Attributes, Anonymity, and Access: Shibboleth and Globus Integration to Facilitate Grid Collaboration
نویسندگان
چکیده
In this paper we describe our work in progress to integrate the Shibboleth SAMLbased framework and Globus Toolkit’s PKIbased security infrastructure. The result will provide identity federation and attributebased policy enforcement for Grids that leverages the Shibboleth system being deployed on campuses. We provide an overview of both Shibboleth and the Globus Toolkit, present our motivating use cases, and describe our planned integration work.
منابع مشابه
AnApproach for Shibboleth and Grid Integration
Grid environments involve complex scenarios where PKI-based authentication and authorization might have to be delegated across n-tier security domains. Shibboleth is an identity management system designed to exchange attributes across domains for the primary purpose of authorization and its architecture is highly dependent on PKI. Supported by a Registry Service, we propose a non-intrusive appr...
متن کاملGridShib and PERMIS Integration
This paper describes the results of our recent GridShibPERMIS project to provide policy driven role-based access control decision making to Grid jobs, in which the user’s attributes are provided by a Shibboleth Identity Provider (IdP). The goal of the project is to integrate the identity federation and attribute assignment functions of Shibboleth with the policy-based enforcement function offer...
متن کاملShibboleth and Community Authorization Services: Enabling Role-Based Grid Access
Classical authentication and authorization in grid environments can become a user management issue due to the flat nature of credentials based on X.509 certificates. While such credentials are able to identify user affiliations, such systems typically leave out a crucial aspect in user management and resource allocation: privilege levels. Shibboleth-based authentication mechanisms facilitate th...
متن کاملA concept for attribute-based authorization on D-Grid resources
In Germany’s D-Grid project numerous Grid communities are working together to providing a common overarching Grid infrastructure. The major aims of D-Grid are the integration of existing Grid deployments and their interoperability. The challenge in this endeavor lies in the heterogeneity of the current implementations: Three Grid middleware stacks and different Virtual Organization management a...
متن کاملUser Oriented Access to Secure Biomedical Resources through the Grid
The life science domain is typified by heterogeneous data sets that are evolving at an exponential rate. Numerous post-genomic databases and areas of postgenomic life science research have been established and are being actively explored. Whilst many of these databases are public and freely accessible, it is often the case that researchers have data that is not so freely available and access to...
متن کامل