The MyProxy online credential repository: Research Articles
Software—Practice & Experience - Grid Security
Science gateway, portal and other community interfaces to high end resources
Proceedings of the 2006 ACM/IEEE conference on Supercomputing
A AAAA model to support science gateways with community accounts: Research Articles
Concurrency and Computation: Practice & Experience - Science Gateways—Common Community Interfaces to Grid Resources
Special Issue: Science Gateways—Common Community Interfaces to Grid Resources: Editorials
Concurrency and Computation: Practice & Experience - Science Gateways—Common Community Interfaces to Grid Resources
Building the PolarGrid portal using web 2.0 and OpenSocial
Proceedings of the 5th Grid Computing Environments Workshop
Using dynamic accounts to enable access to advanced resources through science gateways
Proceedings of the 5th Grid Computing Environments Workshop
Proceedings of the 9th Symposium on Identity and Trust on the Internet
TeraGrid Science Gateway AAAA Model: implementation and lessons learned
Proceedings of the 2010 TeraGrid Conference
Accelerating science gateway development with Web 2.0 and Swift
Proceedings of the 2010 TeraGrid Conference
The Quakesim portal and services: new approaches to science gateway development techniques
Concurrency and Computation: Practice & Experience - Proceedings of the 6th ACES Symposium, May 11–16, 2008, Cairns, Australia
Distributed web security for science gateways
Proceedings of the 2011 ACM workshop on Gateway computing environments
CILogon: a federated X.509 certification authority for cyberinfrastructure logon
Proceedings of the Conference on Extreme Science and Engineering Discovery Environment: Gateway to Discovery
Hi-index | 0.00 |
In this paper, we present a TeraGrid OAuth service, integrated with the TeraGrid User Portal and TeraGrid MyProxy service, that provides certificates to science gateways. The OAuth service eliminates the need for TeraGrid users to disclose their TeraGrid passwords to science gateways when accessing their individual TeraGrid accounts via gateway interfaces. Instead, TeraGrid users authenticate at the TeraGrid User Portal to approve issuance of a certificate by MyProxy to the science gateway they are using. We present the design and implementation of the TeraGrid OAuth service, describe the underlying network protocol, and discuss design decisions and security considerations we made while developing the service in consultation with TeraGrid working groups and staff.