dcache integration into HDF
|
|
- Brittney Jackson
- 5 years ago
- Views:
Transcription
1 dcache integration into HDF Storage service at DESY for Helmholtz Data Federation (HDF) Paul Millar Karlsruhe, This project has received funding from the European Union s Horizon 2020 research and innovation programme under grant agreement No and
2 What is dcache Used by scientists for photon science, astronomy, particle physics, genomic analysis, neutrino experiments, medical, Storage software that allows a site to... move beyond limitations of a single node. scale performance with number of nodes. choose which hardware to buy. Used to provide roughly 50% of the storage needed to find the Higgs particle Widely deployed storage software, used by institutes throughout the world, often with users throughout the world. A collaboration between DESY, Fermilab and NEIC A software development team, with experience in supporting scientific communities for over 15 years. Providing cutting-edge features: pluggable authentication, delegated authorisation, event-driven model / storage events,
3 dcache authn & authz Protocol layer Management layer Storage layer WebDAV door gplazma Frontend door FTP door Namespace pool NFS door Pool manager Page 3
4 dcache authn & authz Protocol layer Management layer Storage layer 1. Identify user gplazma 5. Data Transfer Transfer data WebDAV door 2. Authorisation 4. Load management pool Namespace 3. Resource management Pool manager Page 4
5 What is OpenID-Connect? DISCLAIMER: it's more complicated than shown here Server has a resource that (normally) only owner can access PR OIDC Provider knows who is the user PR Details about the User Owner Client wants access to a protected resource. User Client wants to know who is the user OAuth2 OpenID-Connect Page 5
6 Why use OpenID-Connect? OIDC Provider knows who is the user PR User Client wants to know who is the user Page 6
7 dcache authn & authz: working with OpenID-Connect OpenID-Connect Provider (OP) Sub uid Group gid Client / Web portal WebDAV door gplazma Access Refresh uid, gid dcache Page 7
8 Third-party copy: single file (simplified) DATA Storage #1 Storage #2 Page 8
9 Third-party copy: in practice DATA Storage #1 Storage #2 Transfer service Page 9
10 dcache authn & authz: third-party copy w/ OIDC delegation OpenID-Connect Provider (OP) C OpenID-Connect Delegation T T C C Sub uid Group gid Client / Web portal C WebDAV door gplazma Access Refresh T T uid, gid Pool dcache T WebDAV endpoint Other storage Page 10
11 dcache authn & authz: third-party copy with macaroons OpenID-Connect Provider (OP) C Sub uid Group gid C Client / Web portal Access Refresh C M WebDAV door M uid, gid gplazma pool dcache M M WebDAV endpoint Other storage Page 11
12 dcache integration points What bits are missing How these are being added
13 dcache integration points OpenID-Connect Provider (OP) Site policy: Outside inside identity Accept new users automatically? Given users a home directory? Sub uid Group gid Client / Web portal WebDAV door gplazma Access Refresh uid, gid dcache Page 13
14 The big picture Unity Feudal dcacheview WebDAV door C gplazma Sub uid Group gid Web-FTS / FTS Command-line tools uid, gid dcache Page 14
15 Current status
16 Current status dcache code Support for OIDC in webdav & frontend Support for OIDC sub and group mapping Third-party transfer support (macaroons and OIDC-delegation) OIDC support in dcacheview Deployment Support for Unity in test-bed: prometheus and dcache-xdc dcacheview / prometheus support enabled Initial investigation Feudal oidc-agent Page 16
17 Future work & time-line
18 Future work Development work Support dcacheview login longer than the access-token lifetime: either support refresh-token, or add session support. Work on command-line clients; work with KIT on oidc-agent Work with Jülich on improvements within Unity; e.g., improve client registration, providing more information, Deployment Finish enrollment policy at DESY continue work based on Feudal (collaborating with KIT) Update a production dcache instance at DESY to support HDF November 2018 Closed beta testing (selected people) Early 2019 Open beta testing: users should accept possible unannounced interruption to service. Page 18
