Cargando…

Cloud bursting galaxy: federated identity and access management

MOTIVATION: Large biomedical datasets, such as those from genomics and imaging, are increasingly being stored on commercial and institutional cloud computing platforms. This is because cloud-scale computing resources, from robust backup to high-speed data transfer to scalable compute and storage, ar...

Descripción completa

Detalles Bibliográficos
Autores principales: Jalili, Vahid, Afgan, Enis, Taylor, James, Goecks, Jeremy
Formato: Online Artículo Texto
Lenguaje:English
Publicado: Oxford University Press 2020
Materias:
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6956780/
https://www.ncbi.nlm.nih.gov/pubmed/31197310
http://dx.doi.org/10.1093/bioinformatics/btz472
_version_ 1783487203433775104
author Jalili, Vahid
Afgan, Enis
Taylor, James
Goecks, Jeremy
author_facet Jalili, Vahid
Afgan, Enis
Taylor, James
Goecks, Jeremy
author_sort Jalili, Vahid
collection PubMed
description MOTIVATION: Large biomedical datasets, such as those from genomics and imaging, are increasingly being stored on commercial and institutional cloud computing platforms. This is because cloud-scale computing resources, from robust backup to high-speed data transfer to scalable compute and storage, are needed to make these large datasets usable. However, one challenge for large-scale biomedical data on the cloud is providing secure access, especially when datasets are distributed across platforms. While there are open Web protocols for secure authentication and authorization, these protocols are not in wide use in bioinformatics and are difficult to use for even technologically sophisticated users. RESULTS: We have developed a generic and extensible approach for securely accessing biomedical datasets distributed across cloud computing platforms. Our approach combines OpenID Connect and OAuth2, best-practice Web protocols for authentication and authorization, together with Galaxy (https://galaxyproject.org), a web-based computational workbench used by thousands of scientists across the world. With our enhanced version of Galaxy, users can access and analyze data distributed across multiple cloud computing providers without any special knowledge of access/authorization protocols. Our approach does not require users to share permanent credentials (e.g. username, password, API key), instead relying on automatically generated temporary tokens that refresh as needed. Our approach is generalizable to most identity providers and cloud computing platforms. To the best of our knowledge, Galaxy is the only computational workbench where users can access biomedical datasets across multiple cloud computing platforms using best-practice Web security approaches and thereby minimize risks of unauthorized data access and credential use. AVAILABILITY AND IMPLEMENTATION: Freely available for academic and commercial use under the open-source Academic Free License (https://opensource.org/licenses/AFL-3.0) from the following Github repositories: https://github.com/galaxyproject/galaxy and https://github.com/galaxyproject/cloudauthz.
format Online
Article
Text
id pubmed-6956780
institution National Center for Biotechnology Information
language English
publishDate 2020
publisher Oxford University Press
record_format MEDLINE/PubMed
spelling pubmed-69567802020-01-16 Cloud bursting galaxy: federated identity and access management Jalili, Vahid Afgan, Enis Taylor, James Goecks, Jeremy Bioinformatics Original Papers MOTIVATION: Large biomedical datasets, such as those from genomics and imaging, are increasingly being stored on commercial and institutional cloud computing platforms. This is because cloud-scale computing resources, from robust backup to high-speed data transfer to scalable compute and storage, are needed to make these large datasets usable. However, one challenge for large-scale biomedical data on the cloud is providing secure access, especially when datasets are distributed across platforms. While there are open Web protocols for secure authentication and authorization, these protocols are not in wide use in bioinformatics and are difficult to use for even technologically sophisticated users. RESULTS: We have developed a generic and extensible approach for securely accessing biomedical datasets distributed across cloud computing platforms. Our approach combines OpenID Connect and OAuth2, best-practice Web protocols for authentication and authorization, together with Galaxy (https://galaxyproject.org), a web-based computational workbench used by thousands of scientists across the world. With our enhanced version of Galaxy, users can access and analyze data distributed across multiple cloud computing providers without any special knowledge of access/authorization protocols. Our approach does not require users to share permanent credentials (e.g. username, password, API key), instead relying on automatically generated temporary tokens that refresh as needed. Our approach is generalizable to most identity providers and cloud computing platforms. To the best of our knowledge, Galaxy is the only computational workbench where users can access biomedical datasets across multiple cloud computing platforms using best-practice Web security approaches and thereby minimize risks of unauthorized data access and credential use. AVAILABILITY AND IMPLEMENTATION: Freely available for academic and commercial use under the open-source Academic Free License (https://opensource.org/licenses/AFL-3.0) from the following Github repositories: https://github.com/galaxyproject/galaxy and https://github.com/galaxyproject/cloudauthz. Oxford University Press 2020-01-01 2019-06-14 /pmc/articles/PMC6956780/ /pubmed/31197310 http://dx.doi.org/10.1093/bioinformatics/btz472 Text en © The Author(s) 2019. Published by Oxford University Press. http://creativecommons.org/licenses/by/4.0/ This is an Open Access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted reuse, distribution, and reproduction in any medium, provided the original work is properly cited.
spellingShingle Original Papers
Jalili, Vahid
Afgan, Enis
Taylor, James
Goecks, Jeremy
Cloud bursting galaxy: federated identity and access management
title Cloud bursting galaxy: federated identity and access management
title_full Cloud bursting galaxy: federated identity and access management
title_fullStr Cloud bursting galaxy: federated identity and access management
title_full_unstemmed Cloud bursting galaxy: federated identity and access management
title_short Cloud bursting galaxy: federated identity and access management
title_sort cloud bursting galaxy: federated identity and access management
topic Original Papers
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6956780/
https://www.ncbi.nlm.nih.gov/pubmed/31197310
http://dx.doi.org/10.1093/bioinformatics/btz472
work_keys_str_mv AT jalilivahid cloudburstinggalaxyfederatedidentityandaccessmanagement
AT afganenis cloudburstinggalaxyfederatedidentityandaccessmanagement
AT taylorjames cloudburstinggalaxyfederatedidentityandaccessmanagement
AT goecksjeremy cloudburstinggalaxyfederatedidentityandaccessmanagement