Shibboleth access for resources on the National Grid Service (SARoNGS)

Xiao Dong Wang; Mike Jones; Jens Jensen; Andrew Richards; David Wallom; Tiejun Ma; Robert Frank; David Spence; Steven Young; Claire Devereux; Neil Geddes

doi:10.1109/IAS.2009.163

Shibboleth access for resources on the National Grid Service (SARoNGS)

Xiao Dong Wang, Mike Jones, Jens Jensen, Andrew Richards, David Wallom, Tiejun Ma, Robert Frank, David Spence, Steven Young, Claire Devereux, Neil Geddes

Research output: Chapter in Book/Conference proceeding › Conference contribution › peer-review

Abstract

The National Grid Service (NGS) provides access to compute and data resources for UK academics. Currently users are required to have an X.509 certificate from the UK e-Science Certification Authority (CA) or one of its international peers to access the NGS. The CA must satisfy the requirements for internationally agreed assurance levels and some users find the processes of obtaining and managing certificates difficult. Shibboleth, an implementation of federation identity-based authentication, has been widely deployed in academic environments in the UK. The SARoNGS project, was proposed to integrate the Shibboleth and X.509 based infrastructures, to deliver a production level service for accessing the NGS in a user-friendly way. This paper describes an architecture by which users are authenticated by the UK Access Management Federation to acquire low assurance credentials to access Grid resources on the NGS. Users can login to NGS resources via NGS Portal, using their local institution's authentication system. © 2009 Crown Copyright.

Original language	English
Title of host publication	5th International Conference on Information Assurance and Security, IAS 2009\|Int. Conf. Inf. Assur. Secur., IAS
Pages	338-341
Number of pages	3
Volume	2
DOIs	https://doi.org/10.1109/IAS.2009.163
Publication status	Published - 2009
Event	5th International Conference on Information Assurance and Security, IAS 2009 - Xian Duration: 1 Jul 2009 → …

Conference

Conference	5th International Conference on Information Assurance and Security, IAS 2009
City	Xian
Period	1/07/09 → …

Keywords

Access control
Authentication
Authorization
Security
Shibboleth

Access to Document

10.1109/IAS.2009.163

Cite this

Wang, X. D., Jones, M., Jensen, J., Richards, A., Wallom, D., Ma, T., Frank, R., Spence, D., Young, S., Devereux, C., & Geddes, N. (2009). Shibboleth access for resources on the National Grid Service (SARoNGS). In 5th International Conference on Information Assurance and Security, IAS 2009|Int. Conf. Inf. Assur. Secur., IAS (Vol. 2, pp. 338-341) https://doi.org/10.1109/IAS.2009.163

@inproceedings{9e36b6cd907a43fa8810d68bc7ebd787,

title = "Shibboleth access for resources on the National Grid Service (SARoNGS)",

abstract = "The National Grid Service (NGS) provides access to compute and data resources for UK academics. Currently users are required to have an X.509 certificate from the UK e-Science Certification Authority (CA) or one of its international peers to access the NGS. The CA must satisfy the requirements for internationally agreed assurance levels and some users find the processes of obtaining and managing certificates difficult. Shibboleth, an implementation of federation identity-based authentication, has been widely deployed in academic environments in the UK. The SARoNGS project, was proposed to integrate the Shibboleth and X.509 based infrastructures, to deliver a production level service for accessing the NGS in a user-friendly way. This paper describes an architecture by which users are authenticated by the UK Access Management Federation to acquire low assurance credentials to access Grid resources on the NGS. Users can login to NGS resources via NGS Portal, using their local institution's authentication system. {\textcopyright} 2009 Crown Copyright.",

keywords = "Access control, Authentication, Authorization, Security, Shibboleth",

author = "Wang, {Xiao Dong} and Mike Jones and Jens Jensen and Andrew Richards and David Wallom and Tiejun Ma and Robert Frank and David Spence and Steven Young and Claire Devereux and Neil Geddes",

year = "2009",

doi = "10.1109/IAS.2009.163",

language = "English",

isbn = "9780769537443",

volume = "2",

pages = "338--341",

booktitle = "5th International Conference on Information Assurance and Security, IAS 2009|Int. Conf. Inf. Assur. Secur., IAS",

note = "5th International Conference on Information Assurance and Security, IAS 2009 ; Conference date: 01-07-2009",

}

Wang, XD, Jones, M, Jensen, J, Richards, A, Wallom, D, Ma, T, Frank, R, Spence, D, Young, S, Devereux, C & Geddes, N 2009, Shibboleth access for resources on the National Grid Service (SARoNGS). in 5th International Conference on Information Assurance and Security, IAS 2009|Int. Conf. Inf. Assur. Secur., IAS. vol. 2, pp. 338-341, 5th International Conference on Information Assurance and Security, IAS 2009, Xian, 1/07/09. https://doi.org/10.1109/IAS.2009.163

TY - GEN

T1 - Shibboleth access for resources on the National Grid Service (SARoNGS)

AU - Wang, Xiao Dong

AU - Jones, Mike

AU - Jensen, Jens

AU - Richards, Andrew

AU - Wallom, David

AU - Ma, Tiejun

AU - Frank, Robert

AU - Spence, David

AU - Young, Steven

AU - Devereux, Claire

AU - Geddes, Neil

PY - 2009

Y1 - 2009

N2 - The National Grid Service (NGS) provides access to compute and data resources for UK academics. Currently users are required to have an X.509 certificate from the UK e-Science Certification Authority (CA) or one of its international peers to access the NGS. The CA must satisfy the requirements for internationally agreed assurance levels and some users find the processes of obtaining and managing certificates difficult. Shibboleth, an implementation of federation identity-based authentication, has been widely deployed in academic environments in the UK. The SARoNGS project, was proposed to integrate the Shibboleth and X.509 based infrastructures, to deliver a production level service for accessing the NGS in a user-friendly way. This paper describes an architecture by which users are authenticated by the UK Access Management Federation to acquire low assurance credentials to access Grid resources on the NGS. Users can login to NGS resources via NGS Portal, using their local institution's authentication system. © 2009 Crown Copyright.

AB - The National Grid Service (NGS) provides access to compute and data resources for UK academics. Currently users are required to have an X.509 certificate from the UK e-Science Certification Authority (CA) or one of its international peers to access the NGS. The CA must satisfy the requirements for internationally agreed assurance levels and some users find the processes of obtaining and managing certificates difficult. Shibboleth, an implementation of federation identity-based authentication, has been widely deployed in academic environments in the UK. The SARoNGS project, was proposed to integrate the Shibboleth and X.509 based infrastructures, to deliver a production level service for accessing the NGS in a user-friendly way. This paper describes an architecture by which users are authenticated by the UK Access Management Federation to acquire low assurance credentials to access Grid resources on the NGS. Users can login to NGS resources via NGS Portal, using their local institution's authentication system. © 2009 Crown Copyright.

KW - Access control

KW - Authentication

KW - Authorization

KW - Security

KW - Shibboleth

U2 - 10.1109/IAS.2009.163

DO - 10.1109/IAS.2009.163

M3 - Conference contribution

SN - 9780769537443

VL - 2

SP - 338

EP - 341

BT - 5th International Conference on Information Assurance and Security, IAS 2009|Int. Conf. Inf. Assur. Secur., IAS

T2 - 5th International Conference on Information Assurance and Security, IAS 2009

Y2 - 1 July 2009

ER -

Shibboleth access for resources on the National Grid Service (SARoNGS)

Abstract

Conference

Keywords

Access to Document

Fingerprint

Cite this