Embed Size (px)
DESCRIPTION
A AAAA Model to Support Science Gateways with Community Accounts GGF-14 Science Gateways Workshop June 28, 2005. Von Welch, James Barlow, James Basney, Doru Marcusiu. AAAA Model. Authentication Authorization Auditing Accounting. Outline. Motivation Traditional AAAA Computing Model - PowerPoint PPT Presentation
Citation preview
A AAAA Model to Support Science Gateways with Community Accounts
GGF-14 Science Gateways WorkshopJune 28, 2005
Von Welch, James Barlow,
James Basney, Doru Marcusiu
6/28/2005 2GSI Credential Management AAAA Science Gateway Model
AAAA Model• Authentication
• Authorization
• Auditing
• Accounting
6/28/2005 3GSI Credential Management AAAA Science Gateway Model
Outline• Motivation
– Traditional AAAA Computing Model
• Proposed AAAA Model
• Current work and Future Challenges
6/28/2005 4GSI Credential Management AAAA Science Gateway Model
Traditional AAAA Model• All user have accounts at each
site/resource– NxN matrix
• Users access resources through low-level interfaces– E.g. Unix Shells, FTP session
• Resource takes care of all the A’s
6/28/2005 5GSI Credential Management AAAA Science Gateway Model
Traditional HPC Usage
% ls% foo
AUTHn
OS(Authz)
AuditAccounting
6/28/2005 6GSI Credential Management AAAA Science Gateway Model
Traditional HPC Usage
% ls% foo
% ls% foo
% ls% foo
% ls% foo
% ls% foo
6/28/2005 7GSI Credential Management AAAA Science Gateway Model
Motivation• Shell-level access to resources is great for
power users, but has steep learning curve– Many SG users just need domain-specific
interface, e.g. they are not developing or deploying application codes
• Each resource/site has to maintain state about every user– Scalability problems for large/dynamic user
communities
• No abstraction - users must adapt to all changes in resources
6/28/2005 8GSI Credential Management AAAA Science Gateway Model
Our AAAA Model• SG acts as a interface between the
community and its resources• Much like a traditional ‘Grid Portal’, it provides
a domain-specific interface• However, unlike portals, it exists as a trusted
entity in its own right, allowing the resource to “outsource” AAAA functionality to the SG
• Resources runs all commands in a community account, which constrains what community can do - account can be constrained to a few community applications
6/28/2005 9GSI Credential Management AAAA Science Gateway Model
Conceptual Model
% ls% foo
% ls% foo
% ls% foo
6/28/2005 10GSI Credential Management AAAA Science Gateway Model
Goals of Model• Model is primarily about how one splits
the AAAA responsibility between the SG and the resource
• In general, resource must trust the SG to some degree to provide this functionality in exchange for offload of effort
6/28/2005 11GSI Credential Management AAAA Science Gateway Model
Authentication and Authorization• Two Modes: Simple and Authorization
Credential
• Both allow SG to manage user community
• Authorization Credentials is more complex to deploy, but provides more information to resource
6/28/2005 12GSI Credential Management AAAA Science Gateway Model
Simple Auth[nz] Model
% ls% foo
• Authentication becomes the role of the SG– Users known only to the SG
• Resource trusts SG to do authentication• SG authenticates to resource with its own credential• Portal enforces authorization by constraining what
actions user can perform
Authn
6/28/2005 13GSI Credential Management AAAA Science Gateway Model
Authz Credential Model
% ls% foo
• Authentication still role of the SG– Users known only to the SG
• SG augments user credentials with authz credentials– E.g. CAS, GAMA, Shibboleth, IU LEAD work
• Resource trusts SG to do authentication and authz credentials from SG– Doesn’t know user, but trusts what SG says about user
• Resource knows user “identifier” (may not be that useful, more later)
Authn
Authz Cred
6/28/2005 14GSI Credential Management AAAA Science Gateway Model
Auditing Model
% ls% foo
• Site still keeps details of what each job does• Site have want to contact user
– Suspicious activity, job running amuck
• SG is only way to map a particular job to a user• SG has all the contact information for the user• Resource may know user identifier, but needs contact information
only in SG user database
Auditing
6/28/2005 15GSI Credential Management AAAA Science Gateway Model
Accounting Model
% ls% foo
• Site has all the details of what resources each job consumes– May know user who launched them (in authz cred mode)
• SG needs this information– For reporting, authorization, catch mistakes
• Need a mechanism to allow resource to report back to SG regularly– And allow SG to make usage back to a job back to a user
Accounting
6/28/2005 16GSI Credential Management AAAA Science Gateway Model
Outstanding Challenges• How to identify a job between SG and
resource?– “/bin/foo run at 15:38:13 (my time)” not
very accurate
• Standard template for resource/SG agreement– Akin to certificate policy
• Acceptance of group accounts– Convince folks its ok to outsource
6/28/2005 17GSI Credential Management AAAA Science Gateway Model
Outstanding Challenges (cont)• Restricted accounts
– Cookbook to restrict account to certain applications
• Sandboxing of users from each others
• Community administrators– Those who set up group account
6/28/2005 18GSI Credential Management AAAA Science Gateway Model
The obligatory last slide…• NCSA is working on real-world
deployment with GridChem community
• Acknowledgements to the TeraGrid Science Gateway RAT and all the interviewed Portals
• Complaints to [email protected]
