Tutorial on Science Gateways, Roma, 03.06.2013 Riccardo Rotondo Introduction on Science Gateway Understanding access and functionalities.

Slides:



Advertisements
Similar presentations
Lousy Introduction into SWITCHaai
Advertisements

Grid Initiatives for e-Science virtual communities in Europe and Latin America The VRC-driven GISELA Science Gateway Diego Scardaci.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Federated access to e-Infrastructures worldwide
Introduction on Science Gateway Understanding access and functionalities Catania, 09/06/2014Riccardo Rotondo
CGW 2009 Vine Toolkit A uniform access and portal solution to existing grid middleware services P.Dziubecki, T.Kuczynski, K.Kurowski, D.Szejnfeld, D.Tarnawczyk,
Access Control Patterns & Practices with WSO2 Middleware Prabath Siriwardena.
2006 © SWITCH Authentication and Authorization Infrastructures in e-Science (and the role of NRENs) Christoph Witzig SWITCH e-IRG, Helsinki, Oct 4, 2006.
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (
Shibboleth & IMPETUS 1.What are they? 2.Demo. Shibboleth - A system to support the sharing of Web resources among organisations IMPETUS - Infrastructure.
WebFTS as a first WLCG/HEP FIM pilot
Catania Science Gateway Framework Motivations, architecture, features Catania, 09/06/2014Riccardo Rotondo
SOA & BPM Business Architecture, SOA & BPM Learn about SOA and Business Process Management (BPM) Learn how to build process diagrams.
Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing Research Infrastructures – Proposal n A Standard-based.
Seamless Medical Image Processing on the Grid on the Example of Segmentation and Partition of the Airspaces Andrzej Rutkowski 1, Michał Chlebiej 1, Marcelina.
The EPIKH Project (Exchange Programme to advance e-Infrastructure Know-How) Grid Engine Riccardo Rotondo
1.The portal sends, under the user approval, user’s attribute retrieved from IDP to CA bridge 2.CA bridge module requests to a CA-online a certificate.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
GILDA testbed GILDA Certification Authority GILDA Certification Authority User Support and Training Services in IGI IGI Site Administrators IGI Users IGI.
GridShib: Grid/Shibboleth Interoperability September 14, 2006 Washington, DC Tom Barton, Tim Freeman, Kate Keahey, Raj Kettimuthu, Tom Scavo, Frank Siebenlist,
Neil Witheridge APAN29 Sydney February 2010 ARCS Authorisation Services Neil Witheridge Manager, ARCS Authorisation Services APAN29, Sydney, February 2010.
STAR net, Resources and VOs C. Vuerli, A. Costa, U. Becciani, P. Massimino, G. Castelli.
ShibGrid: Shibboleth access to the UK National Grid Service University of Oxford and STFC.
Shibboleth Akylbek Zhumabayev September Agenda Introduction Related Standards: SAML, WS-Trust, WS-Federation Overview: Shibboleth, GSI, GridShib.
MAT U M A T U Middleware Assisted Take-Up Service For JISC Funded Early Adopters.
GRID Overview Internet2 Member Meeting Spring 2003 Sandra Redman Information Technology and Systems Center and Information Technology Research Center National.
Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.
Authentication and Authorisation for Research and Collaboration Peter Solagna Milano, AARC General meeting Report and plans Attribute.
Authentication and Authorisation for Research and Collaboration Peter Solagna Milano, AARC General meeting Current status and plans.
Widening the number of e-Infrastructure users with Science Gateways and Identity Federations Giuseppe Andronico INFN -
EMI is partially funded by the European Commission under Grant Agreement RI Federated Grid Access Using EMI STS Henri Mikkonen Helsinki Institute.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.
DECIDE DECIDE ( Diagnostic Enhancement of Confidence by an International Distributed Environment ) Valeria Ardizzone Consorzio COMETA & INFN Catania (DECIDE.
How to integrate EGI portals with Identity Federations Roberto Barbera Univ. of Catania and INFN EGI Technical Forum – Prague,
Science gateway e risultati dei progetti Europei di e-Infrastructure Roberto Barbera Univ. di Catania & INFN Riunione CCR.
European Grid Initiative AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Tutorial on Science Gateways, Roma, Catania Science Gateway Framework Motivations, architecture, features Riccardo Rotondo.
Introduction to Distributed Computing Infrastructures and the Catania Science Gateway Framework Roberto Barbera Univ. of Catania.
Grid Initiatives for e-Science virtual communities in Europe and Latin America Riccardo Rotondo
Utilizzo di portali per interfacciamento tra Grid e Cloud Workshop della Commissione Calcolo e Reti dell’INFN, May Laboratori Nazionali del.
Co-ordination & Harmonisation of Advanced e-Infrastructures Research Infrastructures – Grant Agreement n The CHAIN project and its worldwide interoperability.
Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing Co-funded.
The Catania Grid Engine Mr. Riccardo Rotondo Consortium GARR, Rome, Italy
REST API to develop application for mobile devices Mario Torrisi Dipartimento di Fisica e Astronomia – Università degli Studi.
The Catania Grid Engine and some implementations of the framework Diego Scardaci INFN The Catania Science Gateway Framework.
Co-ordination & Harmonisation of Advanced e-INfrastructures CHAIN Worldwide Interoperability Test Roberto Barbera – Univ. of Catania and INFN Diego Scardaci.
Co-ordination & Harmonisation of Advanced e-INfrastructures Technical program: advancement & issues Roberto Barbera University.
Overview on the work performed during EPIKH Training Faiza MEDJEK /INFN, CATANIA 1.
DECIDE DECIDE ( Diagnostic Enhancement of Confidence by an International Distributed Environment ) Valeria Ardizzone Consorzio COMETA (DECIDE Technical.
Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.
A. Costa, P. Massimino, C. Vuerli, U. Becciani INAF CTA Gateway Prototype Based on gUSE/WS-PGRADE and Single-Sign-On (SSO)
Authentication and Authorisation for Research and Collaboration Taipei - Taiwan Mechanisms of Interfederation 13th March 2016 Alessandra.
The Catania Science Gateway framework Mr. Riccardo Rotondo Consortium GARR, Rome, Italy
Some considerations and ideas for the (next) future Roberto Barbera University of Catania and INFN IWSG’10.
A Data Engine for Grid Science Gateways Enabling Easy Transfers and Data Sharing Dr. Marco Fargetta (1), Mr. Riccardo Rotondo (2,*), Prof. Roberto Barbera.
Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing Grant.
Virtual Organisations and the NGS Mike Jones Research Computing Services e-Science & “The Grid” for Bio/Health Informaticians, IT January 2008.
Extending Authentication to Members of Social Networks
Identity Federations - Overview
Grid accounting system
Riccardo Rotondo INFN Catania – Italy
ELIXIR Safeguarding the results of life science research in Europe
ESA Single Sign On (SSO) and Federated Identity Management
Elisa Ingrà – Consortium GARR
Community AAI with Check-In
Grid Engine Riccardo Rotondo
Grid Engine Diego Scardaci (INFN – Catania)
AAI in EGI Status and Evolution
Check-in Identity and Access Management solution that makes it easy to secure access to services and resources.
Presentation transcript:

