Premium
CILogon: A federated X.509 certification authority for cyberinfrastructure logon
Author(s) -
Basney Jim,
Fleury Terry,
Gaynor Jeff
Publication year - 2014
Publication title -
concurrency and computation: practice and experience
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.309
H-Index - 67
eISSN - 1532-0634
pISSN - 1532-0626
DOI - 10.1002/cpe.3265
Subject(s) - cyberinfrastructure , computer science , authentication (law) , world wide web , certification , certificate authority , computer security , service (business) , data science , public key cryptography , political science , encryption , business , marketing , law
SUMMARY CILogon provides a federated X.509 certification authority for secure access to cyberinfrastructure such as the Extreme Science and Engineering Discovery Environment. CILogon relies on federated authentication (Security Assertion Markup Language (OASIS, Burlington, MA (USA)) and OpenID) for determining user identities when issuing certificates. Federated authentication enables users to obtain certificates using existing identities (university, Google, etc.). Federated authentication also enables CILogon to serve a national‐scale user community without requiring a large network of registration authorities performing manual user identification. CILogon supports multiple levels of assurance and custom interfaces for specific user communities. In this article, we introduce the CILogon service and describe experiences and lessons learned from the first 3 years of operation. © 2014 The Authors. Concurrency and Computation: Practice and Experience published by John Wiley & Sons Ltd.