A credential store for multi-tenant science gateways

Thejaka Amila Kanewala, Suresh Marru, Jim Basney, Marlon Pierce

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Science Gateways bridge multiple computational grids and clouds, acting as overlay cyber infrastructure. Gateways have three logical tiers: a user interfacing tier, a resource tier and a bridging middleware tier. Different groups may operate these tiers. This introduces three security challenges. First, the gateway middleware must manage multiple types of credentials associated with different resource providers. Second, the separation of the user interface and middleware layers means that security credentials must be securely delegated from the user interface to the middleware. Third, the same middleware may serve multiple gateways, so the middleware must correctly isolate user credentials associated with different gateways. We examine each of these three scenarios, concentrating on the requirements and implementation of the middleware layer. We propose and investigate the use of a Credential Store to solve the three security challenges.

Original languageEnglish (US)
Title of host publicationProceedings - 14th IEEE/ACM International Symposium on Cluster, Cloud, and Grid Computing, CCGrid 2014
PublisherIEEE Computer Society
Pages445-454
Number of pages10
ISBN (Print)9781479927838
DOIs
StatePublished - 2014
Event14th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, CCGrid 2014 - Chicago, IL, United States
Duration: May 26 2014May 29 2014

Publication series

NameProceedings - 14th IEEE/ACM International Symposium on Cluster, Cloud, and Grid Computing, CCGrid 2014

Other

Other14th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, CCGrid 2014
Country/TerritoryUnited States
CityChicago, IL
Period5/26/145/29/14

Keywords

  • Apache Airavata
  • Credential Store
  • OA4MP
  • Science Gateways
  • Security

ASJC Scopus subject areas

  • Software

Fingerprint

Dive into the research topics of 'A credential store for multi-tenant science gateways'. Together they form a unique fingerprint.

Cite this