biodiversity virtual e-laboratory (biovel): athentication & authorisation
DESCRIPTION
A 5 minutes lightning talk about standards based approach to authentication and authorization of RESTful web services using OAuth et al. It shows how OAuth web services can be called by taverna workflow. Presented at Biodiversity Informatics Horizon 2013 conference (see http://conference.lifewatch.unisalento.it/index.php/EBIC/BIH2013)TRANSCRIPT
Biodiversity Virtual e-Laboratory:
Authentication & AuthorizationProject OverviewBioVeL is an e-laboratory that supports research on biodiversity using large amounts of data from cross-disciplinary sources.
Why Authentication & Authorization?
• Accounting– Who is using which service
• Resource Limitation– e.g. only one metagenomics workflow execution
at a time
Authentication: User login
• Standard login• Google• Facebook• Twitter• Generic OpenID
Authentication: Web Service
• OAuth– Dot.com support
• Google, Facebook, LinkedIn etc.
• Widely used • Higher likelihood to find
experienced developer
OAuth: Secured Workflow
• Slice of secured metagenomics workflow:
Open Source Solution
• Role based data model• Modules
– Security API (access to data model)– Security Filter – Application Manager– User and Rights Management
• Documentation:• https://colab.mpi-bremen.de/wiki/display/microb3
• Source code:• https://colab.mpi-bremen.de/micro-b3/svn/megx.net/trunk/
https://colab.mpi-bremen.de/wiki/x/uQAp
Summary
• Keep it simple– Authentication & Authorization solutions are
use case specific• Re-use and fit existing solutions• OAuth
– Widely used– Solves Web Service based Authentication– Works nicely with Taverna
Video Demo
Thanks
• BioVeL– Workflows and Services
• Micro B3– Security and user management
Organizational:Online User Work Space
• Simple WebDav Server– OSGI based– Jackrabbit content
repository– No more features
Features for Users
User Profile
Profile Editing
User Management
Add User
Group/Roles Managment
Group Roles Editing
Web Resource Management
Protected Resource
Use Case
https://colab.mpi-bremen.de/wiki/x/_4Aa
Source code & Documentation
• Documentation:• https://colab.mpi-bremen.de/wiki/display/microb3
• Source code:• https://colab.mpi-bremen.de/micro-b3/svn/megx.net/trunk/
• This presentation by Renzo Kottmann is licensed under a
Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported
License