A Credential Store for Multi-tenant Science Gateways
Title | A Credential Store for Multi-tenant Science Gateways |
Publication Type | Conference Paper |
Year of Publication | 2014 |
Authors | Kanewala, T.A., Marru, S., Basney, J., Pierce, M. |
Conference Name | Cluster, Cloud and Grid Computing (CCGrid), 2014 14th IEEE/ACM International Symposium on |
Date Published | May |
Keywords | Apache Airavata, authentication, cloud computing, clouds, Communities, computational grids, credential store, gateway middleware, grid computing, Logic gates, middleware, middleware tier, multitenant science gateways, OA4MP, overlay cyber infrastructure, Portals, resource tier, Science Gateways, security, Servers, user interfaces, user interfacing tier |
Abstract | Science Gateways bridge multiple computational grids and clouds, acting as overlay cyber infrastructure. Gateways have three logical tiers: a user interfacing tier, a resource tier and a bridging middleware tier. Different groups may operate these tiers. This introduces three security challenges. First, the gateway middleware must manage multiple types of credentials associated with different resource providers. Second, the separation of the user interface and middleware layers means that security credentials must be securely delegated from the user interface to the middleware. Third, the same middleware may serve multiple gateways, so the middleware must correctly isolate user credentials associated with different gateways. We examine each of these three scenarios, concentrating on the requirements and implementation of the middleware layer. We propose and investigate the use of a Credential Store to solve the three security challenges. |
DOI | 10.1109/CCGrid.2014.95 |
Citation Key | 6846480 |
- middleware tier
- user interfacing tier
- user interfaces
- Servers
- security
- Science Gateways
- resource tier
- Portals
- overlay cyber infrastructure
- OA4MP
- multitenant science gateways
- Apache Airavata
- middleware
- Logic gates
- grid computing
- gateway middleware
- credential store
- computational grids
- Communities
- clouds
- Cloud Computing
- authentication