CILogon: A federated X.509 certification authority for cyberinfrastructure logon

Basney, Jim; Fleury, Terry; Gaynor, Jeff

doi:10.1002/cpe.3265

CILogon: A federated X.509 certification authority for cyberinfrastructure logon

Journal Article · Fri Apr 04 00:00:00 EDT 2014 · Concurrency and Computation. Practice and Experience

DOI:https://doi.org/10.1002/cpe.3265· OSTI ID:1618024

Basney, Jim ^[1]; Fleury, Terry ^[1]; Gaynor, Jeff ^[1]

National Center for Supercomputing Applications University of Illinois at Urbana‐Champaign 1205 West Clark Street Urbana Illinois 61801 USA

SUMMARY

CILogon provides a federated X.509 certification authority for secure access to cyberinfrastructure such as the Extreme Science and Engineering Discovery Environment. CILogon relies on federated authentication (Security Assertion Markup Language (OASIS, Burlington, MA (USA)) and OpenID) for determining user identities when issuing certificates. Federated authentication enables users to obtain certificates using existing identities (university, Google, etc.). Federated authentication also enables CILogon to serve a national‐scale user community without requiring a large network of registration authorities performing manual user identification. CILogon supports multiple levels of assurance and custom interfaces for specific user communities. In this article, we introduce the CILogon service and describe experiences and lessons learned from the first 3 years of operation. © 2014 The Authors. Concurrency and Computation: Practice and Experience published by John Wiley & Sons Ltd.

Sponsoring Organization:: USDOE

Grant/Contract Number:: SC0008597

OSTI ID:: 1618024

Journal Information:: Concurrency and Computation. Practice and Experience, Journal Name: Concurrency and Computation. Practice and Experience Journal Issue: 13 Vol. 26; ISSN 1532-0626

Publisher:: Wiley Blackwell (John Wiley & Sons)Copyright Statement

Country of Publication:: United Kingdom

Language:: English

References (6)

Federated login to TeraGrid Basney, Jim; Fleury, Terry; Welch, Von Proceedings of the 9th Symposium on Identity and Trust on the Internet - IDTRUST '10 https://doi.org/10.1145/1750389.1750391	conference	January 2010
A roadmap for using NSF cyberinfrastructure with InCommon Welch, Von; Walsh, Alan; Barnett, William Proceedings of the 2011 TeraGrid Conference on Extreme Digital Discovery - TG '11 https://doi.org/10.1145/2016741.2016771	conference	January 2011
An OAuth service for issuing certificates to science gateways for TeraGrid users Basney, Jim; Gaynor, Jeff Proceedings of the 2011 TeraGrid Conference on Extreme Digital Discovery - TG '11 https://doi.org/10.1145/2016741.2016776	conference	January 2011
Distributed web security for science gateways Basney, Jim; Dooley, Rion; Gaynor, Jeff Proceedings of the 2011 ACM workshop on Gateway computing environments - GCE '11 https://doi.org/10.1145/2110486.2110489	conference	January 2011
CILogon: a federated X.509 certification authority for cyberinfrastructure logon Basney, Jim; Fleury, Terry; Gaynor, Jeff Proceedings of the Conference on Extreme Science and Engineering Discovery Environment Gateway to Discovery - XSEDE '13 https://doi.org/10.1145/2484762.2484791	conference	January 2013
The OAuth 1.0 Protocol Hammer-Lahav, E. https://doi.org/10.17487/rfc5849	report	April 2010

Similar Records

Certificate-based authorization policy in a PKI environment

Journal Article · Fri Feb 14 23:00:00 EST 2003 · ACM Transactions on Information and System Security · OSTI ID:821027

X.509 Authentication/Authorization in FermiCloud

Conference · Mon Nov 10 23:00:00 EST 2014 · OSTI ID:1294526

Authorization policy in a PKI environment

Conference · Wed Apr 10 00:00:00 EDT 2002 · OSTI ID:795352

CILogon: A federated X.509 certification authority for cyberinfrastructure logon

Citation Formats

References (6)

Similar Records

Related Subjects