Unlocking data: Federated identity with LSDMA and dCache
Millar, A. P.; Behrmann, G.; Bernardt, C.; Fuhrmann, P.; Hardt, M.
1; Hayrapetyan, A. 1; Litvintsev, D.; Mkrtchyan, T.; Rossi, A.; Schwank, K.
1 Karlsruher Institut für Technologie (KIT)
1; Hayrapetyan, A. 1; Litvintsev, D.; Mkrtchyan, T.; Rossi, A.; Schwank, K.1 Karlsruher Institut für Technologie (KIT)
Abstract (englisch):
X.509, the dominant identity system from grid computing, has proved unpopular for many user communities. More popular alternatives generally assume the user is interacting via their web-browser. Such alternatives allow a user to authenticate with many services with the same credentials (user-name and password). They also allow users from different organisations form collaborations quickly and simply.
Scientists generally require that their custom analysis software has direct access to the data. Such direct access is not currently supported by alternatives to X.509, as they require the use of a web-browser.
Various approaches to solve this issue are being investigated as part of the Large Scale Data Management and Analysis (LSDMA) project, a German funded national R&D project. These involve dynamic credential translation (creating an X.509 credential) to allow backwards compatibility in addition to direct SAML- and OpenID Connect-based authentication.
We present a summary of the current state of art and the current status of the federated identity work funded by the LSDMA project along with the future road map.
Scientists generally require that their custom analysis software has direct access to the data. Such direct access is not currently supported by alternatives to X.509, as they require the use of a web-browser.
Various approaches to solve this issue are being investigated as part of the Large Scale Data Management and Analysis (LSDMA) project, a German funded national R&D project. These involve dynamic credential translation (creating an X.509 credential) to allow backwards compatibility in addition to direct SAML- and OpenID Connect-based authentication.
We present a summary of the current state of art and the current status of the federated identity work funded by the LSDMA project along with the future road map.
| Zugehörige Institution(en) am KIT | Scientific Computing Center (SCC) Universität Karlsruhe (TH) – Zentrale Einrichtungen (Zentrale Einrichtungen) |
| Publikationstyp | Zeitschriftenaufsatz |
| Publikationsjahr | 2015 |
| Sprache | Englisch |
| Identifikator | ISSN: 1742-6588, 1742-6596 urn:nbn:de:swb:90-557966 KITopen-ID: 1000055796 |
| HGF-Programm | 46.12.02 (POF III, LK 01) Data Activities |
| Erschienen in | Journal of physics / Conference Series |
| Verlag | Institute of Physics Publishing Ltd (IOP Publishing Ltd) |
| Band | 664 |
| Heft | 4 |
| Seiten | 042037/1-4 |
| Bemerkung zur Veröffentlichung | 21st International Conference on Computing in High Energy and Nuclear Physics (CHEP 2015), Okinawa, J, April 13-17,2015 |
| Nachgewiesen in | OpenAlex Scopus Dimensions |
| Globale Ziele für nachhaltige Entwicklung |