19 Possible usage scenarios: leverage dcache advantages Data for computation work Move data to DESY to allow analysis work with low latency access to data. Sharing data within HDF Enable easy sharing data between institutes. Support multiple access protocols, with all of dcache features. Sharing data with people outside of HDF Allow others to upload data; e.g., volunteer-computing / BOINC, IoT, Allow non-hdf users access to data without making it public Make use of other advanced dcache features Multiple protocol support Event driven work-flows / catalogue synchronisation / Third-party transfer support Different Quality-of-Service Page 19
20 Thank you
21 Contact Deutsches Elektronen-Synchrotron Paul Millar IT
2. HDF AAI Meeting -- Demo Slides
2. HDF AAI Meeting -- Demo Slides Steinbuch Centre for Computing Marcus Hardt KIT University of the State of Baden-Wuerttemberg and National Research Center of the Helmholtz Association www.kit.edu Introduction
More informationdcache: challenges and opportunities when growing into new communities Paul Millar on behalf of the dcache team
dcache: challenges and opportunities when growing into new Paul Millar communities on behalf of the dcache team EMI is partially funded by the European Commission under Grant Agreement RI-261611 Orientation:
More informationdcache-view Olufemi S. Adeyemi On behalf of the project team INDIGO DataCloud
dcache-view Olufemi S. Adeyemi On behalf of the project team INDIGO DataCloud dcache-view Olufemi S. Adeyemi Umea 30 May 2017 dcache-view Olufemi S. Adeyemi Umea 30 May 2017 Useful flow chart Should I
More informationINDIGO AAI An overview and status update!
RIA-653549 INDIGO DataCloud INDIGO AAI An overview and status update! Andrea Ceccanti (INFN) on behalf of the INDIGO AAI Task Force! indigo-aai-tf@lists.indigo-datacloud.org INDIGO Datacloud An H2020 project
More informationDSIT WP1 WP2. Federated AAI and Federated Storage Report for the Autumn 2014 All Hands Meeting
DSIT WP1 WP2 Federated AAI and Federated Storage Report for the Autumn 2014 All Hands Meeting Content WP1 GSI: GSI Web Services accessible via IdP credentials GSI: Plan to integrate with UNITY (setting
More informationEUDAT - Open Data Services for Research
EUDAT - Open Data Services for Research Johannes Reetz EUDAT operations Max Planck Computing & Data Centre Science Operations Workshop 2015 ESO, Garching 24-27th November 2015 EUDAT receives funding from
More informationForgeRock Access Management Core Concepts AM-400 Course Description. Revision B
ForgeRock Access Management Core Concepts AM-400 Course Description Revision B ForgeRock Access Management Core Concepts AM-400 Description This structured course comprises a mix of instructor-led lessons
More informationCheck to enable generation of refresh tokens when refreshing access tokens
VERSION User: amadmin Server: sp.example.com LOG OUT OAuth2 Provider Save Reset Back to Services Realm Attributes Indicates required field Authorization Code Lifetime Refresh (seconds) If this field is
More informationThe EGI AAI CheckIn Service
The EGI AAI CheckIn Service Kostas Koumantaros- GRNET On behalf of EGI-Engage JRA1.1 www.egi.eu EGI-Engage is co-funded by the Horizon 2020 Framework Programme of the European Union under grant number
More informationASTRONOMY & PARTICLE PHYSICS CLUSTER
ASTRONOMY & PARTICLE PHYSICS CLUSTER Giovanni LAMANNA LAPP, Laboratoire d Annecy de Physique des Particules CNRS London, 30 January 2019 ESCAPE - The European Science Cluster of Astronomy & Particle Physics
More informationTutorial: Building the Services Ecosystem
Tutorial: Building the Services Ecosystem GlobusWorld 2018 Steve Tuecke tuecke@globus.org What is a services ecosystem? Anybody can build services with secure REST APIs App Globus Transfer Your Service
More informationChallenges in Storage
Challenges in Storage or : A random walk Presented by Patrick Fuhrmann with contributions from many experts. Contributions and thoughts provided by Oxana Smirnova, NeIC, Lund Markus Schulz, CERN IT Steven
More informationWP JRA1: Architectures for an integrated and interoperable AAI
Authentication and Authorisation for Research and Collaboration WP JRA1: Architectures for an integrated and interoperable AAI Christos Kanellopoulos Agenda Structure and administrative matters Objectives
More informationNow SAML takes it all:
