| Title | Securing HPC using Federated Authentication |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Prout, Andrew, Arcand, William, Bestor, David, Bergeron, Bill, Byun, Chansup, Gadepally, Vijay, Houle, Michael, Hubbell, Matthew, Jones, Michael, Klein, Anna, Michaleas, Peter, Milechin, Lauren, Mullen, Julie, Rosa, Antonio, Samsi, Siddharth, Yee, Charles, Reuther, Albert, Kepner, Jeremy |
| Conference Name | 2019 IEEE High Performance Extreme Computing Conference (HPEC) |
| Keywords | authentication, authorisation, basic account maintenance, external federated identity management systems, federated authentication, federated identity management, High performance computing, HPC system security, human factors, In Common Federation, learning (artificial intelligence), message authentication, metadata, Metrics, Multi-factor authentication, multifactor authentication, multifactor authentication process, parallel processing, PKI, Portals, pubcrawl, public key infrastructure, Resiliency, security, the U.S. Government PKI, US Department of Defense |
| Abstract | Federated authentication can drastically reduce the overhead of basic account maintenance while simultaneously improving overall system security. Integrating with the user's more frequently used account at their primary organization both provides a better experience to the end user and makes account compromise or changes in affiliation more likely to be noticed and acted upon. Additionally, with many organizations transitioning to multi-factor authentication for all account access, the ability to leverage external federated identity management systems provides the benefit of their efforts without the additional overhead of separately implementing a distinct multi-factor authentication process. This paper describes our experiences and the lessons we learned by enabling federated authentication with the U.S. Government PKI and In Common Federation, scaling it up to the user base of a production HPC system, and the motivations behind those choices. We have received only positive feedback from our users. |
| DOI | 10.1109/HPEC.2019.8916255 |
| Citation Key | prout_securing_2019 |
Securing HPC using Federated Authentication