Skip to main content
SpringerLink
Log in

Combining the X.509 and the SAML Federated Identity Management Systems

  • Conference paper
Recent Trends in Computer Networks and Distributed Systems Security (SNDS 2014)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 420))

Abstract

Every distributed computing infrastructure requires authentication and authorisation infrastructures (AAI) to manage access to resources and content. Several of such so called AAI systems are in use within different groups of users. In the Large Scale Data Management and Analysis project we aim to support and bring together many user communities. We therefore need to harmonise the currently used AAI systems. The approach described is to translate between different authentication systems. We furthermore try to maintain the same trust level wherever possible, and to harmonise authorisation across the involved systems.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Unicore summit (2012), http://hdl.handle.net/2128/4705 (last visited August 26, 2013)

  2. DFN. The German National Research Network Provider, http://dfn.de (last visited June 1, 2013)

  3. Shibboleth. Project homepage, http://shibboleth.net

  4. The OpenSSL Team. OpenSSL project homepage, https://www.openssl.org/ (last visited October 10, 2012)

  5. Alfieri, R., Cecchini, R.L., Ciaschini, V., dell’Agnello, L., Frohner, A., Gianoli, A., Lõrentey, K., Spataro, F.: VOMS, an authorization system for virtual organizations. In: Fernández Rivera, F., Bubak, M., Gómez Tato, A., Doallo, R. (eds.) Across Grids 2003. LNCS, vol. 2970, pp. 33–40. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  6. Benedyczak, K., Biala, P.: Next generation of virtual organizations in unicore. In: Unicore Summit 2012 Proceedings (2012)

    Google Scholar 

  7. Cantor, S., Josefsson, S.: SAML Enhanced Client SASL and GSS-API Mechanisms. IETF Draft Document (2013), https://datatracker.ietf.org/doc/draft-cantor-ietf-kitten-saml-ec/ (last visited November 13, 2013)

  8. Cantor, S., Kemp, J., Philpott, R., Maler, E.: Assertions and protocols for the oasis security assertion markup language (SAML) v2.0 (2005)

    Google Scholar 

  9. eduGAIN. Project homepage, http://edugain.org

  10. Erwin, D., Snelling, D.: UNICORE: a grid computing environment. In: Euro-Par 2001 Parallel Processing, pp. 825–834 (2001)

    Google Scholar 

  11. Farrell, S., Housley, R.: RFC 3281: An internet attribute certificate profile for authorization. IETF RFC, http://www.ietf.org/rfc/rfc3281.txt

  12. Foster, I.: The anatomy of the grid: Enabling scalable virtual organizations. In: Sakellariou, R., Keane, J.A., Gurd, J.R., Freeman, L. (eds.) Euro-Par 2001. LNCS, vol. 2150, pp. 1–4. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  13. Howlett, J., Hartman, S.: Application Bridging for Federated Access Beyond web (ABFAB). IETF Draft, http://datatracker.ietf.org/wg/abfab/

  14. ITU-T Study Group 17: Security. In: Public-key and attribute certificate frameworks (October 2010), http://www.itu.int/ITU-T/recommendations/rec.aspx?rec=X.509 (last visisted August 22, 2013)

  15. Murri, R., Maffioletti, S., Kunszt, P., Tschopp, V.: Gridcertlib: a single sign-on solution for grid web applications and portals, http://arxiv.org/abs/1101.4116v3

  16. The GridShib Project. Homepage, http://gridshib.globus.org (last visited August 26, 2013)

  17. The International Grid Trust Federation, http://www.igtf.net (last visited June 12, 2013)

  18. The Switch AAI. Homepage, http://www.switch.ch/aai/ (last visited August 26, 2013)

  19. van Wezel, J., Streit, A., Jung, C., Stotzka, R., Halstenberg, S., Rigoll, F., Garcia, A., Heiss, A., Schwarz, K., Gasthuber, M., Giesler, A.: Data life cycle labs, a new concept to support data-intensive science. arXiv e-print 1212.5596 (December 2012)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Steinbuch Centre for Computing, Karlsruhe Institute of Technology, Germany

    Marcus Hardt & Arsen Hayrapetyan

  2. Deutsches Elektronen Synchrotron, Germany

    Paul Millar

  3. Jülich Supercomputing Centre, Germany

    Shiraz Memon

Authors
  1. Marcus Hardt
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Arsen Hayrapetyan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Paul Millar
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Shiraz Memon
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Facultad de Informatica, Campus de Espinardo, s/n, 30., 100, Murcia, Spain

    Gregorio Martínez Pérez

  2. Indian Institute of Information Technology and Management, Technopark Campus, 695581, Trivandrum, Kerala, India

    Sabu M. Thampi

  3. Faculty of Computing and Mathematical Sciences, The University of Waikato, Waikato Mail Centre, Private Bag 3105, Hamilton, New Zealand

    Ryan Ko

  4. Guangdong University of Petrochemical Technology, P.R. China

    Lei Shu

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Hardt, M., Hayrapetyan, A., Millar, P., Memon, S. (2014). Combining the X.509 and the SAML Federated Identity Management Systems. In: Martínez Pérez, G., Thampi, S.M., Ko, R., Shu, L. (eds) Recent Trends in Computer Networks and Distributed Systems Security. SNDS 2014. Communications in Computer and Information Science, vol 420. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-54525-2_36

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-54525-2_36

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-54524-5

  • Online ISBN: 978-3-642-54525-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation