English
Related papers

Related papers: CMS Token Transition

200 papers
Adoption of a token-based authentication model for the CMS Submission Infrastructure

The CMS Submission Infrastructure (SI) is the main computing resource provisioning system for CMS workloads. A number of HTCondor pools are employed to manage this infrastructure, which aggregates geographically distributed resources from…

Distributed, Parallel, and Cluster Computing · Computer Science 2024-05-24 Antonio Perez-Calero Yzquierdo , Marco Mascheroni , Edita Kizinevic , Farrukh Aftab Khan , Hyunwoo Kim , Maria Acosta Flechas , Nikos Tsipinakis , Saqib Haleem , Frank Wurthwein
WLCG Authorisation from X.509 to Tokens

The WLCG Authorisation Working Group was formed in July 2017 with the objective to understand and meet the needs of a future-looking Authentication and Authorisation Infrastructure (AAI) for WLCG experiments. Much has changed since the…

Cryptography and Security · Computer Science 2021-02-03 Brian Bockelman , Andrea Ceccanti , Ian Collier , Linda Cornwall , Thomas Dack , Jaroslav Guenther , Mario Lassnig , Maarten Litmaath , Paul Millar , Mischa Sallé , Hannah Short , Jeny Teheran , Romain Wartel
Addressing tokens dynamic generation, propagation, storage and renewal to secure the GlideinWMS pilot based jobs and system

GlideinWMS has been one of the first middleware in the WLCG community to transition from X.509 to support also tokens. The first step was to get from the prototype in 2019 to using tokens in production in 2022. This paper will present the…

Distributed, Parallel, and Cluster Computing · Computer Science 2025-06-10 Bruno Moreira Coimbra , Marco Mambelli
Fermilab's Transition to Token Authentication

Fermilab is the first High Energy Physics institution to transition from X.509 user certificates to authentication tokens in production systems. All the experiments that Fermilab hosts are now using JSON Web Token (JWT) access tokens in…

Distributed, Parallel, and Cluster Computing · Computer Science 2025-04-01 Dave Dykstra , Mine Altunay , Shreyas Bhat , Dmitry Litvintsev , Marco Mambelli , Marc Mengel , Stephen White
SciTokens: Demonstrating Capability-Based Access to Remote Scientific Data using HTCondor

The management of security credentials (e.g., passwords, secret keys) for computational science workflows is a burden for scientists and information security officers. Problems with credentials (e.g., expiration, privilege mismatch) cause…

Distributed, Parallel, and Cluster Computing · Computer Science 2019-05-27 Alex Withers , Brian Bockelman , Derek Weitzel , Duncan Brown , Jason Patton , Jeff Gaynor , Jim Basney , Todd Tannenbaum , You Alex Gao , Zach Miller
The integration of heterogeneous resources in the CMS Submission Infrastructure for the LHC Run 3 and beyond

While the computing landscape supporting LHC experiments is currently dominated by x86 processors at WLCG sites, this configuration will evolve in the coming years. LHC collaborations will be increasingly employing HPC and Cloud facilities…

Distributed, Parallel, and Cluster Computing · Computer Science 2024-05-24 Antonio Perez-Calero Yzquierdo , Marco Mascheroni , Edita Kizinevic , Farrukh Aftab Khan , Hyunwoo Kim , Maria Acosta Flechas , Nikos Tsipinakis , Saqib Haleem
Capability-based access control for multi-tenant systems using OAuth 2.0 and Verifiable Credentials

We propose a capability-based access control technique for sharing Web resources, based on Verifiable Credentials (VCs) and OAuth 2.0. VCs are a secure means for expressing claims about a subject. Although VCs are ideal for encoding…

Cryptography and Security · Computer Science 2021-04-30 Nikos Fotiou , Vasilios A. Siris , George C. Polyzos
Token-based identity management in the distributed cloud

The immense shift to cloud computing has brought changes in security and privacy requirements, impacting critical Identity Management services. Currently, many IdM systems and solutions are accessible as cloud services, delivering identity…

Cryptography and Security · Computer Science 2024-10-30 Ivana Kovacevic , Tamara Rankovic , Milan Stojkov , Milos Simic
Third-party transfers in WLCG using HTTP

Since its earliest days, the Worldwide LHC Computational Grid (WLCG) has relied on GridFTP to transfer data between sites. The announcement that Globus is dropping support of its open source Globus Toolkit (GT), which forms the basis for…

Distributed, Parallel, and Cluster Computing · Computer Science 2021-02-03 Brian Bockelman , Andrea Ceccanti , Fabrizio Furano , Paul Millar , Dmitry Litvintsev , Alessandra Forti
Beyond Certificates: 6G-ready Access Control for the Service-Based Architecture with Decentralized Identifiers and Verifiable Credentials

