GridCertLib: A Single Sign-on Solution for Grid Web Applications and Portals

被引：12

作者：

Murri, Riccardo ^{[2
]}

Kunszt, Peter Z. ^{[1
]}

Maffioletti, Sergio ^{[2
]}

Tschopp, Valery ^{[3
]}

机构：

[1] Swiss Fed Inst Technol, SystemsX, CH-8092 Zurich, Switzerland

[2] Univ Zurich, Grid Comp Competence Ctr, Inst Organ Chem, CH-8057 Zurich, Switzerland

[3] SWITCH, CH-8004 Zurich, Switzerland

来源：

JOURNAL OF GRID COMPUTING | 2011年 / 9卷 / 04期

关键词：

Certification Authority; Identity Provider; Security Assertion Markup Language; Proxy Certificate; Community Authorization Service;

D O I：

10.1007/s10723-011-9195-y

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

This paper describes the design and implementation of GridCertLib, a Java library leveraging a Shibboleth-based authentication infrastructure and the SLCS online certificate signing service, to provide short-lived X.509 certificates and Grid proxies. The main use case envisioned for GridCertLib, is to provide seamless and secure access to Grid X.509 certificates and proxies in web applications and portals: when a user logs in to the portal using SAML-based Shibboleth authentication, GridCertLib uses the SAML assertion to obtain a Grid X.509 certificate from the SLCS service and generate a VOMS proxy from it. We give an overview of the architecture of GridCertLib and briefly describe its programming model. Its application to some deployment scenarios is outlined, as well as a report on practical experience integrating GridCertLib into portals for Bioinformatics and Computational Chemistry applications, based on the popular P-GRADE and Django softwares.

引用

页码：441 / 453

页数：13

共 50 条

[1] GridCertLib: A Single Sign-on Solution for Grid Web Applications and Portals
Riccardo Murri
Peter Z. Kunszt
Sergio Maffioletti
Valery Tschopp
[J]. Journal of Grid Computing, 2011, 9 : 441 - 453
[2] Single Sign-On Assistant: An Authentication Broker for Web Applications
Zhu, Fei
Diao, Hongjun
[J]. THIRD INTERNATIONAL CONFERENCE ON KNOWLEDGE DISCOVERY AND DATA MINING: WKDD 2010, PROCEEDINGS, 2010, : 146 - 149
[3] Mobile Single Sign-On Solution for Enterprise Cloud Applications
Spoorthi, V
Sekaran, K. Chandra
[J]. 2014 FIRST INTERNATIONAL CONFERENCE ON NETWORKS & SOFT COMPUTING (ICNSC), 2014, : 273 - 277
[4] Grid single sign-on in CCLRC
Jensen, Jens
Spence, David
Viljoen, Matthew
[J]. PROCEEDINGS OF THE UK E-SCIENCE ALL HANDS MEETING 2006, 2006, : 273 - +
[5] SSOScan: Automated Testing of Web Applications for Single Sign-On Vulnerabilities
Zhou, Yuchen
Evans, David
[J]. PROCEEDINGS OF THE 23RD USENIX SECURITY SYMPOSIUM, 2014, : 495 - 510
[6] CHARACTERIZATION OF WEB SINGLE SIGN-ON PROTOCOLS
Beltran, Victoria
[J]. IEEE COMMUNICATIONS MAGAZINE, 2016, 54 : 24 - 30
[7] Single sign-on to the web with an EMV card
Boyd, David J.
[J]. PROCEEDINGS OF THE 2008 INTERNATIONAL SYMPOSIUM ON COLLABORATIVE TECHNOLOGIES AND SYSTEMS: CTS 2008, 2008, : 112 - 120
[8] A single sign-on framework for web-services-based distributed applications
Hillenbrand, M
Götze, J
Müller, J
Müller, P
[J]. CONTEL 2005: PROCEEDINGS OF THE 8TH INTERNATIONAL CONFERENCE ON TELECOMMUNICATIONS, VOLS 1 AND 2, 2005, : 273 - 279
[9] A Single Sign-On Scheme for Cross Domain Web Applications Based on SOA
He, Enze
Wen, Qiaoyan
[J]. INTERNET OF THINGS-BK, 2012, 312 : 581 - 589
[10] Choosing a Single Sign-On Solution at STScI
Alexov, Anastasia
Deighton, Dan
Doggett, Jesse
McCuen, Leigh
Russell, Ron
Yermolaev, Alex
[J]. ASTRONOMICAL DATA ANALYSIS SOFTWARE AND SYSTEMS XXIII, 2014, 485 : 289 - 292

← 1 2 3 4 5 →