Services for ESG March 9, 2016 Peter Fox, Patrick West, Stephan Zednik RPI Performance Measures.
Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.
GO-ESSP The Earth System Grid The Challenges of Building Web Client Geo-Spatial Applications Eric Nienhouse NCAR.
Web Application with AJAX CS 526 advanced interned and Web system Presenters Faris Kateb Mohammed AbdulAziz Omar Alzahrani.
FLNP I.A. Morkovnikov A.S. Kirilov Websonix Modernization.
TSDS (HPDE DAP). Objectives (1) develop a standard API for time series-like data, (2) develop a software package, TSDS (Time Series Data Server), that.
Presented By Hareesh Pattipati.  Introduction  Firewall Environments  Type of Firewalls  Future of Firewalls  Conclusion.
Plot Diagram.
The Intranet.
CAS and Web Single Sign-on at UConn
AJAX and REST.
4166 Review.
ICAP at Network Edge Caches
CS 142 Lecture Notes: Network Security
CS 142 Lecture Notes: Network Security
WEB API.
Web Browser server client 3-Tier Architecture Apache web server PHP
Asynchronous Javascript And XML
CS 142 Lecture Notes: Network Security
ICAP at Network Edge Caches
Environment Variables
PHP Forms and Databases.
Client-Server Model: Requesting a Web Page
D Guidance 26-Jun: Would like to see a refresh of this title slide
Decrypted Encrypted Web Server Client-side Secure Tunnel
Presentation transcript:

Gateway Node Security Block Diagram ESG Gateway Node Confluence Server OpenID Filter Authz Service Callout Authorization Service (SSL) F-TDS OpenID Filter SSL AuthN Authz Service Callout Local AuthZ LAS OpenID Filter SSL AuthN Local AuthZ (Attribute Callout) Attribute Service (SSL)

Data Node Security Block Diagram ESG Data Node F-TDS OpenID Filter SSL AuthN Authz Service Callout Local AuthZ LAS OpenID Filter SSL AuthN Local AuthZ (Attribute Callout)

Request for Top Level Categories Confluence Server ESG Gateway Node Client wants to see all the top level categories available. LAS Data Node 1 F-TDS LAS Data Node 2 F-TDS LASF-TDS Product Requests Ajax Requests Client fires an Ajax request to the confluence server. (OpenID) Confluence server collects category information from all LASes in the system. (SSL) Confluence server returns combined results as one big JSON object. (SSL)

Request for the Grid of a Variable Confluence Server ESG Gateway Node Client needs the grid of a particular variable. LAS Data Node 1 F-TDS LAS Data Node 2 F-TDS LASF-TDS Product Requests Ajax Requests Client fires an Ajax request to the confluence server. (OpenID) Confluence server requests the info from the remote LAS. This avoids cross-site scripting problems. (SSL) Confluence server returns the requested grid JSON object. (SSL)

Request a product from a remote LAS: Confluence Server ESG Gateway Node User wants to see plot of one data variable. LAS Data Node 1 F-TDS LAS Data Node 2 F-TDS LAS F-TDS Product Requests Ajax Requests Client fires an LAS Product Request to the confluence server (OpenID). The confluence server returns the product to the client. (SSL) Confluence Server directs the product request to the LAS server that holds the data. (SSL) The remote LAS produces the product (including any analysis via F- TDS) and returns it to the confluence server. (SSL AuthN, Data http)

Difference of two varaibles, two data nodes: Confluence Server ESG Gateway Node Use wants to compare two variables from different data nodes. LAS Data Node 1 F-TDS LAS Data Node 2 F-TDS LAS F-TDS Product Requests OPeNDAP Requests Client fires an LAS Product Request to the confluence server. (OpenID) Confluence Server forwards the product request to local LAS. (SSL) Gateway LAS gets F-TDS URLs from remote LASes (SSL). URL resolution Gateway LAS gets data (including regridding) from remote F-TDSes. (SSL for AuthN, data on http) Gateway LAS makes product and returns it to the client. (SSL. Product access required OpenID)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.