David Spence GOSC Graphical Access to the NGS for All Java GSI-SSHTerm.

Slides:

Advertisements

Similar presentations

Single Sign-On with GRID Certificates Ernest Artiaga (CERN – IT) GridPP 7 th Collaboration Meeting July 2003 July 2003.

Advertisements

Jens G Jensen CCLRC e-Science Single Sign-on to the Grid Federated Access and Integrated Identity Management.

Enabling, facilitating and delivering quality training in the UK and Internationally Mike Mineter Training Outreach and Education, NeSC, Edinburgh

MyProxy: A Multi-Purpose Grid Authentication Service

Moonshot for Federated Identity Jens Jensen, STFC Daniel Kouřil, CESNET EGI CF, April 2013.

Password? CLASP Project Update C5 Meeting, 16 June 2000 Denise Heagerty, IT/IS.

Presentation Two: Grid Security Part Two: Grid Security A: Grid Security Infrastructure (GSI) B: PKI and X.509 certificates C: Proxy certificates D:

Two-factor Authentication Tutorial For NCSA Private Sector Program

Password?. Project CLASP: Common Login and Access rights across Services Plan

Password?. Project CLASP: Common Login and Access rights across Services Plan

National Center for Supercomputing Applications Integrating MyProxy with Site Authentication Jim Basney Senior Research Scientist National Center for Supercomputing.

Kerberos and PKI Cooperation Daniel Kouřil, Luděk Matyska, Michal Procházka Masaryk University AFS & Kerberos Best Practices Workshop 2006.

National Center for Supercomputing Applications MyProxy and GSISSH Update Von Welch National Center for Supercomputing Applications University of Illinois.

1c.1 Assignment 2 Preliminaries Review Full details in assignment write-up. ITCS 4146/5146 Grid Computing, 2007, UNC-Charlotte, B. Wilkinson. Jan 24, 2007.

Summer School Certificates Diego Romano & Gilda Team.

Online Security Tuesday April 8, 2003 Maxence Crossley.

Single Sign-On for Java Web Start Applications Using MyProxy Terry Fleury, Jim Basney, and Von Welch November 3, 2006.

SSL Man in the Middle Proxy Srinivas Inguva Dan Boneh Ian Baker Stanford University.

1c.1 Assignment 2 Preliminaries Review (Full details in assignment write-up.)‏ © 2011 B. Wilkinson/Clayton Ferner. Fall 2011 Grid computing course. Modification.

Making Apache Hadoop Secure Devaraj Das Yahoo’s Hadoop Team.

Jens G Jensen CCLRC e-Science Single Sign-on to the Grid Federated Access and Integrated Identity Management.

Integrating HPC and the Grid – the STFC experience Matthew Viljoen, STFC RAL EGEE 08 Istanbul.

National Computational Science National Center for Supercomputing Applications National Computational Science MyProxy: An Online Credential Repository.

CNIT 132 Intermediate HTML and CSS Publish Web Page.

FTP (File Transfer Protocol) & Telnet

Remote OMNeT++ v2.0 Introduction What is Remote OMNeT++? Remote environment for OMNeT++ Remote simulation execution Remote data storage.

KX509: Leveraging Kerberos to Obtain Digital Certificates for Web Client Authentication University of Michigan Kevin Coffman Bill Doster.

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

Chapter 1: The Internet and the WWW CIS 275—Web Application Development for Business I.

© FPT SOFTWARE – TRAINING MATERIAL – Internal use 04e-BM/NS/HDCV/FSOFT v2/3 Securing a Microsoft ASP.NET Web Application.

Windows Security. Security Windows 2000/XP Professional security oriented Authentication Authorization Internet Connection Firewall.

1 Web services and security ---discuss different ways to enforce security Presenter: Han, Xue.

Topaz : A GridFTP extension to Firefox M. Taufer, R. Zamudio, D. Catarino, K. Bhatia, B. Stearn University of Texas at El Paso San Diego Supercomputer.

Secure Shell Mike Griffiths & Deniz Savas CiCS Dept Sheffield University November 2005.

National Computational Science National Center for Supercomputing Applications National Computational Science NCSA-IPG Collaboration Projects Overview.

E-science grid facility for Europe and Latin America E2GRIS1 Raúl Priego Martínez – CETA-CIEMAT (Spain)‏ Itacuruça (Brazil), 2-15 November.

ShibGrid: Shibboleth access to the UK National Grid Service University of Oxford and STFC.

Jens G Jensen CCLRC e-Science Single Sign-on at RAL (and DLS too) Authentication and Integrated Identity Management hepsysman Cambridge, 23 Oct 2006.

Exporting User Certificate from Internet Explorer.

INFSO-RI Enabling Grids for E-sciencE How to join GILDA Riccardo Bruno INFN gLite Tutorial at the First EGEE User Forum CERN,

Association with the Gilda Virtual Organization Certificate,VO membership, and MyProxy Server usage.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Introduction to GILDA and gaining access.

