Comments
Description
Transcript
Science Gateway
Introduction on Science Gateway Understanding access and functionalities Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Outline What is a Science Gateway ? The Catania Science Gateway Framework General Architecture Authentication, Authorisation and Roles Catania Grid Engine Roles Use Case: The DECIDE Science Gateway The GARR Science Gateway Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Reference Model Scientific Application E-Collaboration Science Gateway Social Application Standard Services GRID Local Cluster Users of different Institutions members of GARR and/or international CLOUD partners involved in European Projects of the Riccardo Rotondo Consortium Tutorial on Science Gateways, Roma, 03.06.2013 Reference Model Scientific Application E-Collaboration Science Gateway Social Application Standard-based (SAGA) middleware-independent Grid Engine Users of different Institutions members of GARR and/or international partners involved in European Projects of the Riccardo Rotondo Consortium Tutorial on Science Gateways, Roma, 03.06.2013 Requirements Authentication and Autorisation SAML, LDAP Application middleware indipendent jSAGA, SAGA Standard Standard Adoption Java Technology 168/286 JSR Reusability Web Technology Simplicity Web CMS Wiki, Blog, Messages Board, Vconf, access Adobe Connect Easy usage and Portal Framework Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Terena Identity Federations http://www.terena.org/about/terena-membersmap.html Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Federated Identity Management (FIdM) In the web technology arena many approaches are available to federate authentication A standard provided by OASIS defines the Security Assertion Markup Language (SAML) Several tools are available, e.g.: Shibboleth SimpleSAMLphp Organisations can rely on traditional tools to manage users: LDAP, CAS, plain text, etc. Free and Open Source Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Enabling SGs to FIdM Access to e-Infrastructure services requires authentication. The distributed/cross-domain nature of resources requires, in some case, strong security mechanisms SGs willing to provide easy access to these services Some institutions want to maintain the control of their own users’ authentication Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 So a federation is made of… A collection of Identity Providers that follows a defined set of rules and policy. Identity providers (IdPs) are responsible for authenticating a closed group of users (i.e. of the same organisation) Each IdPs regulate access to a set of Service Providers (i.e. mail server of the mentioned organisation) Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Federated User Science Gateway Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Social User Science Gateway Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Authorisation request The first time users access the Science Gateway their IdP authenticates them LDAP server connected to the Service Provider (SP) cannot authorise the users SP leads users automatically to the registration form A part from them data, users can request for a specific role Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Authorisation request Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Authorisation Managment Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Registration Users not belonging to any of the enabled federation can register to the catch all Identity Provider of the GrIDP federation Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Integrated Services JSR 168/286 JSR 168/286 JSR 168/286 JSR 168/286 Catania Science Gateway Framework GRID CLOUD Local Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Cluster Catania Science Gateway Framework Catania Science Gateway Framework Grid Engine Data On Grid Services Cloud Services JSAGA Adaptors Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Usage Workflow eTokenServer 1. Sign in 5. Grid Submission GRID 2. Grid Request 6. Getting Results 5. Tracking User Tracking DB Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Access Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Applications accessing grid services 12 applications developed among 5 different countries and 3 continents (Europe, Latin America and Asia); 4 scientific domains: Life Science; Mathematic & Computer Science; High Energy Physics; Cultural Heritage. Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Job Submission Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Job Submission Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 My Workspace – Active Job List Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 My Workspace - Done Job List Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 My Workspace – MyJobsMap Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 My Data Sharing features among users will soon be added Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Roles & Privileges Surfing a Science Gateway changes according different roles Mapping between Liferay roles and LDAP group Similar mapping available on grid (i.e. voms roles) Liferay allows administrator to fully customize users experience assigning different roles to each components (pages, wikis, plugins, data) Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Facebook Integration Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 References GARR Science Gateway: https://sgw.garr.it GARR Science Gateway Facebook Community Page: https://www.facebook.com/GarrScienceGatewayCo mmunity Training Material: https://gilda.ct.infn.it/wikimain Catania Science Gateways: http://www.cataniascience-gateways.it Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013 Questions ? Riccardo Rotondo Tutorial on Science Gateways, Roma, 03.06.2013