Federated User Account Management
Abstract. BNL SDCC (Scientific Data and Computing Center) recently deployed a centralized identity management solution to support Single Sign On (SSO) authentication across multiple IT systems. The system supports federated login access via CILogon and InCommon and multi-factor authentication (MFA) to meet security standards for various application and services such as Jupyterhub / Invenio that are provided to the SDCC user community. CoManage (Cloud) and FreeIPA / Keycloak (local) are utilized to provided complex authorization for authenticated users. This talk will focus on technical overviews and strategies to tackle the challenges/obstacles in our facility.
- Research Organization:
- Brookhaven National Laboratory (BNL), Upton, NY (United States)
- Sponsoring Organization:
- USDOE Office of Science (SC), High Energy Physics (HEP) (SC-25); USDOE Office of Science (SC), Nuclear Physics (NP) (SC-26)
- DOE Contract Number:
- SC0012704
- OSTI ID:
- 1812492
- Report Number(s):
- BNL-221976-2021-CPPJ
- Country of Publication:
- United States
- Language:
- English
Similar Records
Integrating Interactive Jupyter Notebooks at the BNL SDCC
CILogon: A federated X.509 certification authority for cyberinfrastructure logon
A national-scale authentication infrastructure.
Conference
·
Sun Nov 03 23:00:00 EST 2019
·
OSTI ID:1813347
CILogon: A federated X.509 certification authority for cyberinfrastructure logon
Journal Article
·
Thu Apr 03 20:00:00 EDT 2014
· Concurrency and Computation. Practice and Experience
·
OSTI ID:1618024
A national-scale authentication infrastructure.
Journal Article
·
Thu Nov 30 23:00:00 EST 2000
· IEEE Computer
·
OSTI ID:943137