Gateway

Building Secure Web Portalsfor Scientific Computing

Marlon PierceSchool of Computational Science and Information TechnologyFlorida State University

Overview

Design Goals and ConstraintsSystem Architecture

Three-tiered system

Security Considerations What security do we need? Three-tiered security system

Project Goals

Provide seamless access to HPC resources from the user’s web browser.

Hide underlying complexities of environment behind a point-and-click interface.

Use platform and language independent tools to build distributed infrastructure. Java, CORBA, XML

Funding and DeploymentProject funded by DoD Modernization

Program (PET).Deployment targeted for ASC and

ARL MSRCs.Requirement: Compatible with

existing security infrastructure Kerberos and SecurID

Project Design Overview

Three-tiered architecture Browser-based, dynamic front-end Scalable, distributed middle-tier Heterogeneous backend resources

Three major constituents: Problem Solving Environment for users

(OSC) WebFlow (NPAC) HPC resources (ASC)

PSE Design Goals

User interface with three toolkitsProblem Description Toolkit

Describe problem in scientific terms Archive old sessions

Code Toolkit Assist user in creating job requests

Analysis Toolkit

PSE Decision Containers

Marlon’s Chemistry

Project

30 Particles,Energy, Crystal Structure

Run Gausssianon SP2 with

In.dat

User Context

Problem Context

Session Context

WebFlow

CORBA-based distributed components.Each user has a personal slave server.Master server acts as a gatekeeper,

maintaining proxies of all child objects.WebFlow provides general methods for

managing containers (contexts).WebFlow can be extended with modules

(ContextManager, submitJob, Charon)

T. Haupt 9

WebFlow Context Hierarchy

Master Server (Gatekeeper)

Slave Server

Slave Server

User Context

Application Context

Module

Slave Server Proxy

Back-End Resources

High performance computers Batch queues Globus schedular

Mass storage devicesDatabases (through JDBC)Chemistry, visualization softwareEverything else

Gateway Communication I

Browser

Apache Tomcat

Web Server

HPC Resources,

Mass Storage,

DBs

PSE

WebFlow

ORB

ORB

HTTP(S)

krsh,krcp

CORBA Security Service Overview

Provides generic interfaces to standard security services Authentication Integrity and Confidentiality Delegation

Implementations can be built over specific security mechanisms. GSS mechanisms like Kerberos SSL

CORBA Security Services

Security SpecificationAPI

Security Implementation

Vendor-Supplied Interface

Gateway Communication II

Browser

CharonORB

ORB

HPC Resources,

Mass Storage,

DBs

HTTP

SECIOP

WebFlowServers

ApacheTomcat

PSEORB

ORB

SECIOP

krsh, krcp

Secure Gateway Login Process

User gets forwardable Kerberos ticket at beginning of the day with kinit.

User starts personal WebFlow slave server that registers with the master. Slave runs with user’s id.

User starts Charon Client, which uses his/her TGT to authenticate to the WebFlow master server.

Charon: Client-Server Security

Charon application intercepts all requests to predetermined port on user’s computer.

Requests are wrapped with WebFlow methods and tunneled to web server with SECIOP. Server masquerades as client’s localhost.

Different browsers on same machine distinguished with session cookies.

Charon II

Charon extracts user’s name from his credentials.

This is used to set a server-side cookie.

PSE servlets use the info in the cookie for access control.

PSE-WebFlow Communication

A WebFlow client ORB runs in a servlet.

Master’s ORB is declared static.

All PSE servlets access WebFlow methods directly.

PSE accesses slave server indirectly through master.

JVMs

WebFlow Client

PSEServlets

Slave WFS

Middle Tier Security

Client does not talk directly to slave.

Indirect invocation through master’s proxy.

Master and slave run with different ids.

Need delegation and mutual authentication.

Client

Master

Slave

Proxy

Module

Security: WebFlow to HPCs

User requests are passed from master to appropriate slave.

Slave makes external call with krsh, krcp to HPC resources.

The slave is created by the user with forwardable credentials, so external calls use existing security mechanism.

Acknowledgements

NPAC/FSU/MSU Geoffrey Fox Tomasz Haupt Erol Akarsu Choonhan Youn

OSC Ken Flurchick Jan Labanowski Armen Ezekielian

Adiron Software Polar Humenn

Further Information

www.gatewayportal.org (coming soon)

www.osc.edu/~kenf/sciPortalwww.erc.msstate.edu/~haupt/

WebFlow