Now SAML takes it all: Federation of non Web-based Services in the State of Baden-Württemberg Sebastian Labitzke Karlsruhe Institute of Technology (KIT) Steinbuch Centre for Computing (SCC) labitzke@kit.edu
More informationStorage Management in INDIGO
Storage Management in INDIGO Paul Millar paul.millar@desy.de with contributions from Marcus Hardt, Patrick Fuhrmann, Łukasz Dutka, Giacinto Donvito. INDIGO-DataCloud: cheat sheet A Horizon-2020 project
More informationSA1 CILogon pilot - motivation and setup
SA1 CILogon pilot - motivation and setup Tamas Balogh & Mischa Sallé tamasb@nikhef.nl msalle@nikhef.nl AARC General Meeting, Milan 4 November 2015 Tamas Balogh & Mischa Sallé (Nikhef) 1 / 11 Outline 1
More informationdcache Introduction Course
GRIDKA SCHOOL 2013 KARLSRUHER INSTITUT FÜR TECHNOLOGIE KARLSRUHE August 29, 2013 dcache Introduction Course Overview Chapters I, II and Ⅴ christoph.anton.mitterer@lmu.de I. Introduction To dcache Slide
More informationBest Practices: Authentication & Authorization Infrastructure. Massimo Benini HPCAC - April,
Best Practices: Authentication & Authorization Infrastructure Massimo Benini HPCAC - April, 03 2019 Agenda - Common Vocabulary - Keycloak Overview - OAUTH2 and OIDC - Microservices Auth/Authz techniques
More informationBEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE
BEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE OUR ORGANISATION AND SPECIALIST SKILLS Focused on delivery, integration and managed services around Identity and Access Management.
More informationAAI in EGI Current status
AAI in EGI Current status Peter Solagna EGI.eu Operations Manager www.egi.eu EGI-Engage is co-funded by the Horizon 2020 Framework Programme of the European Union under grant number 654142 User authentication
More informationEUDAT. Towards a pan-european Collaborative Data Infrastructure
EUDAT Towards a pan-european Collaborative Data Infrastructure Giuseppe Fiameni (g.fiameni@cineca.it) Claudio Cacciari SuperComputing, Application and Innovation CINECA Johannes Reatz RZG, Germany Damien
More informationD5.2 FOODstars website WP5 Dissemination and networking
D5.2 FOODstars website WP5 Dissemination and networking This project has received funding from the European Union s Horizon 2020 research and innovation programme under grant agreement No 692276. DISCLAIMER
More informationBeyond X.509: Token-based Authentication and Authorization with the INDIGO Identity and Access Management Service
Beyond X.509: Token-based Authentication and Authorization with the INDIGO Identity and Access Management Service Andrea Ceccanti andrea.ceccanti@cnaf.infn.it Workshop CCR Rimini, June 12th 2018 INDIGO
More informationEGI Check-in service. Secure and user-friendly federated authentication and authorisation
EGI Check-in service Secure and user-friendly federated authentication and authorisation EGI Check-in Secure and user-friendly federated authentication and authorisation Check-in provides a reliable and
More informationBootstrapping a (New?) LHC Data Transfer Ecosystem
Bootstrapping a (New?) LHC Data Transfer Ecosystem Brian Paul Bockelman, Andy Hanushevsky, Oliver Keeble, Mario Lassnig, Paul Millar, Derek Weitzel, Wei Yang Why am I here? The announcement in mid-2017
More informationdcache Ceph Integration
dcache Ceph Integration Paul Millar for dcache Team ADC TIM at CERN 2016 06 16 https://indico.cern.ch/event/438205/ Many slides stolen fromdonated by Tigran Mkrtchyan dcache as Storage System Provides
More informationDEPLOYMENT ROADMAP May 2015
DEPLOYMENT ROADMAP May 2015 Copyright and Disclaimer This document, as well as the software described in it, is furnished under license of the Instant Technologies Software Evaluation Agreement and may
More informationAllowing the user to define the attribute release 21 May 2014
Allowing the user to define the attribute release policy @TNC2014 21 May 2014 Program Introduction to User Managed Access (UMA) Demo A GN3+ JRA3T2 work item User Managed Access Kantara project.. address
More informationINDIGO-DataCloud Architectural Overview
INDIGO-DataCloud Architectural Overview RIA-653549 Giacinto Donvito (INFN) INDIGO-DataCloud Technical Director 1 st INDIGO-DataCloud Periodic Review Bologna, 7-8 November 2016 Outline General approach
