Custos: Security Middleware for Science Gateways

Isuru Ranawaka, Suresh Marru, Juleen Graham, Aarushi Bisht, Jim Basney, Terry Fleury, Jeff Gaynor, Dimuthu Wannipurage, Marcus Christie, Alexandru Mahmoud, Enis Afgan, Marlon Pierce

Research output: Chapter in Book/Report/Conference proceedingConference contribution


Science gateways represent potential targets for cybersecurity threats to users, scientific research, and scientific resources. In this paper, we introduce Custos, a software framework that provides common security operations for science gateways, including user identity and access management, gateway tenant profile management, resource secrets management, and groups and sharing management. The goals of the Custos project are to provide these services to a wide range of science gateway frameworks, providing the community with an open source, transparent, and reviewed code base for common security operations; and to operate trustworthy security services for the science gateway community using this software base. To accomplish these goals, we implement Custos using a scalable microservice architecture that can provide highly available, fault tolerant operations. Custos exposes these services through a language-independent Application Programming Interface that encapsulates science gateway usage scenarios.

Original languageEnglish (US)
Title of host publicationPEARC 2020 - Practice and Experience in Advanced Research Computing 2020
Subtitle of host publicationCatch the Wave
PublisherAssociation for Computing Machinery
Number of pages7
ISBN (Electronic)9781450366892
StatePublished - Jul 26 2020
Event2020 Conference on Practice and Experience in Advanced Research Computing: Catch the Wave, PEARC 2020 - Virtual, Online, United States
Duration: Jul 27 2020Jul 31 2020

Publication series

NameACM International Conference Proceeding Series


Conference2020 Conference on Practice and Experience in Advanced Research Computing: Catch the Wave, PEARC 2020
Country/TerritoryUnited States
CityVirtual, Online


  • Science gateways
  • apache airavata
  • custos
  • cybersecurity
  • microservices
  • service mesh

ASJC Scopus subject areas

  • Software
  • Human-Computer Interaction
  • Computer Vision and Pattern Recognition
  • Computer Networks and Communications


Dive into the research topics of 'Custos: Security Middleware for Science Gateways'. Together they form a unique fingerprint.

Cite this