The MyProxy Online Credential Repository Jim Basney NCSA

Slides:



Advertisements
Similar presentations
GridWorld 2006 Use of MyProxy for the FusionGrid Mary Thompson Monte Goode GridWorld 2006.
Advertisements

MyProxy Jim Basney Senior Research Scientist NCSA
Policy Based Dynamic Negotiation for Grid Services Authorization Infolunch, L3S Research Center Hannover, 29 th Jun Ionut Constandache Daniel Olmedilla.
Using the Collaborative Tools in NEESgrid Charles Severance University of Michigan.
MyProxy: A Multi-Purpose Grid Authentication Service
Jim Basney GSI Credential Management with MyProxy GGF8 Production Grid Management RG Workshop June.
Military Technical Academy Bucharest, 2006 GRID SECURITY INFRASTRUCTURE (GSI) - Globus Toolkit - ADINA RIPOSAN Department of Applied Informatics.
Andrew McNab - EDG Access Control - 14 Jan 2003 EU DataGrid security with GSI and Globus Andrew McNab University of Manchester
Grid Security. Typical Grid Scenario Users Resources.
National Center for Supercomputing Applications Integrating MyProxy with Site Authentication Jim Basney Senior Research Scientist National Center for Supercomputing.
National Center for Supercomputing Applications MyProxy and GSISSH Update Von Welch National Center for Supercomputing Applications University of Illinois.
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign This material is based upon work supported by the National Science.
1-2.1 Grid computing infrastructure software Brief introduction to Globus © 2010 B. Wilkinson/Clayton Ferner. Spring 2010 Grid computing course. Modification.
Mechanisms to Secure x.509 Grid Certificates Andrew Hanushevsky Robert Cowles Stanford Linear Accelerator Center.
GLite authentication and authorization Discipline: Grid Computing, 07/08-2 Practical classes Inês Dutra, DCC/FCUP.
Federated Access to US CyberInfrastructure Jim Basney CILogon This material is based upon work supported by the National Science Foundation.
Single Sign-On for Java Web Start Applications Using MyProxy Terry Fleury, Jim Basney, and Von Welch November 3, 2006.
Globus Computing Infrustructure Software Globus Toolkit 11-2.
MyProxy NMI Integration Jim Basney, NCSA Marty Humphrey, University of Virginia
TeraGrid ’06 National Center for Supercomputing Applications Managing Credentials on the TeraGrid with MyProxy Jim Basney.
INFSO-RI Enabling Grids for E-sciencE Practicals on VOMS and MyProxy Emidio Giorgio INFN Retreat between GILDA and ESR VO, Bratislava,
National Computational Science National Center for Supercomputing Applications National Computational Science MyProxy: An Online Credential Repository.
Riccardo Bruno INFN.CT Sevilla, Sep 2007 The GENIUS Grid portal.
TeraGrid Science Gateways: Scaling TeraGrid Access Aaron Shelmire¹, Jim Basney², Jim Marsteller¹, Von Welch²,
ESP workshop, Sept 2003 the Earth System Grid data portal presented by Luca Cinquini (NCAR/SCD/VETS) Acknowledgments: ESG.
Managing Credentials with MyProxy Jim Basney National Center for Supercomputing Applications University of Illinois
National Computational Science National Center for Supercomputing Applications National Computational Science NCSA-IPG Collaboration Projects Overview.
GridShib and MyProxy Grid Credential Management and Identity Federation Von Welch NCSA
E-science grid facility for Europe and Latin America E2GRIS1 Raúl Priego Martínez – CETA-CIEMAT (Spain)‏ Itacuruça (Brazil), 2-15 November.
Using the MyProxy Online Credential Repository Jim Basney National Center for Supercomputing Applications University of Illinois
FP6−2004−Infrastructures−6-SSA E-infrastructure shared between Europe and Latin America MyProxy server installation Emidio Giorgio.
NUG 2004 Grid File Yanker Demo Shreyas Cholia Mass Storage Group, NERSC 06/24/2004.
E-infrastructure shared between Europe and Latin America Security Hands-on Christian Grunfeld, UNLP 8th EELA Tutorial, La Plata, 11/12-12/12,2006.