Tutorial on Science Gateways, Roma, Riccardo Rotondo Introduction on Science Gateway Understanding access and functionalities

Riccardo Rotondo Tutorial on Science Gateways, Roma, Outline  What is a Science Gateway ?  The Catania Science Gateway Framework  General Architecture  Authentication, Authorisation and Roles  Catania Grid Engine  Roles  Use Case:  The DECIDE Science Gateway  The GARR Science Gateway

Tutorial on Science Gateways, Roma, Riccardo Rotondo

Reference Model Riccardo Rotondo Tutorial on Science Gateways, Roma, Science Gateway Science Gateway Scientific Application E-Collaboration Social Application Standard Services Users of different Institutions members of GARR and/or international partners involved in European Projects of the Consortium GRID CLOUD Local Cluster

Reference Model Riccardo Rotondo Tutorial on Science Gateways, Roma, Science Gateway Science Gateway Scientific Application E-Collaboration Social Application Users of different Institutions members of GARR and/or international partners involved in European Projects of the Consortium Standard-based (SAGA) middleware-independent Grid Engine Standard-based (SAGA) middleware-independent Grid Engine

Requirements  Authentication and Autorisation  SAML, LDAP  Application middleware indipendent  jSAGA, SAGA  Standard Java Technology  JSR 168/286  Web Technology  Web CMS  Wiki, Blog, Messages Board, Vconf, Adobe Connect  Portal Framework  Standard Adoption  Reusability  Simplicity  Easy usage and access Tutorial on Science Gateways, Roma, Riccardo Rotondo

