Distributed web security for science gateways

Jim Basney, Rion Dooley, Jeff Gaynor, Suresh Marru, Marlon Pierce

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Science gateways broaden and simplify access to cyberinfrastructure (CI) by providing advanced interfaces to collaboration, analysis, data management, and other tools for students and researchers. As these science gateway interfaces to cyberinfrastructure grow in popularity, web portal developers adopt ad hoc approaches to the security challenges of authentication, authorization, and delegation. Science gateways integrate cyberinfrastructure resources on the researcher's behalf, i.e., accessing data, compute cycles, instruments, and other valuable resources. Resource access often requires use of the researcher's security credentials, in some cases exposing the researcher's long-lived password to potential compromise at the science gateway. There is no standard approach for a researcher to control and limit a science gateway's access to his or her resources. Thus, researchers are required to accept unnecessary risks when using science gateways. The "Distributed Web Security for Science Gateways" project is addressing these risks by providing authorization and delegation software for science gateways that complies with the Internet Engineering Task Force's standard OAuth protocol. The project is developing an OAuth server implementation and a set of client libraries and authentication modules to enable out of the box integration with common Web platforms, in coordination with gateways and cyberinfrastructure providers. In this paper, we introduce the project, including our planned software architecture.

Original languageEnglish (US)
Title of host publicationGCE'11 - Proceedings of the 2011 ACM Workshop on Gateway Computing Environments, Co-located with SC'11
Pages13-20
Number of pages8
DOIs
StatePublished - Dec 1 2011
Event2011 ACM Workshop on Gateway Computing Environments, GCE'11, Co-located with SC'11 - Seattle, WA, United States
Duration: Nov 18 2011Nov 18 2011

Publication series

NameGCE'11 - Proceedings of the 2011 ACM Workshop on Gateway Computing Environments, Co-located with SC'11

Other

Other2011 ACM Workshop on Gateway Computing Environments, GCE'11, Co-located with SC'11
CountryUnited States
CitySeattle, WA
Period11/18/1111/18/11

Keywords

  • OAuth
  • Science gateways

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Software

Fingerprint Dive into the research topics of 'Distributed web security for science gateways'. Together they form a unique fingerprint.

Cite this