More informationUsing Keycloak to Provide Authentication, Authorization, and Identity Management Services for Your Gateway
Using Keycloak to Provide Authentication, Authorization, and Identity Management Services for Your Gateway Marcus Christie Science Gateways Research Center Indiana University EDS Consultant Award Number
More informationUMA and Dynamic Client Registration. Thomas Hardjono on behalf of the UMA Work Group
UMA and Dynamic Client Registration Thomas Hardjono on behalf of the UMA Work Group 1 UMA is... A web protocol that lets you control authorization of data sharing and service access made on your behalf
More informationGuidelines on non-browser access
Published Date: 13-06-2017 Revision: 1.0 Work Package: Document Code: Document URL: JRA1 AARC-JRA1.4F https://aarc-project.eu/wp-content/uploads/2017/03/aarc-jra1.4f.pdf 1 Table of Contents 1 Introduction
More informationGDPR, PSD2, CIAM, and the Role of User-Managed Access 2.0
GDPR, PSD2, CIAM, and the Role of User-Managed Access 2.0 Eve Maler VP Innovation & Emerging Technology, ForgeRock @xmlgrrl eve.maler@forgerock.com Chair and founder, Kantara UMA Work Group @UMAWG tinyurl.com/umawg
More informationHTCondor with KRB/AFS Setup and first experiences on the DESY interactive batch farm
HTCondor with KRB/AFS Setup and first experiences on the DESY interactive batch farm Beyer Christoph & Finnern Thomas Madison (Wisconsin), May 2018 HTCondor week The Team and the Outline The Team Outline
More informationEXPERIENCE SIMPLER, STRONGER AUTHENTICATION
1 EXPERIENCE SIMPLER, STRONGER AUTHENTICATION 2 Data Breaches are out of control 3 IN 2014... 783 data breaches >1 billion records stolen since 2012 $3.5 million average cost per breach 4 We have a PASSWORD
More informationUser Management. Juan J. Doval DEIMOS SPACE S.L.U. NextGEOSS, September 25 th 2017
User Management Juan J. Doval DEIMOS SPACE S.L.U. NextGEOSS, September 25 th 2017 Agenda Introduction User Management Federation Objectives 1 Introduction NextGEOSS High-Level Architecture DataHub harvest
More informationSAML-Based SSO Solution
About SAML SSO Solution, page 1 Single Sign on Single Service Provider Agreement, page 2 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 3 Cisco Unified Communications Applications
More informationGrid Authentication and Authorisation Issues. Ákos Frohner at CERN
Grid Authentication and Authorisation Issues Ákos Frohner at CERN Overview Setting the scene: requirements Old style authorisation: DN based gridmap-files Overview of the EDG components VO user management:
More informationA scalable storage element and its usage in HEP
AstroGrid D Meeting at MPE 14 15. November 2006 Garching dcache A scalable storage element and its usage in HEP Martin Radicke Patrick Fuhrmann Introduction to dcache 2 Project overview joint venture between
More informationDeliverable Final Data Management Plan
EU H2020 Research and Innovation Project HOBBIT Holistic Benchmarking of Big Linked Data Project Number: 688227 Start Date of Project: 01/12/2015 Duration: 36 months Deliverable 8.5.3 Final Data Management
More informationdcache, activities Patrick Fuhrmann 14 April 2010 Wuppertal, DE 4. dcache Workshop dcache.org
dcache, activities Patrick Fuhrmann Content Do we still have enough money? Is dcache still en vogue? What are we working on and what will follow? WLCG Activities Do we have enough money? NO, but What/who
More informationdcache NFSv4.1 Tigran Mkrtchyan Zeuthen, dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 1
dcache NFSv4.1 Tigran Mkrtchyan Zeuthen, 13.04.12 dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 1 Outline NFSv41 basics NFSv4.1 concepts PNFS Id mapping Industry standard dcache implementation dcache NFSv4.1
More informationDeveloping Microsoft Azure Solutions (70-532) Syllabus
Developing Microsoft Azure Solutions (70-532) Syllabus Cloud Computing Introduction What is Cloud Computing Cloud Characteristics Cloud Computing Service Models Deployment Models in Cloud Computing Advantages
More informationUnderstanding StoRM: from introduction to internals
Understanding StoRM: from introduction to internals 13 November 2007 Outline Storage Resource Manager The StoRM service StoRM components and internals Deployment configuration Authorization and ACLs Conclusions.
