Principled design of the modern Web architecture
ACM Transactions on Internet Technology (TOIT)
HPDC '03 Proceedings of the 12th IEEE International Symposium on High Performance Distributed Computing
An Online Credential Repository for the Grid: MyProxy
HPDC '01 Proceedings of the 10th IEEE International Symposium on High Performance Distributed Computing
The MyProxy online credential repository: Research Articles
Software—Practice & Experience - Grid Security
A AAAA model to support science gateways with community accounts: Research Articles
Concurrency and Computation: Practice & Experience - Science Gateways—Common Community Interfaces to Grid Resources
A Credential Renewal Service for Long-Running Jobs
GRID '05 Proceedings of the 6th IEEE/ACM International Workshop on Grid Computing
The Problem Solving Environments of TeraGrid, Science Gateways, and the Intersection of the Two
ESCIENCE '08 Proceedings of the 2008 Fourth IEEE International Conference on eScience
Grids challenged by a Web 2.0 and multicore sandwich
Concurrency and Computation: Practice & Experience - The Best of CCGrid'2007: A Snapshot of an ‘Adolescent’ Area
TeraGrid's integrated information service
Proceedings of the 5th Grid Computing Environments Workshop
Proceedings of the 9th Symposium on Identity and Trust on the Internet
TeraGrid Science Gateway AAAA Model: implementation and lessons learned
Proceedings of the 2010 TeraGrid Conference
Open grid computing environments: advanced gateway support activities
Proceedings of the 2010 TeraGrid Conference
Accelerating science gateway development with Web 2.0 and Swift
Proceedings of the 2010 TeraGrid Conference
First principles vulnerability assessment
Proceedings of the 2010 ACM workshop on Cloud computing security workshop
An OAuth service for issuing certificates to science gateways for TeraGrid users
Proceedings of the 2011 TeraGrid Conference: Extreme Digital Discovery
Proceedings of the 2011 TeraGrid Conference: Extreme Digital Discovery
Globus toolkit version 4: software for service-oriented systems
NPC'05 Proceedings of the 2005 IFIP international conference on Network and Parallel Computing
Security for science gateways and campus bridging: XSEDE12 panel
Proceedings of the 1st Conference of the Extreme Science and Engineering Discovery Environment: Bridging from the eXtreme to the campus and beyond
CILogon: a federated X.509 certification authority for cyberinfrastructure logon
Proceedings of the Conference on Extreme Science and Engineering Discovery Environment: Gateway to Discovery
| Hi-index | 0.00 |
Science gateways broaden and simplify access to cyberinfrastructure (CI) by providing advanced interfaces to collaboration, analysis, data management, and other tools for students and researchers. As these science gateway interfaces to cyberinfrastructure grow in popularity, web portal developers adopt ad hoc approaches to the security challenges of authentication, authorization, and delegation. Science gateways integrate cyberinfrastructure resources on the researcher's behalf, i.e., accessing data, compute cycles, instruments, and other valuable resources. Resource access often requires use of the researcher's security credentials, in some cases exposing the researcher's long-lived password to potential compromise at the science gateway. There is no standard approach for a researcher to control and limit a science gateway's access to his or her resources. Thus, researchers are required to accept unnecessary risks when using science gateways. The "Distributed Web Security for Science Gateways" project is addressing these risks by providing authorization and delegation software for science gateways that complies with the Internet Engineering Task Force's standard OAuth protocol. The project is developing an OAuth server implementation and a set of client libraries and authentication modules to enable out of the box integration with common Web platforms, in coordination with gateways and cyberinfrastructure providers. In this paper, we introduce the project, including our planned software architecture.