Tutorial on Science Gateways, Roma, Riccardo Rotondo

Terena Identity Federations Riccardo Rotondo Tutorial on Science Gateways, Roma, map.html

Federated Identity Management (FIdM) Riccardo Rotondo Tutorial on Science Gateways, Roma,  In the web technology arena many approaches are available to federate authentication  A standard provided by OASIS defines the Security Assertion Markup Language (SAML)  Several tools are available, e.g.:  Shibboleth  SimpleSAMLphp  Organisations can rely on traditional tools to manage users:  LDAP, CAS, plain text, etc.  Free and Open Source

Enabling SGs to FIdM Riccardo Rotondo Tutorial on Science Gateways, Roma,  Access to e-Infrastructure services requires authentication.  The distributed/cross-domain nature of resources requires, in some case, strong security mechanisms  SGs willing to provide easy access to these services  Some institutions want to maintain the control of their own users’ authentication

So a federation is made of…  A collection of Identity Providers that follows a defined set of rules and policy.  Identity providers (IdPs) are responsible for authenticating a closed group of users (i.e. of the same organisation)  Each IdPs regulate access to a set of Service Providers (i.e. mail server of the mentioned organisation) Riccardo Rotondo Tutorial on Science Gateways, Roma,

Federated User Science Gateway Tutorial on Science Gateways, Roma, Riccardo Rotondo

Social User Science Gateway Tutorial on Science Gateways, Roma, Riccardo Rotondo

Authorisation request  The first time users access the Science Gateway their IdP authenticates them  LDAP server connected to the Service Provider (SP) cannot authorise the users  SP leads users automatically to the registration form  A part from them data, users can request for a specific role Riccardo Rotondo Tutorial on Science Gateways, Roma,

Riccardo Rotondo Tutorial on Science Gateways, Roma, Authorisation request

Authorisation Managment Riccardo Rotondo Tutorial on Science Gateways, Roma,

Registration  Users not belonging to any of the enabled federation can register to the catch all Identity Provider of the GrIDP federation Riccardo Rotondo Tutorial on Science Gateways, Roma,

Riccardo Rotondo

Integrated Services Riccardo Rotondo Tutorial on Science Gateways, Roma, GRID CLOUD JSR 168/286 Catania Science Gateway Framework Local Cluster

Catania Science Gateway Framework Riccardo Rotondo Tutorial on Science Gateways, Roma, Catania Science Gateway Framework Grid Engine Data On Grid Services Cloud Services JSAGA Adaptors

Usage Workflow Riccardo Rotondo 1. Sign in eTokenServer User Tracking DB 3. Proxy request 4. Proxy transfer 5. Grid Submission 5. Tracking 6. Getting Results Tutorial on Science Gateways, Roma, Grid Request

Access Riccardo Rotondo Tutorial on Science Gateways, Roma,

Applications accessing grid services Riccardo Rotondo  12 applications developed among 5 different countries and 3 continents (Europe, Latin America and Asia);  4 scientific domains:  Life Science;  Mathematic & Computer Science;  High Energy Physics;  Cultural Heritage. Tutorial on Science Gateways, Roma,

Job Submission Riccardo Rotondo Tutorial on Science Gateways, Roma,

Job Submission Riccardo Rotondo Tutorial on Science Gateways, Roma,

My Workspace – Active Job List Riccardo Rotondo Tutorial on Science Gateways, Roma,

My Workspace - Done Job List Riccardo Rotondo Tutorial on Science Gateways, Roma,

My Workspace – MyJobsMap Riccardo Rotondo Tutorial on Science Gateways, Roma,

My Data Riccardo Rotondo Tutorial on Science Gateways, Roma, Sharing features among users will soon be added

Roles & Privileges  Surfing a Science Gateway changes according different roles  Mapping between Liferay roles and LDAP group  Similar mapping available on grid (i.e. voms roles)  Liferay allows administrator to fully customize users experience assigning different roles to each components (pages, wikis, plugins, data) Riccardo Rotondo Tutorial on Science Gateways, Roma,

Facebook Integration Riccardo Rotondo Tutorial on Science Gateways, Roma,

References  GARR Science Gateway:  GARR Science Gateway Facebook Community Page: mmunity mmunity  Training Material:  Catania Science Gateways: science-gateways.ithttp:// science-gateways.it Riccardo Rotondo Tutorial on Science Gateways, Roma,

Questions ? Riccardo Rotondo Tutorial on Science Gateways, Roma,

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.