TY - GEN
T1 - Custos
T2 - 2020 Conference on Practice and Experience in Advanced Research Computing: Catch the Wave, PEARC 2020
AU - Ranawaka, Isuru
AU - Marru, Suresh
AU - Graham, Juleen
AU - Bisht, Aarushi
AU - Basney, Jim
AU - Fleury, Terry
AU - Gaynor, Jeff
AU - Wannipurage, Dimuthu
AU - Christie, Marcus
AU - Mahmoud, Alexandru
AU - Afgan, Enis
AU - Pierce, Marlon
N1 - Publisher Copyright:
© 2020 ACM.
PY - 2020/7/26
Y1 - 2020/7/26
N2 - Science gateways represent potential targets for cybersecurity threats to users, scientific research, and scientific resources. In this paper, we introduce Custos, a software framework that provides common security operations for science gateways, including user identity and access management, gateway tenant profile management, resource secrets management, and groups and sharing management. The goals of the Custos project are to provide these services to a wide range of science gateway frameworks, providing the community with an open source, transparent, and reviewed code base for common security operations; and to operate trustworthy security services for the science gateway community using this software base. To accomplish these goals, we implement Custos using a scalable microservice architecture that can provide highly available, fault tolerant operations. Custos exposes these services through a language-independent Application Programming Interface that encapsulates science gateway usage scenarios.
AB - Science gateways represent potential targets for cybersecurity threats to users, scientific research, and scientific resources. In this paper, we introduce Custos, a software framework that provides common security operations for science gateways, including user identity and access management, gateway tenant profile management, resource secrets management, and groups and sharing management. The goals of the Custos project are to provide these services to a wide range of science gateway frameworks, providing the community with an open source, transparent, and reviewed code base for common security operations; and to operate trustworthy security services for the science gateway community using this software base. To accomplish these goals, we implement Custos using a scalable microservice architecture that can provide highly available, fault tolerant operations. Custos exposes these services through a language-independent Application Programming Interface that encapsulates science gateway usage scenarios.
KW - Science gateways
KW - apache airavata
KW - custos
KW - cybersecurity
KW - microservices
KW - service mesh
UR - http://www.scopus.com/inward/record.url?scp=85089262613&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85089262613&partnerID=8YFLogxK
U2 - 10.1145/3311790.3396635
DO - 10.1145/3311790.3396635
M3 - Conference contribution
AN - SCOPUS:85089262613
T3 - ACM International Conference Proceeding Series
SP - 278
EP - 284
BT - PEARC 2020 - Practice and Experience in Advanced Research Computing 2020
PB - Association for Computing Machinery
Y2 - 27 July 2020 through 31 July 2020
ER -