More informationTechnical Overview. Version March 2018 Author: Vittorio Bertola
Technical Overview Version 1.2.3 26 March 2018 Author: Vittorio Bertola vittorio.bertola@open-xchange.com This document is copyrighted by its authors and is released under a CC-BY-ND-3.0 license, which
More informationPartner Center: Secure application model
Partner Center: Secure application model The information provided in this document is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including
More informationdcache Introduction Course
GRIDKA SCHOOL 2013 KARLSRUHER INSTITUT FÜR TECHNOLOGIE KARLSRUHE August 29, 2013 dcache Introduction Course Overview Chapters I, II and Ⅴ Christoph Anton Mitterer christoph.anton.mitterer@lmu.de ⅤIII.
More informationSonicWall Secure Mobile Access
SonicWall Secure Mobile Access 8.5.0.10 November 2017 These release notes provide information about the SonicWall Secure Mobile Access (SMA) 8.5.0.10 release. Topics: About Secure Mobile Access 8.5.0.10
More informationBIG-IP Access Policy Manager : Authentication and Single Sign-On. Version 13.1
BIG-IP Access Policy Manager : Authentication and Single Sign-On Version 13.1 Table of Contents Table of Contents Authentication Concepts... 15 About AAA server support... 15 About AAA high availability
More informationEUDAT. Towards a Collaborative Data Infrastructure. Ari Lukkarinen CSC-IT Center for Science, Finland NORDUnet 2012 Oslo, 18 August 2012
EUDAT Towards a Collaborative Data Infrastructure Ari Lukkarinen CSC-IT Center for Science, Finland NORDUnet 2012 Oslo, 18 August 2012 Big (Chaotic) Data DATA GENERATORS 1) Measurement technology. 2) Cheap
More informationDeveloping Microsoft Azure Solutions (70-532) Syllabus
Developing Microsoft Azure Solutions (70-532) Syllabus Cloud Computing Introduction What is Cloud Computing Cloud Characteristics Cloud Computing Service Models Deployment Models in Cloud Computing Advantages
More informationskype ID: store.belvg US phone number:
1 Table of Contents Table of Contents: 1. Introduction to Products Sorting... 3 2. How to Install... 4 3. How to Configure... 5 3.1. How to create sorting attributes... 5 3.2. How to manage sorting attributes...
