Speakers
Dr
Marco Fargetta
(Consorzio COMETA and INFN)Mr
Riccardo Rotondo
(INFN)
Description
Science Gateways are cutting edge tools in the Grid computing world and are playing a key role in spreading the adoption and usage of this paradigm by large Virtual Research Communities mostly made by non IT-experts.
Researchers require steadily increasing computational power and data storage that are currently provided by Grid infrastructures. However, the access procedure to these geographically distributed resources represents a barrier for non-expert users. Science Gateways try to fill the gap between the users and the resources with intuitive and easy to use interfaces.
This work presents the Authentication and Authorisation Infrastructure (AAI) implemented for several Science Gateways developed in the context of some EU projects (e.g., DECIDE, EUMEDGRID-Support, GISELA, INDICATE, and others).
The main design requirements were to simplify the access to Science Gateways, to allow the federation with other web facilities, and to create a smooth environment for users, hiding the complexities of the PKI but still providing the same level of security.
In order to meet the above requirements, an LDAP server, linked with a Liferay-based multi-host web service, has been created to manage user authorisations. The authentication mechanism has been based on Shibboleth which implements a SAML2.0-based SSO across identity federations. A Liferay plug-in has been developed to integrate Shibboleth with Liferay and the support has been enabled for different identity federations. Among them, IDEM (www.idem.garr.it), managed by GARR, which counts more than 2,700,000 users.
Primary author
Dr
Marco Fargetta
(Consorzio COMETA and INFN)
Co-authors
Mr
Riccardo Rotondo
(INFN)
Prof.
Roberto Barbera
(Univ. of Catania and INFN)
