Dorian
Dorian is a Grid user management service that 1) hides the complexities of creating and managing Grid credentials from users and 2) provides a mechanism for users to authenticate using their institution’s authentication mechanism. Dorian implements a complete Grid-enabled solution, based on public key certificates and SAML, for managing and federating user identities in a Grid environment. Grid technologies have adopted the use of X.509 identity certificates to support user authentication. Dorian uses SAML authentication assertions as the enabling mechanism for federating users from local institutions to the Grid.
The figure below illustrates an example usage scenario for Dorian.
To obtain Grid credentials or a proxy certificate, users authenticate with their institution using the institution’s conventional mechanism. After successfully authenticating the user, the local institution issues a digitally signed SAML assertion, vouching that the user has authenticated. The user then sends this SAML assertion to Dorian in exchange for Grid credentials. Dorian will only issue Grid credentials if the SAML assertion is signed by a Trusted Identity Provider. In the figure below, a Georgetown user wishes to invoke a Grid service that requires Grid credentials. She supplies the application with her username and password. The application client authenticates the user with the Georgetown Authentication Service, receiving a signed SAML assertion which it subsequently passes to Dorian in exchange for Grid credentials. These credentials can then be used to invoke Grid services. To facilitate smaller groups or institutions without an existing identity provider (IdP), Dorian also has its own internal IdP. This allows users to authenticate to Dorian directly.
For more information on Dorian please visit cagrid.org.
Project Researchers
David Ervin (Principal Investigator)
Shannon Hastings, M.S. (Principal Investigator)
Stephen Langella, M.S. (Principal Investigator)
Scott Oster, M.S. (Principal Investigator)
Project Publications
Publications |
Scott Oster, Shannon L. Hastings, Stephen Langella, David W. Ervin, Ravi Madduri, Tahsin M. Kurc, Frank Siebenlist, Ian Foster, Krishnakant Shanbhag, Peter A. Covitz, Joel H. Saltz, "caGrid 1.0: A Grid Enterprise Architecture for Cancer Research", Proceedings of the 2007 AMIA Annual Symposium, 2007: pp. 573-577. |
Stephen Langella, Scott Oster, Shannon L. Hastings, Frank Siebenlist, Tahsin M. Kurc, Joel H. Saltz, "Dorian: Grid Service Infrastructure for Identity Management and Federation", The 19th IEEE Symposium on Computer-Based Medical Systems, 2006: pp. 756-761. |
Presentations |
Scott Oster, "caGrid 2.0 Planning", Washington, D.C., Presented: 2007-08-07 |
Scott Oster, "caGrid 1.1 Overview", Washington, D.C., Presented: 2007-08-07 |
Scott Oster, "caGrid Future Direction Planning", Washington, D.C., Presented: 2007-08-06 |
Scott Oster, Shannon L. Hastings, "caGrid 1.1 Demos and Training", Washington, D.C., Presented: 2007-08-06 |
Scott Oster, "Current caGrid 1.0 Feature Highlights", caBIG Architecture/VCDE Joint Face to Face meeting, Washington, D.C., Presented: 2007-08-06 |
Scott Oster, "Keynote Address: The Cancer Biomedical Informatics Grid: Connecting the Cancer Research Community", Challenges of Large Applications in Distributed Environments (CLADE) 2007, HPDC Workshop, Monterey, California, Presented: 2007-06-25 |
Shannon L. Hastings, David W. Ervin, Stephen Langella, Scott Oster, "caBIG Developer Bootcamp", caBIG Developer Bootcamp, Rockville, MD, Presented: 2007-04-17 |
Stephen Langella, Shannon L. Hastings, Scott Oster, David W. Ervin, "Advanced Topics in Developing caBIG Grid Services (HANDS ON)", caBIG Annual Meeting 2007, Washington, D.C., Presented: 2007-02-06 |
Stephen Langella, Scott Oster, Shannon L. Hastings, David W. Ervin, Tahsin M. Kurc, Joel H. Saltz, "caGrid 1.0 Security Infrastructure (poster)", caBIG Annual Meeting 2007, Washington, D.C., Presented: 2007-02-05 |
Scott Oster, Shannon L. Hastings, Stephen Langella, David W. Ervin, Tahsin M. Kurc, Joel H. Saltz, "caGrid 1.0 Overview (poster)", caBIG Annual Meeting 2007, Washington, D.C., Presented: 2007-02-05 |
Stephen Langella, Scott Oster, Shannon L. Hastings, "caGrid 1.0 Security Infrastructure and Policy", caBIG Annual Meeting 2007, Washington, D.C., Presented: 2007-02-05 |
Stephen Langella, "caGrid 1.0 Security Infrastructure", Grid World 2006, Washington DC, Presented: 2006-09-14 |
Stephen Langella, "Dorian Grid Identity Management and Federation", Dialogue Workshop II, Edinburgh, Scotland, Presented: 2006-02-10 |