Speakers
Andrea Ceccanti
(INFN)
Marcus Hardt
(KIT-G)
Description
The Indigo Project [1] set out to develop a data and computing platform
targeting scientific communities, deployable on multiple hardware and
provisioned over hybrid e-infrastructures. This includes delegation of access
tokens to a multitude of (orchestrated) virtual machines or containers as well
as authentication of REST calls from and to VMs and other parts of the
infrastructure. We introduce different tokens for delegation and tokens for
accessing services directly.
In this contribution we describe
- the Indigo approach to address token handling (delegation tokens, access
tokens, ...)
- token translation to support SAML, X.509 and more, on client and server side
- the plan to include support for VO-managed groups
- our approach to providing a more fain grained limitation of delegated access
tokens
[1]https://www.indigo-datacloud.eu/
Links, references, publications, etc.
https://www.indigo-datacloud.eu/
Primary authors
Andrea Ceccanti
(INFN)
Marco Fargetta
(INFN)
Marcus Hardt
(KIT-G)
Paul Millar
(DESY)
Co-authors
Arsen Hayrapetyan
(KIT-G)
Mr
Bas Wegh
(KIT)
