globus online globus nexus
play

globus online Globus Nexus Steve Tuecke Computation Institute - PowerPoint PPT Presentation

Sep 15, 2023 •752 likes •1k views

globus online Globus Nexus Steve Tuecke Computation Institute University of Chicago and Argonne National Laboratory Computation Institute (CI) Apply to challenging problems Accelerate Promulgate by building the via new educational research

  1. globus online Globus Nexus Steve Tuecke Computation Institute University of Chicago and Argonne National Laboratory

  2. Computation Institute (CI) Apply to challenging problems Accelerate Promulgate by building the via new educational research cloud methods www.globusonline.org

  3. Apply computation: Examples Create better models ASC FLASH Understand for climate & energy supernovae to CIM-EART CIM-EARTH policy measure universe Extract Explain meaning cellular from CMTS structur Center for multiscale theory and simulation scientific DTI for TBI Map human images Diffusion tensor imaging knowledge in the Transform humanities and digital science media into ARTFL Conte Center www.globusonline.org art

  4. Accelerate discovery via research cloud Millions of researchers worldwide need advanced IT to tackle important and urgent problems The Research Cloud Accelerate discovery and innovation worldwide by providing research IT as a service www.globusonline.org

  6. Software-as-a-Service (SaaS) Why SaaS? Platform-as-a-Service (PaaS) Infrastructure-as-a-Service (IaaS) • Deliver advanced functionality that: – Requires no user software installation or operation • Minimal IT proficiency required – Can be cheaply and incrementally adopted • Usage-based subscription pricing; no big up-front costs – Consolidates troubleshooting and support • An expert group can proactively detect and correct problems – Utilizes an efficient software delivery lifecycle • Updates developed, tested and deployed quickly • Dominates commercial & consumer markets – What about the research market? www.globusonline.org

  7. Globus Transfer: For when you want to… • Transfer and synchronize files – Easy “fire-and-forget” transfers – Automatic fault recovery – High performance – Across multiple security domains • Minimize IT costs – Software as a Service (SaaS) • No client software installation • New features automatically available – Consolidated support & troubleshooting – Simple endpoint installation with Globus Connect and GridFTP >5,000 registered users, 6PB / 500M files transferred www.globusonline.org 7

  8. Globus Storage: For when you want to … • Place your data where you want • Access it from Globus Transfer, HTTP/REST, Desktop sync anywhere via different protocols • Update it, version it, Globus Storage and take snapshots volume • Share versions with who you want • Synchronize among National Campus Commercial research computin storage service locations center g center provider www.globusonline.org

  9. Globus Collaborate: For when you want to… Join with a few or many people to: • Share documents • Track tasks • Communicate • Share data • Work together With: • Common groups • Delegated management www.globusonline.org

  10. Software-as-a-Service (SaaS) PaaS for Research Platform-as-a-Service (PaaS) Infrastructure-as-a-Service (IaaS) • No one SaaS provider can deliver it all • Must create ecosystem that: – Allows any SaaS provider to easily participate – Dramatically reduces the cost of creating and operating services within the ecosystem – Provides seamless user experience across services – Agnostic to / works across any cloud IaaS provider – Integrates with (existing) research infrastructure • Ecosystem requires Platform as a Service – Target the unique needs of the research community www.globusonline.org 10

  11. Globus Integrate: For when you want to… • Integrate with the Globus research cloud ecosystem • Write programs that leverage: – user identities, profiles, groups (Globus Nexus) – data, compute and collaboration Globus Globus Globus Globus Transfer Storage Collaborate Compute Globus Connect Multi User Globus Integrate Globus Connect Globus Nexus Globus Toolkit … via REST APIs and command line programs www.globusonline.org

  12. Globus Nexus: For when you want to… Manage groups Manage profiles Manage identities www.globusonline.org 12

  13. Globus Nexus: Manage Identities • Nexus is a federated identity relying party – Multiple federated identities linked to Globus account – Supports: InCommon/CILogon, OpenID, MyProxy, OAuth for MyProxy • Nexus is a (federated) identity provider – Native or federated identity provider to Globus and 3 rd party services – User authenticates to Globus account with username/password or via 3 rd party federated identity provider – Uses OAuth 2 profile (future: SAML, OpenID?) • Auth provider for Globus REST APIs www.globusonline.org 13

