Fermilab Computing Division

CS Document 5712-v1

Bringing Federated Identity to Grid Computing

Document #:
Document type:
Submitted by:
Dave Dykstra
Updated by:
Dave Dykstra
Document Created:
11 Apr 2016, 12:53
Contents Revised:
11 Apr 2016, 12:54
Metadata Revised:
11 Apr 2016, 12:54
Viewable by:
  • Public document
Modifiable by:

Quick Links:
Latest Version

The Fermi National Accelerator Laboratory (FNAL) is facing the challenge of providing scientific data access and grid submission to scientific collaborations that span the globe but are hosted at FNAL. Researchers in these collaborations are currently required to register as FNAL users and obtain FNAL credentials to access grid resources to perform their scientific computations. These requirements burden researchers with managing additional authentication credentials, and put additional load on FNAL for managing user identities. Our design integrates the existing InCommon federated identity infrastructure, CILogon Basic CA, and MyProxy with the FNAL grid submission system to provide secure access for users from diverse experiments and collaborations without requiring each user to have authentication credentials from FNAL. The design automates the handling of certificates, so users do not need to manage them manually. Although the initial implementation is for FNAL’s grid submission system, the design and the core of the implementation are general and could be applied to other distributed computing systems.
Files in Document:
  • Paper - Pdf (BringingFederatedAccess_cameraready.pdf, 539.2 kB)
  • Paper - Word (BringingFederatedAccess_cameraready.docx, 403.9 kB)
  • Talk - Pdf (CISRC16_GridFederatedIdentity20160408.pdf, 282.4 kB)
  • Talk - Powerpoint (CISRC16_GridFederatedIdentity20160408.pptx, 108.5 kB)
Associated with Events:
CISRC16 held from 05 Apr 2016 to 07 Apr 2016 in Oak Ridge National Lab
DocDB Home ]  [ Search ] [ Authors ] [ Events ] [ Topics ]

DocDB Version 8.8.9, contact Document Database Administrators