Abstract
Every distributed computing infrastructure requires authentication and authorisation infrastructures (AAI) to manage access to resources and content. Several of such so called AAI systems are in use within different groups of users. In the Large Scale Data Management and Analysis project we aim to support and bring together many user communities. We therefore need to harmonise the currently used AAI systems. The approach described is to translate between different authentication systems. We furthermore try to maintain the same trust level wherever possible, and to harmonise authorisation across the involved systems.
Keywords
- Trust Third Party
- Identity Provider
- Security Assertion Markup Language
- Successful Authentication
- Authorisation Decision
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Unicore summit (2012), http://hdl.handle.net/2128/4705 (last visited August 26, 2013)
DFN. The German National Research Network Provider, http://dfn.de (last visited June 1, 2013)
Shibboleth. Project homepage, http://shibboleth.net
The OpenSSL Team. OpenSSL project homepage, https://www.openssl.org/ (last visited October 10, 2012)
Alfieri, R., Cecchini, R.L., Ciaschini, V., dell’Agnello, L., Frohner, A., Gianoli, A., Lõrentey, K., Spataro, F.: VOMS, an authorization system for virtual organizations. In: Fernández Rivera, F., Bubak, M., Gómez Tato, A., Doallo, R. (eds.) Across Grids 2003. LNCS, vol. 2970, pp. 33–40. Springer, Heidelberg (2004)
Benedyczak, K., Biala, P.: Next generation of virtual organizations in unicore. In: Unicore Summit 2012 Proceedings (2012)
Cantor, S., Josefsson, S.: SAML Enhanced Client SASL and GSS-API Mechanisms. IETF Draft Document (2013), https://datatracker.ietf.org/doc/draft-cantor-ietf-kitten-saml-ec/ (last visited November 13, 2013)
Cantor, S., Kemp, J., Philpott, R., Maler, E.: Assertions and protocols for the oasis security assertion markup language (SAML) v2.0 (2005)
eduGAIN. Project homepage, http://edugain.org
Erwin, D., Snelling, D.: UNICORE: a grid computing environment. In: Euro-Par 2001 Parallel Processing, pp. 825–834 (2001)
Farrell, S., Housley, R.: RFC 3281: An internet attribute certificate profile for authorization. IETF RFC, http://www.ietf.org/rfc/rfc3281.txt
Foster, I.: The anatomy of the grid: Enabling scalable virtual organizations. In: Sakellariou, R., Keane, J.A., Gurd, J.R., Freeman, L. (eds.) Euro-Par 2001. LNCS, vol. 2150, pp. 1–4. Springer, Heidelberg (2001)
Howlett, J., Hartman, S.: Application Bridging for Federated Access Beyond web (ABFAB). IETF Draft, http://datatracker.ietf.org/wg/abfab/
ITU-T Study Group 17: Security. In: Public-key and attribute certificate frameworks (October 2010), http://www.itu.int/ITU-T/recommendations/rec.aspx?rec=X.509 (last visisted August 22, 2013)
Murri, R., Maffioletti, S., Kunszt, P., Tschopp, V.: Gridcertlib: a single sign-on solution for grid web applications and portals, http://arxiv.org/abs/1101.4116v3
The GridShib Project. Homepage, http://gridshib.globus.org (last visited August 26, 2013)
The International Grid Trust Federation, http://www.igtf.net (last visited June 12, 2013)
The Switch AAI. Homepage, http://www.switch.ch/aai/ (last visited August 26, 2013)
van Wezel, J., Streit, A., Jung, C., Stotzka, R., Halstenberg, S., Rigoll, F., Garcia, A., Heiss, A., Schwarz, K., Gasthuber, M., Giesler, A.: Data life cycle labs, a new concept to support data-intensive science. arXiv e-print 1212.5596 (December 2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hardt, M., Hayrapetyan, A., Millar, P., Memon, S. (2014). Combining the X.509 and the SAML Federated Identity Management Systems. In: Martínez Pérez, G., Thampi, S.M., Ko, R., Shu, L. (eds) Recent Trends in Computer Networks and Distributed Systems Security. SNDS 2014. Communications in Computer and Information Science, vol 420. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-54525-2_36
Download citation
DOI: https://doi.org/10.1007/978-3-642-54525-2_36
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-54524-5
Online ISBN: 978-3-642-54525-2
eBook Packages: Computer ScienceComputer Science (R0)