TY - GEN
T1 - A credential store for multi-tenant science gateways
AU - Kanewala, Thejaka Amila
AU - Marru, Suresh
AU - Basney, Jim
AU - Pierce, Marlon
PY - 2014
Y1 - 2014
N2 - Science Gateways bridge multiple computational grids and clouds, acting as overlay cyber infrastructure. Gateways have three logical tiers: a user interfacing tier, a resource tier and a bridging middleware tier. Different groups may operate these tiers. This introduces three security challenges. First, the gateway middleware must manage multiple types of credentials associated with different resource providers. Second, the separation of the user interface and middleware layers means that security credentials must be securely delegated from the user interface to the middleware. Third, the same middleware may serve multiple gateways, so the middleware must correctly isolate user credentials associated with different gateways. We examine each of these three scenarios, concentrating on the requirements and implementation of the middleware layer. We propose and investigate the use of a Credential Store to solve the three security challenges.
AB - Science Gateways bridge multiple computational grids and clouds, acting as overlay cyber infrastructure. Gateways have three logical tiers: a user interfacing tier, a resource tier and a bridging middleware tier. Different groups may operate these tiers. This introduces three security challenges. First, the gateway middleware must manage multiple types of credentials associated with different resource providers. Second, the separation of the user interface and middleware layers means that security credentials must be securely delegated from the user interface to the middleware. Third, the same middleware may serve multiple gateways, so the middleware must correctly isolate user credentials associated with different gateways. We examine each of these three scenarios, concentrating on the requirements and implementation of the middleware layer. We propose and investigate the use of a Credential Store to solve the three security challenges.
KW - Apache Airavata
KW - Credential Store
KW - OA4MP
KW - Science Gateways
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=84904574703&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84904574703&partnerID=8YFLogxK
U2 - 10.1109/CCGrid.2014.95
DO - 10.1109/CCGrid.2014.95
M3 - Conference contribution
AN - SCOPUS:84904574703
SN - 9781479927838
T3 - Proceedings - 14th IEEE/ACM International Symposium on Cluster, Cloud, and Grid Computing, CCGrid 2014
SP - 445
EP - 454
BT - Proceedings - 14th IEEE/ACM International Symposium on Cluster, Cloud, and Grid Computing, CCGrid 2014
PB - IEEE Computer Society
T2 - 14th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, CCGrid 2014
Y2 - 26 May 2014 through 29 May 2014
ER -