Holding slide prior to starting show. A Portlet Interface for Computational Electromagnetics on the Grid Maria Lin and David Walker Cardiff University.

1 Short Course on Grid Computing Jornadas Chilenas de Computación 2010 INFONOR-CHILE 2010 November 15th - 19th, 2010 Antofagasta, Chile Dr. Barry Wilkinson.

Single Sign-On across Web Services Ernest Artiaga CERN - OpenLab Security Workshop – April 2004.

Jens G Jensen CCLRC e-Science Single Sign-on to the Grid Authentication and Integrated Identity Management HEPiX, CASPUR, Rome 3-7 April 2006.

EGEE-II INFSO-RI Enabling Grids for E-sciencE The GILDA training infrastructure.

General rules 1. Rule: 2. Rule: 3. Rule: 10. Rule: Ask questions ……………………. 11. Rule: I do not know your skill. If I tell you things you know, please stop.

12th September 2007UK e-Science All Hands Meeting1 John Kewley Grid Technology Group e-Science Centre STFC Daresbury Laboratory GROWL.

Creating and running an application.

Implementing and Using the SIRWEB Interface Setup of the CGI script and web procfile Connecting to your database using HTML Retrieving data using the CGI.

Secure hardware tokens David Groep DutchGrid CA. DutchGrid CA requirements Need for automated clients –from the bioinformatics domain (NBIC BioRange/BioAssist)

Shibboleth & Grid Integration STFC and University of Oxford (and University of Manchester)

VO Box Issues Summary of concerns expressed following publication of Jeff’s slides Ian Bird GDB, Bologna, 12 Oct 2005 (not necessarily the opinion of)

FileZilla Introduction to Web Programming Kirkwood Community College Fred McClurg © Copyright 2015, Fred McClurg, All Rights Reserved.

John Kewley e-Science Centre All Hands Meeting st September, Nottingham GROWL: A Lightweight Grid Services Toolkit and Applications John Kewley.

Introduction to Portals.

Initiating Teragrid Sessions Raghu Reddy. Outline Motivation Initial Setup –Certificates –Proxies –Grid-map file entries and DNs Softenv for customizing.

EGI-InSPIRE RI Grid Training for Power Users EGI-InSPIRE N G I A E G I S Grid Training for Power Users Institute of Physics Belgrade.

Enabling Grids for E-sciencE gLite security pratical tutorial Dario Russo INFN Catania Catania,

SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.

The NGS Portal Guy Warner NeSC Training.

Fermilab supports several authentication mechanisms for user and computer authentication. This talk will cover our authentication systems, design considerations,

(Exchange Programme to advance e-Infrastructure Know-How) The EPIKH Project Hailong Yang

2nd year Computer Science & Engineer

Web Portal Project.

MICROSOFT OUTLOOK and Outlook service Provider

FTP - File Transfer Protocol

CLASP Project AAI Workshop, Nov 2000 Denise Heagerty, CERN

Presentation transcript:

David Spence GOSC Graphical Access to the NGS for All Java GSI-SSHTerm

David Spence GOSC Outline Introduction and Brief History Authentication methods Other Services The Future – Site Single Sign-On Questions Demonstration

David Spence GOSC Introduction and Brief History There was a need for Windows (+ Linux!) users to have a straightforward way to access Grid resources SSHTerm is an Open Source (Source forge) project Jean-Claude Cote at NRC-CNRC developed a GSISSH module This has been rewritten and expanded by Matthew Viljoen and me at RAL –No need to know username –Many ways to access your certificate –X forwarding –Bugfixes

David Spence GOSC Authentication methods Local proxy (i.e. from grid-proxy-init) Certificate as two PEM files: usercert.pem and userkey.pem Certificate as a single PKCS#12 file Proxy downloaded from a MyProxy server Certificate stored in your browser [new] –Internet Explorer: Windows –Firefox & Mozilla: Windows and Linux

David Spence GOSC Other Services Normal SSH port forwarding X windows display forwarding GSI-SFTP simple file transfer

David Spence GOSC The Future – Site Single Sign-On Currently in development is Site Single Sign On access to grid resources via GSI-SSHTerm –Uses the CCLRC Kerberos/Active Directory infrastructure: tokens are obtained on logon in Windows and by running kinit in UNIXes –Modified terminal passes on Kerberos token to MyProxy server (with built in CA) to retrieve certificate or automatically generate a low- assurance certificate.

David Spence GOSC Questions?

David Spence GOSC Demonstration Normal version: – support.ac.uk/content/view/81/62http:// support.ac.uk/content/view/81/62 Kerberos single sign-on version: – support.ac.uk/content/view/135/76/ support.ac.uk/content/view/135/76/ –This will not work as no where will accept your certificate!