Custos Secrets: a Service for Managing User-Provided Resource Credential Secrets for Science Gateways

Isuru Ranawaka, Nuwan Goonasekara, Enis Afgan, Jim Basney, Suresh Marru, Marlon Pierce

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Custos is open source software that provides user, group, and resource credential management services for science gateways. This paper describes the resource credential, or secrets, management service in Custos that allows science gateways to safely manage security tokens, SSH keys, and passwords on behalf of users. Science gateways such as Galaxy are well-established mechanisms for researchers to access cyberinfrastructure and, increasingly, couple it with other online services, such as user-provided storage or compute resources. To support this use case, science gateways need to operate on behalf of the users to connect, acquire, and release these resources, which are protected by a variety of authentication and access mechanisms. Storing and managing the credentials associated with these access mechanisms must be done using "best of breed"software and established security protocols. The Custos Secrets Service allows science gateways to store and retrieve these credentials using secure protocols and APIs while the data is protected at rest. Here, we provide implementation details for the service, describe the available APIs and SDKs, and discuss integration with Galaxy as a use case.

Original languageEnglish (US)
Title of host publicationPEARC 2022 Conference Series - Practice and Experience in Advanced Research Computing 2022 - Revolutionary
Subtitle of host publicationComputing, Connections, You
PublisherAssociation for Computing Machinery, Inc
ISBN (Electronic)9781450391610
DOIs
StatePublished - Jul 8 2022
Event2022 Conference on Practice and Experience in Advanced Research Computing: Revolutionary: Computing, Connections, You, PEARC 2022 - Boston, United States
Duration: Jul 10 2022Jul 14 2022

Publication series

NamePEARC 2022 Conference Series - Practice and Experience in Advanced Research Computing 2022 - Revolutionary: Computing, Connections, You

Conference

Conference2022 Conference on Practice and Experience in Advanced Research Computing: Revolutionary: Computing, Connections, You, PEARC 2022
Country/TerritoryUnited States
CityBoston
Period7/10/227/14/22

Keywords

  • Galaxy
  • custos
  • cyberinfrastructure
  • cybersecurity
  • open source software
  • science gateways
  • secrets management

ASJC Scopus subject areas

  • Computational Theory and Mathematics
  • Computer Networks and Communications
  • Computer Science Applications
  • Software
  • Theoretical Computer Science

Fingerprint

Dive into the research topics of 'Custos Secrets: a Service for Managing User-Provided Resource Credential Secrets for Science Gateways'. Together they form a unique fingerprint.

Cite this