Presentation is loading. Please wait.

Presentation is loading. Please wait.

The MyProxy Online Credential Repository Jim Basney NCSA

Published byEmmeline Jackson Modified over 9 years ago

Similar presentations

Presentation on theme: "The MyProxy Online Credential Repository Jim Basney NCSA"— Presentation transcript:

1 The MyProxy Online Credential Repository Jim Basney NCSA jbasney@ncsa.uiuc.edu

2 SC04 11/9/04http://myproxy.ncsa.uiuc.edu/2 What is MyProxy? l A new component in Globus Toolkit 4.0 u Independent Globus Toolkit add-on since 2000 l A repository for storing long-lived private keys u Keys encrypted with user-chosen password u Keys never leave MyProxy server l A service for retrieving proxy credentials u Supporting mobility, delegation, and renewal l A commonly-used service for grid portal security u Integrated with OGCE, GridSphere, and GridPort

3 SC04 11/9/04http://myproxy.ncsa.uiuc.edu/3 MyProxy System Architecture MyProxy server Credential repository Retrieve proxy Store proxy (over private TLS channel) MyProxy client

4 SC04 11/9/04http://myproxy.ncsa.uiuc.edu/4 Proxy Delegation ServerClient Generate new key pair Proxy certificate request Sign proxy certificate with private key CAUser Proxy A signs Proxy B signs Proxy User Cert

5 SC04 11/9/04http://myproxy.ncsa.uiuc.edu/5 MyProxy: Credential Mobility myproxy.teragrid.org tg-login.uc.teragrid.org tg-login.caltech.teragrid.org tg-login.sdsc.teragrid.org tg-login.ncsa.teragrid.orgca.ncsa.uiuc.edu Obtain certificate Store proxy Retrieve proxy

6 SC04 11/9/04http://myproxy.ncsa.uiuc.edu/6 MyProxy: Credential Renewal MyProxy server Condor-G Submit job Globus gatekeeper Submit job Fetch proxy Refresh proxy

7 SC04 11/9/04http://myproxy.ncsa.uiuc.edu/7 MyProxy and Grid Portals CHEF portal MyProxy server GridFTP server Login Fetch proxy Access data

8 SC04 11/9/04http://myproxy.ncsa.uiuc.edu/8 MyProxy: User Registration MyProxy server Registration portal Certificate authority Request account Obtain user certificate Load user’s credentials Retrieve proxy Grid portal Login with username/password Set username/password ESG

9 SC04 11/9/04http://myproxy.ncsa.uiuc.edu/9 MyProxy Installation (Unix) l As an add-on component to GT 3.x $ gpt-build myproxy*.tar.gz l Set $MYPROXY_SERVER environment variable to myproxy-server hostname $ export MYPROXY_SERVER=myproxy.ncsa.uiuc.edu l Set Globus Toolkit environment $. $GLOBUS_LOCATION/etc/globus-user-env.sh l Client installation/configuration complete!

10 SC04 11/9/04http://myproxy.ncsa.uiuc.edu/10 MyProxy Commands l myproxy-init: store proxy l myproxy-get-delegation: retrieve proxy l myproxy-info: query stored credentials l myproxy-destroy: remove credential l myproxy-change-pass-phrase: change password encrypting private key

11 SC04 11/9/04http://myproxy.ncsa.uiuc.edu/11 MyProxy Server Administration l Install server certificate l Configure /etc/myproxy-server.config policy u Template provided with examples l Optionally: u Configure password quality enforcement u Install cron script to delete expired credentials l Install boot script and start server u Example boot script provided l Use myproxy-admin commands to manage server u Reset passwords, query repository, lock credentials

12 SC04 11/9/04http://myproxy.ncsa.uiuc.edu/12 MyProxy CoG Clients l Commodity Grid (CoG) Kits u Provide portable (Java and Python) MyProxy client tools & APIs u Support Windows l For more information: u http://www.cogkit.org/

13 SC04 11/9/04http://myproxy.ncsa.uiuc.edu/13 MyProxy Community Support l myproxy-users@ncsa.uiuc.edu mailing list l Bug tracking: http://bugzilla.ncsa.uiuc.edu/ l Anonymous CVS access :pserver:anonymous@cvs.ncsa.uiuc.edu:/CVS/myproxy l Contributions welcome! u Feature requests, bug reports, patches, etc.

14 SC04 11/9/04http://myproxy.ncsa.uiuc.edu/14 Thank you! Contact: http://myproxy.ncsa.uiuc.edu/ jbasney@ncsa.uiuc.edu Questions/Comments?

Download ppt "The MyProxy Online Credential Repository Jim Basney NCSA"

Similar presentations

GridWorld 2006 Use of MyProxy for the FusionGrid Mary Thompson Monte Goode GridWorld 2006.