Next generation mobile networks are poised to transition from monolithic structures owned and operated by single mobile network operators into multi-stakeholder networks where various parties contribute with infrastructure, resources, and…

Networking and Internet Architecture · Computer Science 2025-03-04 Sandro Rodriguez Garzon , Hai Dinh Tuan , Maria Mora Martinez , Axel Küpper , Hans Joachim Einsiedler , Daniela Schneider
SciTokens: Capability-Based Secure Access to Remote Scientific Data

The management of security credentials (e.g., passwords, secret keys) for computational science workflows is a burden for scientists and information security officers. Problems with credentials (e.g., expiration, privilege mismatch) cause…

Distributed, Parallel, and Cluster Computing · Computer Science 2018-07-13 Alex Withers , Brian Bockelman , Derek Weitzel , Duncan Brown , Jeff Gaynor , Jim Basney , Todd Tannenbaum , Zach Miller
A JSON Token-Based Authentication and Access Management Schema for Cloud SaaS Applications

Cloud computing is significantly reshaping the computing industry built around core concepts such as virtualization, processing power, connectivity and elasticity to store and share IT resources via a broad network. It has emerged as the…

Cryptography and Security · Computer Science 2017-10-24 Obinna Ethelbert , Faraz Fatemi Moghaddam , Philipp Wieder , Ramin Yahyapour
A Managed Tokens Service for Securely Keeping and Distributing Grid Tokens

Fermilab is transitioning authentication and authorization for grid operations to using bearer tokens based on the WLCG Common JWT (JSON Web Token) Profile. One of the functionalities that Fermilab experimenters rely on is the ability to…

Cryptography and Security · Computer Science 2025-04-08 Shreyas Bhat , Dave Dykstra
Trust-Based Identity Sharing For Token Grants

Authentication and authorization are two key elements of a software application. In modern day, OAuth 2.0 framework and OpenID Connect protocol are widely adopted standards fulfilling these requirements. These protocols are implemented into…

Cryptography and Security · Computer Science 2018-08-21 Kavindu Dodanduwa , Ishara Kaluthanthri
Decentralized Credential Status Management: A Paradigm Shift in Digital Trust

Public key infrastructures are essential for Internet security, ensuring robust certificate management and revocation mechanisms. The transition from centralized to decentralized systems presents challenges such as trust distribution and…

Cryptography and Security · Computer Science 2025-03-05 Patrick Herbke , Thomas Cory , Mauro Migliardi
Capability-Based Multi-Tenant Access Management in Crowdsourced Drone Services

We propose a capability-based access control method that leverages OAuth 2.0 and Verifiable Credentials (VCs) to share resources in crowdsourced drone services. VCs securely encode claims about entities, offering flexibility. However,…

Cryptography and Security · Computer Science 2025-05-05 Junaid Akram , Ali Anaissi , Awais Akram , Youcef Djenouri , Palash Ingle , Rutvij H. Jhaveri
HPC resources for CMS offline computing: An integration and scalability challenge for the Submission Infrastructure

The computing resource needs of LHC experiments are expected to continue growing significantly during the Run 3 and into the HL-LHC era. The landscape of available resources will also evolve, as High Performance Computing (HPC) and Cloud…

Distributed, Parallel, and Cluster Computing · Computer Science 2024-05-24 Antonio Perez-Calero Yzquierdo , Marco Mascheroni , Edita Kizinevic , Farrukh Aftab Khan , Hyunwoo Kim , Maria Acosta Flechas , Nikos Tsipinakis , Saqib Haleem
Certification Authority Monitored Multilevel and Stateful Policy Based Authorization in Services Oriented Grids

Services oriented grids will be more prominent among other kinds of grids in the present distributed environments. With the advent of online government services the governmental grids will come up in huge numbers. Apart from common security…

Distributed, Parallel, and Cluster Computing · Computer Science 2010-07-05 Ajay Prasad , Saurabh Singh Verma , Ashok Kumar Sharma
An Efficient TLS 1.3 Handshake Protocol with VC Certificate Type

The paper presents a step forward in the design and implementation of a Transport Layer Security (TLS) handshake protocol that enables the use of Verifiable Credential (VC) while maintaining full compliance with RFC-8446 and preserving all…

Cryptography and Security · Computer Science 2025-05-22 Leonardo Perugini , Andrea Vesco
CredSec: A Blockchain-based Secure Credential Management System for University Adoption

University education play a critical role in shaping intellectual and professional development of the individuals and contribute significantly to the advancement of knowledge and society. Generally, university authority has a direct control…

Cryptography and Security · Computer Science 2024-06-11 Md. Ahsan Habib , Md. Mostafijur Rahman , Nieb Hasan Neom
‹ Prev 1 2 3 10 Next ›