  14. www.globusonline.org 14

  15. Globus Nexus use of OAuth 2 • User authentication – Web browser: • Globus account name and password • Federated identity providers linked to Globus account – Native application: • RSA (using SSL key) • X.509 client auth • Username/password (Globus account, SAML ECP?) • Client authentication using RSA (SSL key) – Globus account name is valid client id • Bearer access token for resource access www.globusonline.org 15

  16. Delegated X.509 credential management • Various (Globus) services require delegated X.509 client credentials to access resources • Nexus federated authentication supports X.509 credential retrieval from Oauth for MyProxy – Authenticate with OAuth – Use access token to get X.509 credentials – E.g., CILogon, GCMU, XSEDE • Nexus REST API allows authorized services (OAuth clients) to get credential www.globusonline.org 16

  17. Integration of new and old Step 1 Access Endpoints CILogon Redirect (OAuth) Globus Online (Hosted Service) Certificate 2 SAML Step 2 Step 7 Step 8 Transfer Step 3 Transfer request Redirect Username request InCommon password Certificate 1 Certificate 1 Certificate 2 IdP Globus Connect Multi ‐ User Step 4 Username MyProxy GridFTP password OAuth Online CA Step 11 Server GridFTP Server Certificate 1 certificates Campus Cluster PAM Server Authentication Step 6 & Data Transfer Step 10 Step 9 Step 5 Campus 2 Authorization Access files Username Certifficate 1 password Local Authentication System Local (LDAP, RADIUS, Kerberos etc) Storage www.globusonline.org

  18. www.globusonline.org 18

  19. OAuth client vs resource • Globus Transfer is – OAuth client to Globus Nexus – OAuth resource provider to 3 rd party client • Goal: Allow full participation by 3 rd parties – Use Globus Online services as OAuth client – Use Globus Nexus OAuth as resource server • How to implement resource servers as a relying party to the Nexus OAuth service? – OAuth is silent on resource and OAuth server interaction – Make it easy for SaaS developers to use Nexus OAuth www.globusonline.org 19

  20. Delegated, scoped OAuth access • Ecosystem of communicating services – Any service can be client to any other service’s resource – Communication may be chained: user->s1->s2->s3 • Use OAuth scope to limit resources accessible by an access token – Must maintain scope dependency tree • Delegation: client1 delegating to client2 – Bearer access token can be passed from client1 to client2 for full delegation – Or, allow client1 access token to be used to retrieve a new authorization code with narrow scope that is passed to client2, which client2 uses to get its own access token www.globusonline.org 20

  21. Globus Nexus: Manage Groups • User centric group management – Create group – Set policies (e.g., visibility, admins) – Control admission workflows • Approach: – Keep identity issuance light-weight – Move vetting from identity creation to group admission – Allow each group to control own admission policy • REST APIs – Manage, query, etc. – Import/export (into specified identity namespace) www.globusonline.org 21

  22. Globus Nexus: Manage User Profiles • Attribute/value information associated with Globus account • Group admission can require an extensible set of attributes, which are drawn from and stored in the user profile • REST APIs • Future: Integrate with SAML attribute release and social network profiles www.globusonline.org 22

  23. Domestication • Goal: Common tools should be able to leverage federated identities, groups, profiles – Wikis, issue tracking, science gateways, etc. • Community effort to domesticate applications and services? • What APIs? – Identity: OAuth 2, SAML?, X.509 certs? – Groups: LDAP? REST? – Profile: OpenID Connect? www.globusonline.org 23

  24. For More Information • Visit https://www.globusonline.org/signup to: – Get a free account and start moving files • Visit www.globusonline.org for: – Tutorials, FAQs, Pro Tips, Troubleshooting – Papers, Case Studies • Contact support@globusonline.org for: – Help getting started & using the service • Follow us at @globusonline on Twitter and Globus Online on Facebook www.globusonline.org 24

