An OAuth service for issuing certificates to science gateways for TeraGrid users

Jim Basney, Jeff Gaynor

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In this paper, we present a TeraGrid OAuth service, integrated with the TeraGrid User Portal and TeraGrid MyProxy service, that provides certificates to science gateways. The OAuth service eliminates the need for TeraGrid users to disclose their TeraGrid passwords to science gateways when accessing their individual TeraGrid accounts via gateway interfaces. Instead, TeraGrid users authenticate at the TeraGrid User Portal to approve issuance of a certificate by MyProxy to the science gateway they are using. We present the design and implementation of the TeraGrid OAuth service, describe the underlying network protocol, and discuss design decisions and security considerations we made while developing the service in consultation with TeraGrid working groups and staff.

Original languageEnglish (US)
Title of host publicationProceedings of the TeraGrid 2011 Conference
Subtitle of host publicationExtreme Digital Discovery, TG'11
DOIs
StatePublished - 2011
EventTeraGrid 2011 Conference: Extreme Digital Discovery, TG'11 - Salt Lake City, UT, United States
Duration: Jul 18 2011Jul 21 2011

Publication series

NameProceedings of the TeraGrid 2011 Conference: Extreme Digital Discovery, TG'11

Other

OtherTeraGrid 2011 Conference: Extreme Digital Discovery, TG'11
Country/TerritoryUnited States
CitySalt Lake City, UT
Period7/18/117/21/11

Keywords

  • MyProxy
  • OAuth
  • PKI
  • TeraGrid
  • science gateways

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Hardware and Architecture

Fingerprint

Dive into the research topics of 'An OAuth service for issuing certificates to science gateways for TeraGrid users'. Together they form a unique fingerprint.

Cite this