digital_padlock

Advanced Security for Advanced Science

The “Distributed Web Security for Science Gateways” project provides an open source, standards-compliant client and server security solutions that leverages the best-practices already adopted by industry. … Read More

Why OAuth?

OAuth-Shine-300x298

OAuth provides a relatively simple yet powerful mechanism for resource owners (that is, end users) to allow controlled, third-party access to their resources. This requirement is common across many applications, including the science gateways and web portals that are the focus of our proposal. In the OAuth protocol, the resource owner interacts with an OAuth authorization server to approve access to the resource by the third party (the OAuth client) and issue tokens to the third party for secure … [Read More]

Securing Science Gateways

iStock_000013293134Small

Trust is essential for science gateways. Users demand that their research and personal information are kept protected, and resource providers demand that their computing and storage resources are used appropriately by vetted users. Meeting these requirements has always required a leap of faith by both gateway users and resource providers, as gateways are not centrally managed or reviewed by any authority, and the distributed nature of the more sophisticated gateways introduces credential … [Read More]

Announcements

logo-NSF

NSF-funded Distributed Web Security for Science Gateways project begins

The three-year, NSF-funded “Distributed Web Security for Science Gateways” project, led by National Center for Supercomputing Applications (NCSA) in collaboration with Indiana University, the Texas Advanced Computing Center (TACC), and the University of Wisconsin-Madison, launched on August 1, 2011. The project will enhance cyberinfrastructure for research and education by providing common software building blocks for [...]