1 Grid Portal for VN-Grid Cu Nguyen Phuong Ha. 2 Outline Some words about portals in principle Overview of OGCE GridPortlets.
An OGSI CredentialManager Service Jim Basney, Shiva Shankar Chetan, Feng Qin, Sumin Song, Xiao Tu National Center for Supercomputing Applications, University.
INFSO-RI Enabling Grids for E-sciencE GILDA Practicals : Security systems GILDA Tutors Singapore, 1st South East Asia Forum -- EGEE.
E-infrastructure shared between Europe and Latin America FP6−2004−Infrastructures−6-SSA Hands-on on security Pedro Rausch IF - UFRJ.
NGS Portal.
Holding slide prior to starting show. A Portlet Interface for Computational Electromagnetics on the Grid Maria Lin and David Walker Cardiff University.
National Computational Science National Center for Supercomputing Applications National Computational Science Credential Management in the Grid Security.
All Hands Meeting 2005 BIRN Portal Architecture: Security Jana Nguyen
Grid Security: Authentication Most Grids rely on a Public Key Infrastructure system for issuing credentials. Users are issued long term public and private.
Part 9: MyProxy Pragmatics This presentation and lab ends the GRIDS Center agenda Q: When do we convene again tomorrow?
Getting started DIRAC Project. Outline  DIRAC information system  Documentation sources  DIRAC users and groups  Registration with DIRAC  Getting.
National Computational Science National Center for Supercomputing Applications National Computational Science GSI Online Credential Retrieval Requirements.
Grid, Web services and Taverna Machiel Jansen Richard Holland.
Tools for Grid/Campus Integration: GridShib and MyProxy Internet2 Advanced Camp July 1, 2005 Von Welch
Hands-on security Angelines Alberto Morillas Ciemat.
4th EELA TUTORIAL - USERS AND SYSTEM ADMINISTRATORS E-infrastructure shared between Europe and Latin America Security Hands-on Vanessa.
National Computational Science National Center for Supercomputing Applications National Computational Science Integration of the MyProxy Online Credential.
1 st Generation of Grid portals. 1st Generation Portals The first generation of Grid portals mainly used a three-tier architecture:
FP6−2004−Infrastructures−6-SSA E-infrastructure shared between Europe and Latin America Practicals on Security Miguel Cárdenas Montes.
E-infrastructure shared between Europe and Latin America Security Hands-on Alexandre Duarte CERN Fifth EELA Tutorial Santiago, 06/09-07/09,2006.
EGEE-II INFSO-RI Enabling Grids for E-sciencE MyProxy - a brief introduction.
Security Solutions Rachana Ananthakrishnan University of Chicago.
Feb 2-4, 2004LNCC Workshop on Computational Grids & Apps Middleware for Production Grids Jim Basney Senior Research Scientist Grid and Security Technologies.
Using the MyProxy Online Credential Repository Jim Basney National Center for Supercomputing Applications University of Illinois
WLCG Authentication & Authorisation LHCOPN/LHCONE Rome, 29 April 2014 David Kelsey STFC/RAL.
1 Egrid portal Stefano Cozzini and Angelo Leto. 2 Egrid portal Based on P-GRADE Portal 2.3 –LCG-2 middleware support: broker, CEs, SEs, BDII –MyProxy.
Introduction to Portals.
The GRIDS Center, part of the NSF Middleware Initiative Grid Security Overview presented by Von Welch National Center for Supercomputing.
Hands-on security Carlos Fuentes RedIRIS Madrid,26 – 30 de Octubre de 2008.
Hands on Security, Authentication and Authorization Virginia Martín-Rubio Pascual RedIRIS/Red.es Curso Grid y e-Ciencia.
EGI-InSPIRE RI Grid Training for Power Users EGI-InSPIRE N G I A E G I S Grid Training for Power Users Institute of Physics Belgrade.
The EPIKH Project (Exchange Programme to advance e-Infrastructure Know-How) 马兰馨 IHEP, CAS Hands on gLite Security.
Enabling Grids for E-sciencE gLite security pratical tutorial Dario Russo INFN Catania Catania,
The NGS Portal Guy Warner NeSC Training.
Antonio Fuentes RedIRIS Barcelona, 15 Abril 2008 The GENIUS Grid portal.
Writing Grid Portlets.
1st Generation of Grid portals
Presentation transcript:

