The “Distributed Web Security for Science Gateways” project provides an open source, standards-compliant client and server security solutions that leverages the best-practices already adopted by industry. … Read More
OAuth provides a relatively simple yet powerful mechanism for resource owners (that is, end users) to allow controlled, third-party access to their resources. This requirement is common across many applications, including the science gateways and web portals that are the focus of our proposal. In the OAuth protocol, the resource owner interacts with an OAuth authorization server to approve access to the resource by the third party (the OAuth client) and issue tokens to the third party for secure … [Read More]
Trust is essential for science gateways. Users demand that their research and personal information are kept protected, and resource providers demand that their computing and storage resources are used appropriately by vetted users. Meeting these requirements has always required a leap of faith by both gateway users and resource providers, as gateways are not centrally managed or reviewed by any authority, and the distributed nature of the more sophisticated gateways introduces credential … [Read More]
May 28, 2014 By jbasney
The XSEDE14 conference (July 13-18 in Atlanta) will include a presentation on "Integrating Science Gateways with XSEDE Security: A Survey of Credential Management Approaches" (abstract) and a science gateway security BOF. Please join us! Conference registration is now open.
Sign up to receive updates about software releases and find out what's new with ScienceGatewaySecurity.org!