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Hands On Exercises for Globus Online Command Line Interface IGE Globus Online Tutorial EGI

Hands On Exercises for Globus Online Command Line Interface IGE Globus Online Tutorial EGI

Hands On Exercises for Globus Online Command Line Interface IGE Globus Online Tutorial EGI Community Forum 2013, Manchester, April 9, 2013 Trainers: S. Tuecke, M. Hoffman, I. Muntean Setup: Add your public key to your identities in Globus

56 views • 3 slides
globus online Globus Online Reliable File Transfer. No IT Required. September 20, 2011 Steve

globus online Globus Online Reliable File Transfer. No IT Required. September 20, 2011 Steve

globus online Globus Online Reliable File Transfer. No IT Required. September 20, 2011 Steve Tuecke , Deputy Director, Computation Institute University of Chicago and Argonne National Laboratory Big science has achieved big successes OSG:

602 views • 22 slides
globus online Simplify big data sharing with Globus Online Steve Tuecke Computation Institute

globus online Simplify big data sharing with Globus Online Steve Tuecke Computation Institute

globus online Simplify big data sharing with Globus Online Steve Tuecke Computation Institute University of Chicago and Argonne National Laboratory The Challenge: Moving and Sharing Big Data Easily What should be trivial I need my

459 views • 14 slides
Update on the Globus Transition FEARLESS SCIENCE Reminder: Where are we coming from? In 2017,

Update on the Globus Transition FEARLESS SCIENCE Reminder: Where are we coming from? In 2017,

Update on the Globus Transition FEARLESS SCIENCE Reminder: Where are we coming from? In 2017, the Globus organization announced the From May 2017 Globus end-of-support for the Globus Toolkit. Globus Toolkit provides the reference

486 views • 9 slides
Grid Computing with Debian, Globus Grid Computing with Debian, Globus and ARC and ARC Mattias

Grid Computing with Debian, Globus Grid Computing with Debian, Globus and ARC and ARC Mattias

Grid Computing with Debian, Globus Grid Computing with Debian, Globus and ARC and ARC Mattias Ellert, Uppsala Universitet (.se) Steffen Mller, Universitt zu Lbeck (.de) Anders Wnnen, Niels Bohr Institutet (.dk) Grid Computing

514 views • 17 slides
11/4/16 Disclosures Consultant: Globus, Medtronic, Orthofix Adult Deformity: When to Consider

11/4/16 Disclosures Consultant: Globus, Medtronic, Orthofix Adult Deformity: When to Consider

11/4/16 Disclosures Consultant: Globus, Medtronic, Orthofix Adult Deformity: When to Consider a Royalty: Globus Smaller Procedure Dean Chou, M.D. Professor of Neurosurgery The UCSF Spine Center University of California San Francisco

324 views • 20 slides
iRODS + Globus Vas Vasiliadis vas@uchicago.edu iRODS User Group Meeting June 11, 2020

iRODS + Globus Vas Vasiliadis vas@uchicago.edu iRODS User Group Meeting June 11, 2020

iRODS + Globus Vas Vasiliadis vas@uchicago.edu iRODS User Group Meeting June 11, 2020 Globus is a non-profit data management service developed and operated by Globus conceptual architecture Data Transfer Node(s) Other Data

379 views • 6 slides
Globus Toolkit Support Transition Derek Simmel <dsimmel@psc.edu> TAGPMA Chair 41 st

Globus Toolkit Support Transition Derek Simmel <dsimmel@psc.edu> TAGPMA Chair 41 st

T h e A m e r i c a s G r i d Policy Management Authority Globus Toolkit Support Transition Derek Simmel <dsimmel@psc.edu> TAGPMA Chair 41 st EUGridPMA / IGTF All-Hands Meeting September 25-27, 2017 JISC, Manchester, England Globus

98 views • 6 slides
Globus Online Tutorial Hands On Session Trainers Matthias Hofmann , Technische Universitaet

