CILogon: A federated X.509 certification authority for cyberinfrastructure logon

Jim Basney; Terry Fleury; Jeff Gaynor

doi:10.1145/2484762.2484791

CILogon: A federated X.509 certification authority for cyberinfrastructure logon

Jim Basney, Terry Fleury, Jeff Gaynor

National Center for Supercomputing Applications (NCSA)

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

CILogon provides a federated X.509 certification authority for secure access to cyberinfrastructure such as the Extreme Science and Engineering Discovery Environment (XSEDE). CILogon relies on federated authentication (SAML and OpenID) for determining user identities when issuing certificates. Federated authentication enables users to obtain certificates using existing identities (university, Google, etc.). Federated authentication also enables CILogon to serve a national-scale user community without requiring a large network of registration authorities performing manual user identification. CILogon supports multiple levels of assurance and custom interfaces for specific user communities. In this article we introduce the CILogon service and describe experiences and lessons learned from the first three years of operation.

Original language	English (US)
Title of host publication	Proceedings of the XSEDE 2013 Conference
Subtitle of host publication	Gateway to Discovery
DOIs	https://doi.org/10.1145/2484762.2484791
State	Published - 2013
Event	Conference on Extreme Science and Engineering Discovery Environment, XSEDE 2013 - San Diego, CA, United States Duration: Jul 22 2013 → Jul 25 2013

Publication series

Name	ACM International Conference Proceeding Series

Other

Other	Conference on Extreme Science and Engineering Discovery Environment, XSEDE 2013
Country/Territory	United States
City	San Diego, CA
Period	7/22/13 → 7/25/13

Keywords

Grid computing
Identity federation
Incommon
OAuth
OpenID
PKI
SAML
Shibboleth
X.509
XSEDE

ASJC Scopus subject areas

Software
Human-Computer Interaction
Computer Vision and Pattern Recognition
Computer Networks and Communications

Online availability

10.1145/2484762.2484791

Library availability

Discover UIUC Full Text

Cite this

Basney, J, Fleury, T & Gaynor, J 2013, CILogon: A federated X.509 certification authority for cyberinfrastructure logon. in Proceedings of the XSEDE 2013 Conference: Gateway to Discovery., 53, ACM International Conference Proceeding Series, Conference on Extreme Science and Engineering Discovery Environment, XSEDE 2013, San Diego, CA, United States, 7/22/13. https://doi.org/10.1145/2484762.2484791

@inproceedings{e157b646bf084bd1af54d2ae8336cdcc,

title = "CILogon: A federated X.509 certification authority for cyberinfrastructure logon",

abstract = "CILogon provides a federated X.509 certification authority for secure access to cyberinfrastructure such as the Extreme Science and Engineering Discovery Environment (XSEDE). CILogon relies on federated authentication (SAML and OpenID) for determining user identities when issuing certificates. Federated authentication enables users to obtain certificates using existing identities (university, Google, etc.). Federated authentication also enables CILogon to serve a national-scale user community without requiring a large network of registration authorities performing manual user identification. CILogon supports multiple levels of assurance and custom interfaces for specific user communities. In this article we introduce the CILogon service and describe experiences and lessons learned from the first three years of operation.",

keywords = "Grid computing, Identity federation, Incommon, OAuth, OpenID, PKI, SAML, Shibboleth, X.509, XSEDE",

author = "Jim Basney and Terry Fleury and Jeff Gaynor",

note = "Copyright: Copyright 2013 Elsevier B.V., All rights reserved.; Conference on Extreme Science and Engineering Discovery Environment, XSEDE 2013 ; Conference date: 22-07-2013 Through 25-07-2013",

year = "2013",

doi = "10.1145/2484762.2484791",

language = "English (US)",

isbn = "9781450321709",

series = "ACM International Conference Proceeding Series",

booktitle = "Proceedings of the XSEDE 2013 Conference",

}

TY - GEN

T1 - CILogon

T2 - Conference on Extreme Science and Engineering Discovery Environment, XSEDE 2013

AU - Basney, Jim

AU - Fleury, Terry

AU - Gaynor, Jeff

PY - 2013

Y1 - 2013

N2 - CILogon provides a federated X.509 certification authority for secure access to cyberinfrastructure such as the Extreme Science and Engineering Discovery Environment (XSEDE). CILogon relies on federated authentication (SAML and OpenID) for determining user identities when issuing certificates. Federated authentication enables users to obtain certificates using existing identities (university, Google, etc.). Federated authentication also enables CILogon to serve a national-scale user community without requiring a large network of registration authorities performing manual user identification. CILogon supports multiple levels of assurance and custom interfaces for specific user communities. In this article we introduce the CILogon service and describe experiences and lessons learned from the first three years of operation.

AB - CILogon provides a federated X.509 certification authority for secure access to cyberinfrastructure such as the Extreme Science and Engineering Discovery Environment (XSEDE). CILogon relies on federated authentication (SAML and OpenID) for determining user identities when issuing certificates. Federated authentication enables users to obtain certificates using existing identities (university, Google, etc.). Federated authentication also enables CILogon to serve a national-scale user community without requiring a large network of registration authorities performing manual user identification. CILogon supports multiple levels of assurance and custom interfaces for specific user communities. In this article we introduce the CILogon service and describe experiences and lessons learned from the first three years of operation.

KW - Grid computing

KW - Identity federation

KW - Incommon

KW - OAuth

KW - OpenID

KW - PKI

KW - SAML

KW - Shibboleth

KW - X.509

KW - XSEDE

UR - http://www.scopus.com/inward/record.url?scp=84882411852&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84882411852&partnerID=8YFLogxK

U2 - 10.1145/2484762.2484791

DO - 10.1145/2484762.2484791

M3 - Conference contribution

AN - SCOPUS:84882411852

SN - 9781450321709

T3 - ACM International Conference Proceeding Series

BT - Proceedings of the XSEDE 2013 Conference

Y2 - 22 July 2013 through 25 July 2013

ER -

CILogon: A federated X.509 certification authority for cyberinfrastructure logon

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this