More informationONE Mail Direct DORMANT ACCOUNT Policy & Procedure. One Mail Solution
ONE Mail Direct DORMANT ACCOUNT Policy & Procedure One Mail Solution Purpose/Objective The purpose of this ONE Mail Dormant Account Policy and Procedure ( Policy ) is to set out ehealth Ontario s (the
More informationAARC Blueprint Architecture
AARC Blueprint Architecture Published Date: 18-04-2017 Revision: 1.0 Work Package: Document Code: Document URL: JRA1 AARC-BPA-2017 https://aarc-project.eu/blueprint-architecture AARC Blueprint Architecture
More informationBECOMING A DATA-DRIVEN BROADCASTER AND DELIVERING A UNIFIED AND PERSONALISED BROADCAST USER EXPERIENCE
BECOMING A DATA-DRIVEN BROADCASTER AND DELIVERING A UNIFIED AND PERSONALISED BROADCAST USER EXPERIENCE M. Barroco EBU Technology & Innovation, Switzerland ABSTRACT Meeting audience expectations is becoming
More informationINDIGO-Datacloud Identity and Access Management Service
INDIGO-Datacloud Identity and Access Management Service RIA-653549 Presented by Andrea Ceccanti (INFN) andrea.ceccanti@cnaf.infn.it WLCG AuthZ WG Meeting Dec, 14th 2017 IAM overview INDIGO IAM The Identity
More informationDistributing storage of LHC data - in the nordic countries
Distributing storage of LHC data - in the nordic countries Gerd Behrmann INTEGRATE ASG Lund, May 11th, 2016 Agenda WLCG: A world wide computing grid for the LHC NDGF: The Nordic Tier 1 dcache: Distributed
More informationScientific Data Curation and the Grid
Scientific Data Curation and the Grid David Boyd CLRC e-science Centre http://www.e-science.clrc.ac.uk/ d.r.s.boyd@rl.ac.uk 19 October 2001 Digital Curation Seminar 1 Outline Some perspectives on scientific
More informationBlackBerry Enterprise Identity
Datasheet BlackBerry Enterprise Identity The Challenge: Cloud services are critical in today s enterprises, yet a reliance on the cloud comes with real and growing security risks. Enterprises want a simple,
More informationLessons Learned in the NorduGrid Federation
Lessons Learned in the NorduGrid Federation David Cameron University of Oslo With input from Gerd Behrmann, Oxana Smirnova and Mattias Wadenstein Creating Federated Data Stores For The LHC 14.9.12, Lyon,
More informationEUDAT- Towards a Global Collaborative Data Infrastructure
EUDAT- Towards a Global Collaborative Data Infrastructure FOT-Net Data Stakeholder Meeting Brussels, 8 March 2016 Yann Le Franc, PhD e-science Data Factory, France CEO and founder EUDAT receives funding
More informationSSRS-4 and the CREMLIN follow up project
SSRS-4 and the CREMLIN follow up project Towards elaborating a plan for the future collaboration Martin Sandhop SSRS-4 and the CREMLIN follow up project www.cremlin.eu CREMLIN WP5 Workshop: "Towards a
More information[GSoC Proposal] Securing Airavata API
[GSoC Proposal] Securing Airavata API TITLE: Securing AIRAVATA API ABSTRACT: The goal of this project is to design and implement the solution for securing AIRAVATA API. Particularly, this includes authenticating
More informationA RESTful Approach to Identity-based Web Services
A RESTful Approach to Identity-based Web Services Marc J. Hadley Hubert A. Le Van Gong Sun Microsystems, Inc. 1 Outline > Identity-based web services intro > RESTful ID-WSF > OAuth Extensions > Permissioned
More informationDeveloping Microsoft Azure Solutions (70-532) Syllabus
Developing Microsoft Azure Solutions (70-532) Syllabus Cloud Computing Introduction What is Cloud Computing Cloud Characteristics Cloud Computing Service Models Deployment Models in Cloud Computing Advantages
More informationPrometheus: LDAP Based Account Provisioning
Prometheus: LDAP Based Account Provisioning Simon Wilkinson School of Informatics, University of Edinburgh The University of Edinburgh is a charitable body, registered in Scotland, with
More informationDesign patterns for data-driven research acceleration
Design patterns for data-driven research acceleration Rachana Ananthakrishnan, Kyle Chard, and Ian Foster The University of Chicago and Argonne National Laboratory Contact: rachana@globus.org Introduction
More informationCIAM: Need for Identity Governance & Assurance. Yash Prakash VP of Products
CIAM: Need for Identity Governance & Assurance Yash Prakash VP of Products Key Tenets of CIAM Solution Empower consumers, CSRs & administrators Scale to millions of entities, cloud based service Security
