National Computational Science National Center for Supercomputing Applications National Computational Science MyProxy: An Online Credential Repository.

Slides:



Advertisements
Similar presentations
The Development of a Grid Resource Broker Team Member: Serena Pan, Max Yu, Eric Huang Project Leader: Weicheng Huang, NCHC.
Advertisements

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks MyProxy and EGEE Ludek Matyska and Daniel.
National Center for Supercomputing Applications MyProxy and NVO or Web SSO for Grid Portals GlobusWorld 2006 Washington, DC, USA September 12, 2006 Mike.
MyProxy Jim Basney Senior Research Scientist NCSA
MyProxy Guy Warner NeSC Training.
MyProxy: A Multi-Purpose Grid Authentication Service
High Performance Computing Course Notes Grid Computing.
Reusable Components for Grid Computing Portals Marlon Pierce Community Grids Lab Indiana University.
Jim Basney GSI Credential Management with MyProxy GGF8 Production Grid Management RG Workshop June.
Military Technical Academy Bucharest, 2006 GRID SECURITY INFRASTRUCTURE (GSI) - Globus Toolkit - ADINA RIPOSAN Department of Applied Informatics.
Grid Security. Typical Grid Scenario Users Resources.
The Community Authorisation Service – CAS Dr Steven Newhouse Technical Director London e-Science Centre Department of Computing, Imperial College London.
The EPIKH Project (Exchange Programme to advance e-Infrastructure Know-How) gLite Grid Services Abderrahman El Kharrim
National Center for Supercomputing Applications Integrating MyProxy with Site Authentication Jim Basney Senior Research Scientist National Center for Supercomputing.
National Center for Supercomputing Applications MyProxy and GSISSH Update Von Welch National Center for Supercomputing Applications University of Illinois.
National Center for Supercomputing Applications PKI and CKM ® Scaling Study NCASSR Kick-off Meeting June 11-12, 2003 Jim Basney
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign This material is based upon work supported by the National Science.
The Cactus Portal A Case Study in Grid Portal Development Michael Paul Russell Dept of Computer Science The University of Chicago
1-2.1 Grid computing infrastructure software Brief introduction to Globus © 2010 B. Wilkinson/Clayton Ferner. Spring 2010 Grid computing course. Modification.
Mechanisms to Secure x.509 Grid Certificates Andrew Hanushevsky Robert Cowles Stanford Linear Accelerator Center.
Single Sign-On for Java Web Start Applications Using MyProxy Terry Fleury, Jim Basney, and Von Welch November 3, 2006.
Globus Computing Infrustructure Software Globus Toolkit 11-2.
MyProxy NMI Integration Jim Basney, NCSA Marty Humphrey, University of Virginia
TeraGrid ’06 National Center for Supercomputing Applications Managing Credentials on the TeraGrid with MyProxy Jim Basney.
National Computational Science National Center for Supercomputing Applications National Computational Science Alliance Setup Package Requirements Jim Basney.
Riccardo Bruno INFN.CT Sevilla, Sep 2007 The GENIUS Grid portal.
HPC club presentation A proposal for a campus-wide research grid Barry Wilkinson Department of Computer Science UNC-Charlotte Dec. 2, 2005.
High Performance Louisiana State University - LONI HPC Enablement Workshop – LaTech University,
TeraGrid Science Gateways: Scaling TeraGrid Access Aaron Shelmire¹, Jim Basney², Jim Marsteller¹, Von Welch²,
CoG Kit Overview Gregor von Laszewski Keith Jackson.
Grid Computing, B. Wilkinson, b.1 National Science Foundation Middleware Initiative (NMI) Started in 2001 initially over 3 years “to create and deploy.
GridFE: Web-accessible Grid System Front End Jared Yanovich, PSC Robert Budden, PSC.
Simplify and Strengthen Security with Oracle Application Server Allan L Haensgen Senior Principal Instructor Oracle Corporation Session id:
Managing Credentials with MyProxy Jim Basney National Center for Supercomputing Applications University of Illinois
National Computational Science National Center for Supercomputing Applications National Computational Science NCSA-IPG Collaboration Projects Overview.
Military Technical Academy Bucharest, 2004 GETTING ACCESS TO THE GRID Authentication, Authorization and Delegation ADINA RIPOSAN Applied Information Technology.
Using the MyProxy Online Credential Repository Jim Basney National Center for Supercomputing Applications University of Illinois
Tutorial: Building Science Gateways TeraGrid 08 Tom Scavo, Jim Basney, Terry Fleury, Von Welch National Center for Supercomputing.
Grid Architecture William E. Johnston Lawrence Berkeley National Lab and NASA Ames Research Center (These slides are available at grid.lbl.gov/~wej/Grids)
1 Grid Portal for VN-Grid Cu Nguyen Phuong Ha. 2 Outline Some words about portals in principle Overview of OGCE GridPortlets.
June 24-25, 2008 Regional Grid Training, University of Belgrade, Serbia Introduction to gLite gLite Basic Services Antun Balaž SCL, Institute of Physics.
An OGSI CredentialManager Service Jim Basney, Shiva Shankar Chetan, Feng Qin, Sumin Song, Xiao Tu National Center for Supercomputing Applications, University.
Institute For Digital Research and Education Implementation of the UCLA Grid Using the Globus Toolkit Grid Center’s 2005 Community Workshop University.
National Computational Science National Center for Supercomputing Applications National Computational Science Credential Management in the Grid Security.
NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.
Part 9: MyProxy Pragmatics This presentation and lab ends the GRIDS Center agenda Q: When do we convene again tomorrow?
VO. VOMS 1. Authentication2. Credentials 3. Authentication Client Resource.
EGEE-II INFSO-RI Enabling Grids for E-sciencE The GILDA training infrastructure.
The MyProxy Online Credential Repository Jim Basney NCSA
National Computational Science National Center for Supercomputing Applications National Computational Science GSI Online Credential Retrieval Requirements.
Grid, Web services and Taverna Machiel Jansen Richard Holland.
Leveraging the InCommon Federation to access the NSF TeraGrid Jim Basney Senior Research Scientist National Center for Supercomputing Applications University.
Glite. Architecture Applications have access both to Higher-level Grid Services and to Foundation Grid Middleware Higher-Level Grid Services are supposed.
Shibboleth & Grid Integration STFC and University of Oxford (and University of Manchester)
National Computational Science National Center for Supercomputing Applications National Computational Science Integration of the MyProxy Online Credential.
1 st Generation of Grid portals. 1st Generation Portals The first generation of Grid portals mainly used a three-tier architecture:
EGEE-II INFSO-RI Enabling Grids for E-sciencE MyProxy - a brief introduction.
1 AHM, 2–4 Sept 2003 e-Science Centre GRID Authorization Framework for CCLRC Data Portal Ananta Manandhar.
1 Grid School Module 4: Grid Security. 2 Typical Grid Scenario Users Resources.
Using the MyProxy Online Credential Repository Jim Basney National Center for Supercomputing Applications University of Illinois
The GRIDS Center, part of the NSF Middleware Initiative Grid Security Overview presented by Von Welch National Center for Supercomputing.
EGI-InSPIRE RI Grid Training for Power Users EGI-InSPIRE N G I A E G I S Grid Training for Power Users Institute of Physics Belgrade.
The NGS Portal Guy Warner NeSC Training.
Antonio Fuentes RedIRIS Barcelona, 15 Abril 2008 The GENIUS Grid portal.
Grid Security.
1st Generation of Grid portals
Viet Tran Institute of Informatics Slovakia
An Introduction to Cloud Computing
TeraGrid Identity Federation Testbed Update I2MM April 25, 2007
Presentation transcript:

National Computational Science National Center for Supercomputing Applications National Computational Science MyProxy: An Online Credential Repository for the Grid Jim Basney

National Computational Science National Center for Supercomputing ApplicationsNational Computational Science Grid Portals Allow users to access Grid services using standard web browsers Need credentials to act on user’s behalf –Standard web browsers don’t support credential delegation –The user’s credentials may not be available on the web browser machine –Install credentials on each portal in advance? –Each portal must be trusted to manage credentials securely

National Computational Science National Center for Supercomputing ApplicationsNational Computational Science MyProxy Secured MyProxy server manages user’s credentials –Allows secure access to credentials from anywhere on the Grid –Delegates credentials to resources (like web portals) that don’t already support delegation –Limits credential exposure with short-lived proxy credentials

National Computational Science National Center for Supercomputing ApplicationsNational Computational Science MyProxy Architecture User delegates credential to MyProxy server using MyProxy client program User chooses username and pass phrase for credential to protect against unauthorized retrieval User specifies lifetime of credential on MyProxy server and lifetime of credentials delegated to Grid Portals MyProxy Server Grid Portal Grid User

National Computational Science National Center for Supercomputing ApplicationsNational Computational Science MyProxy Architecture User connects to the Web Portal at a later time using a standard web browser from any machine User provides MyProxy username and pass phrase to the Portal MyProxy Server Grid Portal Grid User

National Computational Science National Center for Supercomputing ApplicationsNational Computational Science MyProxy Architecture Web Portal contacts MyProxy server and provides user’s username and pass phrase MyProxy delegates short-term proxy credentials to Web Portal MyProxy Server Grid Portal Grid User

National Computational Science National Center for Supercomputing ApplicationsNational Computational Science MyProxy Architecture Web Portal uses the short-term proxy credential to access Grid resources on the user’s behalf MyProxy Server Grid Portal Grid User

National Computational Science National Center for Supercomputing ApplicationsNational Computational Science MyProxy Implementations C implementation of client and server –ftp://ftp.ncsa.uiuc.edu/aces/myproxy/ Java Community Grid (CoG) toolkit client implementation – Grid Portal Development Kit –

National Computational Science National Center for Supercomputing ApplicationsNational Computational Science MyProxy Deployments NCSA (Alliance User Portal, Gaussian portal, Chemical Engineering) NASA IPG (Launchpad user portal) University of Lecce, Italy (Grid Resource Broker) Poznan Supercomputing Center (Web-based resource broker) NPACI/SDSC (HotPage) UK HPC center

National Computational Science National Center for Supercomputing ApplicationsNational Computational Science Work in Progress Convenient, secure access to credentials from multiple sites –Without copying credential files by hand Unattended proxy credential renewal –Submit job to CondorG with pointer to MyProxy server to use for proxy renewal –CondorG authenticates to MyProxy server using the current user proxy before it expires –MyProxy delegates a new user proxy to CondorG

National Computational Science National Center for Supercomputing ApplicationsNational Computational Science Work in Progress Additional authentication mechanisms –Kerberos (and others?) More control over managed credentials –Restricted delegation –Credential access control –Which identities can download credentials? –What authentication methods are trusted? Multiple credentials per user –Download the credential needed for the current task Standardization –Global Grid Forum and IETF

National Computational Science National Center for Supercomputing ApplicationsNational Computational Science Work in Progress CAS: Community Authorization Service –Allows community members to access community owned/allocated resources –Users authenticate to CAS to obtain a “community credential” valid on a resource –Interface for community administrators to add/remove users, etc.

National Computational Science National Center for Supercomputing ApplicationsNational Computational Science Demo Alliance User Portal –Built with Grid Portal Development Kit – NCSA MyProxy server –myproxy.ncsa.uiuc.edu

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.