GridWorld 2006 Use of MyProxy for the FusionGrid Mary Thompson Monte Goode GridWorld 2006.
MyProxy Jim Basney Senior Research Scientist NCSA

MyProxy Jim Basney Senior Research Scientist NCSA
Policy Based Dynamic Negotiation for Grid Services Authorization Infolunch, L3S Research Center Hannover, 29 th Jun. 2005 Ionut Constandache Daniel Olmedilla.

Policy Based Dynamic Negotiation for Grid Services Authorization Infolunch, L3S Research Center Hannover, 29 th Jun Ionut Constandache Daniel Olmedilla.
Using the Collaborative Tools in NEESgrid Charles Severance University of Michigan.

Using the Collaborative Tools in NEESgrid Charles Severance University of Michigan.
MyProxy: A Multi-Purpose Grid Authentication Service

MyProxy: A Multi-Purpose Grid Authentication Service
Jim Basney GSI Credential Management with MyProxy GGF8 Production Grid Management RG Workshop June.

Jim Basney GSI Credential Management with MyProxy GGF8 Production Grid Management RG Workshop June.
Military Technical Academy Bucharest, 2006 GRID SECURITY INFRASTRUCTURE (GSI) - Globus Toolkit - ADINA RIPOSAN Department of Applied Informatics.

Military Technical Academy Bucharest, 2006 GRID SECURITY INFRASTRUCTURE (GSI) - Globus Toolkit - ADINA RIPOSAN Department of Applied Informatics.
Andrew McNab - EDG Access Control - 14 Jan 2003 EU DataGrid security with GSI and Globus Andrew McNab University of Manchester

Andrew McNab - EDG Access Control - 14 Jan 2003 EU DataGrid security with GSI and Globus Andrew McNab University of Manchester
Grid Security. Typical Grid Scenario Users Resources.

Grid Security. Typical Grid Scenario Users Resources.
National Center for Supercomputing Applications Integrating MyProxy with Site Authentication Jim Basney Senior Research Scientist National Center for Supercomputing.

National Center for Supercomputing Applications Integrating MyProxy with Site Authentication Jim Basney Senior Research Scientist National Center for Supercomputing.
National Center for Supercomputing Applications MyProxy and GSISSH Update Von Welch National Center for Supercomputing Applications University of Illinois.

National Center for Supercomputing Applications MyProxy and GSISSH Update Von Welch National Center for Supercomputing Applications University of Illinois.
National Center for Supercomputing Applications University of Illinois at Urbana-Champaign This material is based upon work supported by the National Science.

National Center for Supercomputing Applications University of Illinois at Urbana-Champaign This material is based upon work supported by the National Science.
1-2.1 Grid computing infrastructure software Brief introduction to Globus © 2010 B. Wilkinson/Clayton Ferner. Spring 2010 Grid computing course. Modification.

1-2.1 Grid computing infrastructure software Brief introduction to Globus © 2010 B. Wilkinson/Clayton Ferner. Spring 2010 Grid computing course. Modification.
Mechanisms to Secure x.509 Grid Certificates Andrew Hanushevsky Robert Cowles Stanford Linear Accelerator Center.

Mechanisms to Secure x.509 Grid Certificates Andrew Hanushevsky Robert Cowles Stanford Linear Accelerator Center.
GLite authentication and authorization Discipline: Grid Computing, 07/08-2 Practical classes Inês Dutra, DCC/FCUP.

GLite authentication and authorization Discipline: Grid Computing, 07/08-2 Practical classes Inês Dutra, DCC/FCUP.
Federated Access to US CyberInfrastructure Jim Basney CILogon This material is based upon work supported by the National Science Foundation.

Federated Access to US CyberInfrastructure Jim Basney CILogon This material is based upon work supported by the National Science Foundation.
Single Sign-On for Java Web Start Applications Using MyProxy Terry Fleury, Jim Basney, and Von Welch November 3, 2006.

Single Sign-On for Java Web Start Applications Using MyProxy Terry Fleury, Jim Basney, and Von Welch November 3, 2006.
Globus Computing Infrustructure Software Globus Toolkit 11-2.

Globus Computing Infrustructure Software Globus Toolkit 11-2.
MyProxy NMI Integration Jim Basney, NCSA Marty Humphrey, University of Virginia

MyProxy NMI Integration Jim Basney, NCSA Marty Humphrey, University of Virginia
TeraGrid ’06 National Center for Supercomputing Applications Managing Credentials on the TeraGrid with MyProxy Jim Basney.

TeraGrid ’06 National Center for Supercomputing Applications Managing Credentials on the TeraGrid with MyProxy Jim Basney.

Similar presentations

Ads by Google