More informationIEPSAS-Kosice: experiences in running LCG site
IEPSAS-Kosice: experiences in running LCG site Marian Babik 1, Dusan Bruncko 2, Tomas Daranyi 1, Ladislav Hluchy 1 and Pavol Strizenec 2 1 Department of Parallel and Distributed Computing, Institute of
More informationAuthentication with OAuth 2.0
Authentication with OAuth 2.0 The OAuth 2.0 specification defines a delegation protocol that is useful for conveying authorization decisions across a network of web-enabled applications and APIs. OAuth
More informationSparta Systems TrackWise Digital Solution
Systems TrackWise Digital Solution 21 CFR Part 11 and Annex 11 Assessment February 2018 Systems TrackWise Digital Solution Introduction The purpose of this document is to outline the roles and responsibilities
More informationAUTHENTICATION AND AUTHORIZATION: TWO SECURITY ESSENTIALS THAT WORK TOGETHER
E-Guide AUTHENTICATION AND AUTHORIZATION: TWO SECURITY ESSENTIALS THAT WORK TOGETHER SearchSecurity E ffective IT security today demands that users be both authenticated and authorized. But even those
More informationAPI Gateway. Version 7.5.1
O A U T H U S E R G U I D E API Gateway Version 7.5.1 15 September 2017 Copyright 2017 Axway All rights reserved. This documentation describes the following Axway software: Axway API Gateway 7.5.1 No part
More informationForgeRock Access Management Customization and APIs
training@forgerock.com ForgeRock Access Management Customization and APIs Description AM-421 Course Description Revision B This course provides a hands-on technical introduction to ForgeRock Access Management
More informationDistributed Data Management with Storage Resource Broker in the UK
Distributed Data Management with Storage Resource Broker in the UK Michael Doherty, Lisa Blanshard, Ananta Manandhar, Rik Tyer, Kerstin Kleese @ CCLRC, UK Abstract The Storage Resource Broker (SRB) is
More informationCoreBlox Integration Kit. Version 2.2. User Guide
CoreBlox Integration Kit Version 2.2 User Guide 2015 Ping Identity Corporation. All rights reserved. PingFederate CoreBlox Integration Kit User Guide Version 2.2 November, 2015 Ping Identity Corporation
More informationSingle Sign-On Best Practices
AUGUST 2018 WHITE PAPER Single Sign-On Best Practices Protecting Access in the Cloud Table of Contents Executive Summary... 3 Objectives... 3 Security Challenges... 4 Standards... 5 Conclusion... 6 Additional
More informationFederated Services for Scientists Thursday, December 9, p.m. EST
IAM Online Federated Services for Scientists Thursday, December 9, 2010 1 p.m. EST Rachana Ananthakrishnan Argonne National Laboratory & University of Chicago Jim Basney National Center for Supercomputing
More informationPilots to support guest users solutions
08-12-2016 Deliverable DSA1.1 Contractual Date: 31-07-2016 Actual Date: 08-12-2016 Grant Agreement No.: 653965 Work Package: SA1 Task Item: SA1.1 Pilot on Guest Identities Partner: GARR Document Code:
More informationopenid connect all the things
openid connect all the things @pquerna CTO, ScaleFT CoreOS Fest 2017-2017-07-01 Problem - More Client Devices per-human - Many Cloud Accounts - More Apps: yay k8s - More Distributed Teams - VPNs aren
More informationOctober J. Polycom Cloud Services Portal
October 2018 3725-42461-001J Polycom Cloud Services Portal Copyright 2018, Polycom, Inc. All rights reserved. No part of this document may be reproduced, translated into another language or format, or
More informationLowesLink VFI (Vendor Financial Information)
LowesLink VFI (Vendor Financial Information) Steps to Obtain Access November 2014 LowesLink is a registered trademark of LF, LLC. All Rights Reserved. 1 Requirements to Obtain VFI Access Slides LowesLink
More informationUser Management. Juan J. Doval DEIMOS SPACE S.L.U. NextGEOSS, April 2018
User Management Juan J. Doval DEIMOS SPACE S.L.U. NextGEOSS, April 2018 Agenda Introduction User Management Roadmap Related Activities 1 Introduction NextGEOSS High-Level Architecture DataHub harvest and
More informationYubico with Centrify for Mac - Deployment Guide
CENTRIFY DEPLOYMENT GUIDE Yubico with Centrify for Mac - Deployment Guide Abstract Centrify provides mobile device management and single sign-on services that you can trust and count on as a critical component
More information5 OAuth EssEntiAls for APi AccEss control layer7.com