Globus Online Tutorial Hands On Session Trainers Matthias Hofmann , Technische Universitaet

Globus Online Tutorial Hands On Session Trainers Matthias Hofmann , Technische Universitaet Dortmund, Germany (matthias.hofmann@tu dortmund.de) Ioan Lucian Muntean , Technical University of Cluj Napoca, Romania

460 views • 5 slides
LCMAPS (and VOMS) integration for Globus services D. H. van Dok (Nikhef) and M. Sall (Nikhef)

LCMAPS (and VOMS) integration for Globus services D. H. van Dok (Nikhef) and M. Sall (Nikhef)

LCMAPS (and VOMS) integration for Globus services D. H. van Dok (Nikhef) and M. Sall (Nikhef) 2013-04-09 LCMAPS (and VOMS) integration for Globus services This is a demonstration of the installation of Globus services with VOMS based

203 views • 19 slides
Data Transfers in the Grid: Data Transfers in the Grid: Workload Analysis of Globus Globus

Data Transfers in the Grid: Data Transfers in the Grid: Workload Analysis of Globus Globus

Data Transfers in the Grid: Data Transfers in the Grid: Workload Analysis of Globus Globus GridFTP Workload Analysis of GridFTP Nicolas Kourtellis, Lydia Prieto, Gustavo Zarrate, Adriana Iamnitchi Adriana Iamnitchi Nicolas Kourtellis, Lydia

965 views • 27 slides
HEP Applications with Globus Virtual Workspaces Ian Gable , A. Agarwal, A. Charbonneau, R.

HEP Applications with Globus Virtual Workspaces Ian Gable , A. Agarwal, A. Charbonneau, R.

HEP Applications with Globus Virtual Workspaces Ian Gable , A. Agarwal, A. Charbonneau, R. Desmarais, R. Enge, D. Grundy, A. Norton, D. Penfold-Brown, R. Seuster, R.J. Sobie, D. C. Vanderster National Research Council of Canada, Ottawa, Ontario,

244 views • 20 slides
Cameron Berkley cameron.berkley@fsu.edu 150-B DSL 1 10/12/2016 What is Globus? 2 10/12/2016

Cameron Berkley cameron.berkley@fsu.edu 150-B DSL 1 10/12/2016 What is Globus? 2 10/12/2016

Cameron Berkley cameron.berkley@fsu.edu 150-B DSL 1 10/12/2016 What is Globus? 2 10/12/2016 Managed File T ransfer Ease of Use Reliable, Fire and Forget Parallelism and Concurrency Secure Notifjciations Performance Monitoring

642 views • 21 slides
An Extended Design of the Grid Enabled SEE++ System Based on Globus Toolkit 4 and gLite

An Extended Design of the Grid Enabled SEE++ System Based on Globus Toolkit 4 and gLite

Enabling Grids for E-sciencE An Extended Design of the Grid Enabled SEE++ System Based on Globus Toolkit 4 and gLite Authors: K. Bosa, W. Schreiner, T. Kaltofen, M. Buchberger Research Institute For Symbolic Computation (RISC), Johannes

100 views • 9 slides
Complications in Adult Deformity Surgery Research/Institutional Support: NIH, AO Spine,

Complications in Adult Deformity Surgery Research/Institutional Support: NIH, AO Spine,

Disclosures Complications in Adult Deformity Surgery Research/Institutional Support: NIH, AO Spine, OREF, Globus Honoraria: Proximal Junctional Kyphosis: Medtronic, DePuy, Stryker, Globus Thoracolumbar and Cervicothoracic

376 views • 18 slides
Globus MEDICUS Standards Based Enterprise Architecture for Medical Image Publication, Discovery,

Globus MEDICUS Standards Based Enterprise Architecture for Medical Image Publication, Discovery,

Globus MEDICUS Standards Based Enterprise Architecture for Medical Image Publication, Discovery, and Archiving in HealthGrids Stephan G. Erberich, Ann Chervenak, Robert Schuler, Laura Pearlman, Jonathan C. Silverstein, Carl Kesselman 2

