https://doi.org/10.1051/epjconf/202024507058
Federated User Account Management
Brookhaven National Laboratory, Upton, N.Y. U.S.A.
* e-mail: mizuki@bnl.gov
** e-mail: hover@cshl.edu
*** e-mail: misawa@bnl.gov
Published online: 16 November 2020
BNL SDCC (Scientific Data and Computing Center) recently deployed a centralized identity management solution to support Single Sign On (SSO) authentication across multiple IT systems. The system supports federated login access via CILogon and InCommon and multi-factor authentication (MFA) to meet security standards for various application and services such as Jupyterhub / Invenio that are provided to the SDCC user community. CoManage (cloud-based) and FreeIPA / Keycloak (local) are utilized to provided complex authorization for authenticated users. This talk will focus on technical overviews and strategies to tackle the challenges/obstacles in our facility.
© The Authors, published by EDP Sciences, 2020
This is an Open Access article distributed under the terms of the Creative Commons Attribution License 4.0, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