5 OAuth Essentials for API Access Control layer7.com 5 OAuth Essentials for API Access Control P.2 Introduction: How a Web Standard Enters the Enterprise OAuth s Roots in the Social Web OAuth puts the
More informationAdding Cloud Based Interactive Compute Capabilities to Globus Endpoints
Adding Cloud Based Interactive Compute Capabilities to Globus Endpoints Ben Galewsky Research Programmer, National Center for Supercomputing Applications bengal1@illinois.edu http://www.nationaldataservice.org/
More informationDynamic Federations. Seamless aggregation of standard-protocol-based storage endpoints
Dynamic Federations Seamless aggregation of standard-protocol-based storage endpoints Fabrizio Furano Patrick Fuhrmann Paul Millar Daniel Becker Adrien Devresse Oliver Keeble Ricardo Brito da Rocha Alejandro
More informationScience-as-a-Service
Science-as-a-Service The iplant Foundation Rion Dooley Edwin Skidmore Dan Stanzione Steve Terry Matthew Vaughn Outline Why, why, why! When duct tape isn t enough Building an API for the web Core services
More informationDell EMC Unity Family
Dell EMC Unity Family Version 4.3 Configuring VVols H14975 REV 04 Copyright 2016-2018 Dell Inc. or its subsidiaries. All rights reserved. Published January 2018 Dell believes the information in this publication
More informationEGI federated e-infrastructure, a building block for the Open Science Commons
EGI federated e-infrastructure, a building block for the Open Science Commons Yannick LEGRÉ Director, EGI.eu www.egi.eu EGI-Engage is co-funded by the Horizon 2020 Framework Programme of the European Union
More informationOperating the Distributed NDGF Tier-1
Operating the Distributed NDGF Tier-1 Michael Grønager Technical Coordinator, NDGF International Symposium on Grid Computing 08 Taipei, April 10th 2008 Talk Outline What is NDGF? Why a distributed Tier-1?
More informationThe European Research Council
The European Research Council Scientific Reporting for ERC projects funded in FP7 Visual Guide for grantees ERC-SCIENTIFIC-FOLLOW- UP@ec.europa.eu August 2017 Scientific Reporting for ERC projects Scientific
More informationEntrust PartnerLink Login Instructions
Entrust PartnerLink Login Instructions Contents Introduction... 4 Purpose 4 Overview 4 Prerequisites 4 Instructions... 5 Entrust is a registered trademark of Entrust, Inc. in the United States and certain
More informationCustomer Online Support Demonstration. 1
Customer Online Support Demonstration 1 Introduction SATHYA is committed to simplifying and improving your support experience. As we launch our enhanced online case management capabilities, you will see
More informationVNC Connect security whitepaper. Cloud versus direct with VNC Connect
VNC Connect security whitepaper Cloud versus direct with VNC Connect November 2017 Contents Introduction... 3 Key terminology... 3 Direct connectivity... 4 Cloud connectivity... 5 Summary... 6 Appendix:
More informationCourse 10997A: Office 365 Administration and Troubleshooting
Skip to main content Course 10997A: Office 365 Administration and Troubleshooting - Course details Course Outline Module 1: Office 365 services overview This module describes Office 365 services, licensing,
More informationDeliverable D10.1 Launch and management of dedicated website and social media
STAR-ProBio Sustainability Transition Assessment and Research of Bio-based Products Grant Agreement Number 727740 Deliverable D10.1 Launch and management of dedicated website and social media Version 1.0,
More informationEnterprise Adoption Best Practices
Enterprise Adoption Best Practices Integrating FIDO & Federation Protocols December 2017 Copyright 2013-2017 FIDO Alliance All Rights Reserved. Audience This white paper is aimed at enterprises deploying
More informationInland Revenue. Build Pack. Identity and Access Services. Date: 04/09/2017 Version: 1.5 IN CONFIDENCE
Inland Revenue Build Pack Identity and Access Services Date: 04/09/2017 Version: 1.5 IN CONFIDENCE About this Document This document is intended to provide Service Providers with the technical detail required
More informationDeliverable D3.5 Harmonised e-authentication architecture in collaboration with STORK platform (M40) ATTPS. Achieving The Trust Paradigm Shift
Deliverable D3.5 Harmonised e-authentication architecture in collaboration with STORK platform (M40) Version 1.0 Author: Bharadwaj Pulugundla (Verizon) 25.10.2015 Table of content 1. Introduction... 3
More information