803 views • 37 slides
Using Globus at NCAR Brian Vanderwende CISL Consulting Services February 20, 2020 This material

Using Globus at NCAR Brian Vanderwende CISL Consulting Services February 20, 2020 This material

Using Globus at NCAR Brian Vanderwende CISL Consulting Services February 20, 2020 This material is based upon work supported by the National Center for Atmospheric Research, which is a major facility sponsored by the National Science Foundation

325 views • 19 slides
Impatient for impact Hungry to learn Scrappy by design Test into success

Impatient for impact Hungry to learn Scrappy by design Test into success

Impatient for impact Hungry to learn Scrappy by design Test into success Centered in community Powered by partners Ag-Science Cooking, Gardening & Apprenticeships Nutrition Classes Out-of-School Farmers

317 views • 18 slides
Creati tion Revel elat ation God is in the detai ails Thy word is true from the beginni ning

Creati tion Revel elat ation God is in the detai ails Thy word is true from the beginni ning

Creati tion Revel elat ation God is in the detai ails Thy word is true from the beginni ning ng: and every one of thy righteous judgme ment nts endureth forever. Psalm 119: 9:160 Free Subscription: RTozier@creationrevelation.org; Tel

1.56k views • 141 slides
MOLSON COORS Q3 & YTD 2017 EARNINGS NOVEMBER 1, 2017 1 FORWARD LOOKING STATEMENTS This

MOLSON COORS Q3 & YTD 2017 EARNINGS NOVEMBER 1, 2017 1 FORWARD LOOKING STATEMENTS This

MOLSON COORS Q3 & YTD 2017 EARNINGS NOVEMBER 1, 2017 1 FORWARD LOOKING STATEMENTS This presentation includes estimates or projections that constitute forward - looking statements within the meaning of the U.S. federal securities laws.

303 views • 26 slides
Globus for Administrators and Users Tutorial 14 th EGICF 2014 Ioan Lucian Muntean, Matthias

Globus for Administrators and Users Tutorial 14 th EGICF 2014 Ioan Lucian Muntean, Matthias

Globus for Administrators and Users Tutorial 14 th EGICF 2014 Ioan Lucian Muntean, Matthias Hofmann Technical University of Cluj-Napoca, Technische Universit at Dortmund May 23rd, 2014 Ioan.Lucian.Muntean@cs.utcluj.ro,

1.19k views • 71 slides
Outsourcing IT complexity Moving Ultraviz management from the

Outsourcing IT complexity Moving Ultraviz management from the

Outsourcing IT complexity Moving Ultraviz management from the laboratory to the cloud Ian Foster A story of modern science

400 views • 26 slides
Data Management and Best Practices for Data Movement Craig Steffen BW SEAS (User Support) Team

Data Management and Best Practices for Data Movement Craig Steffen BW SEAS (User Support) Team

June 6, 2019 Data Management and Best Practices for Data Movement Craig Steffen BW SEAS (User Support) Team The most important resource on Blue Waters: Web Portal (bluewaters.ncsa.Illinois.edu) user guide: 1. Mouse over 2. Click on

587 views • 44 slides
DATA TRANSFER BETWEEN SCIENTIFIC FACILITIES -- BOTTLENECK ANALYSIS, INSIGHTS, AND OPTIMIZATIONS

DATA TRANSFER BETWEEN SCIENTIFIC FACILITIES -- BOTTLENECK ANALYSIS, INSIGHTS, AND OPTIMIZATIONS

CCGRID 2019, LARNACA, CYPRUS. 15 TH , MAY, 2019 DATA TRANSFER BETWEEN SCIENTIFIC FACILITIES -- BOTTLENECK ANALYSIS, INSIGHTS, AND OPTIMIZATIONS erhtjhtyhy NAGESWARA S.V. RAO YUANLAI LIU, ZHENGCHUN LIU, RAJKUMAR KETTIMUTHU, NAGESWARA S.V. RAO,

519 views • 20 slides

More recommend