The MyProxy Online Credential Repository Jim Basney NCSA

SC04 11/9/04http://myproxy.ncsa.uiuc.edu/2 What is MyProxy? l A new component in Globus Toolkit 4.0 u Independent Globus Toolkit add-on since 2000 l A repository for storing long-lived private keys u Keys encrypted with user-chosen password u Keys never leave MyProxy server l A service for retrieving proxy credentials u Supporting mobility, delegation, and renewal l A commonly-used service for grid portal security u Integrated with OGCE, GridSphere, and GridPort

SC04 11/9/04http://myproxy.ncsa.uiuc.edu/3 MyProxy System Architecture MyProxy server Credential repository Retrieve proxy Store proxy (over private TLS channel) MyProxy client

SC04 11/9/04http://myproxy.ncsa.uiuc.edu/4 Proxy Delegation ServerClient Generate new key pair Proxy certificate request Sign proxy certificate with private key CAUser Proxy A signs Proxy B signs Proxy User Cert

SC04 11/9/04http://myproxy.ncsa.uiuc.edu/5 MyProxy: Credential Mobility myproxy.teragrid.org tg-login.uc.teragrid.org tg-login.caltech.teragrid.org tg-login.sdsc.teragrid.org tg-login.ncsa.teragrid.orgca.ncsa.uiuc.edu Obtain certificate Store proxy Retrieve proxy

SC04 11/9/04http://myproxy.ncsa.uiuc.edu/6 MyProxy: Credential Renewal MyProxy server Condor-G Submit job Globus gatekeeper Submit job Fetch proxy Refresh proxy

SC04 11/9/04http://myproxy.ncsa.uiuc.edu/7 MyProxy and Grid Portals CHEF portal MyProxy server GridFTP server Login Fetch proxy Access data

SC04 11/9/04http://myproxy.ncsa.uiuc.edu/8 MyProxy: User Registration MyProxy server Registration portal Certificate authority Request account Obtain user certificate Load user’s credentials Retrieve proxy Grid portal Login with username/password Set username/password ESG

SC04 11/9/04http://myproxy.ncsa.uiuc.edu/9 MyProxy Installation (Unix) l As an add-on component to GT 3.x $ gpt-build myproxy*.tar.gz l Set $MYPROXY_SERVER environment variable to myproxy-server hostname $ export MYPROXY_SERVER=myproxy.ncsa.uiuc.edu l Set Globus Toolkit environment $. $GLOBUS_LOCATION/etc/globus-user-env.sh l Client installation/configuration complete!

SC04 11/9/04http://myproxy.ncsa.uiuc.edu/10 MyProxy Commands l myproxy-init: store proxy l myproxy-get-delegation: retrieve proxy l myproxy-info: query stored credentials l myproxy-destroy: remove credential l myproxy-change-pass-phrase: change password encrypting private key

SC04 11/9/04http://myproxy.ncsa.uiuc.edu/11 MyProxy Server Administration l Install server certificate l Configure /etc/myproxy-server.config policy u Template provided with examples l Optionally: u Configure password quality enforcement u Install cron script to delete expired credentials l Install boot script and start server u Example boot script provided l Use myproxy-admin commands to manage server u Reset passwords, query repository, lock credentials

SC04 11/9/04http://myproxy.ncsa.uiuc.edu/12 MyProxy CoG Clients l Commodity Grid (CoG) Kits u Provide portable (Java and Python) MyProxy client tools & APIs u Support Windows l For more information: u

SC04 11/9/04http://myproxy.ncsa.uiuc.edu/13 MyProxy Community Support l mailing list l Bug tracking: l Anonymous CVS access l Contributions welcome! u Feature requests, bug reports, patches, etc.

SC04 11/9/04http://myproxy.ncsa.uiuc.edu/14 Thank you! Contact: Questions/Comments?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.